Generali Italia
Platform Security Engineer - PKI & Cryptography
Generali Italia, Italy, New York, United States
We are looking for a highly skilled
Platform Security Engineer
with strong expertise in
Public Key Infrastructure (PKI) ,
Digital Certificates ,
Hardware Security Modules (HSMs) , and
Cryptography
to join our growing Platform Security team. The successful candidate will play a key role in designing, implementing, and managing security services that underpin our enterprise infrastructure and applications, ensuring trust, integrity, and compliance across our platforms. Key Responsibilities Design, deploy, and manage
PKI services , including root and subordinate Certificate Authorities (CAs) Oversee the lifecycle of
digital certificates
(issuance, renewal, revocation, automation) managing the
CLM solution
of the Group Administer and maintain
Hardware Security Modules (HSMs) , ensuring secure key storage and operations Support the management of
cryptographic solutions
(symmetric/asymmetric encryption, key management, signing, hashing) Collaborate with IT, DevOps, and application teams to integrate certificate and cryptography services into enterprise platforms and applications Define, enforce, and monitor compliance with internal security standards, industry best practices, and regulatory requirements (e.g., DORA, eIDAS, NIST, ISO 27001) Support audits and security assessments by providing evidence, documentation, and subject matter expertise Troubleshoot PKI, certificate, and cryptographic issues across multiple environments Research and evaluate emerging cryptographic technologies, standards, and trends Develop automation scripts and workflows to streamline PKI and certificate management Requirements Our ideal candidate will meet the following requirements: Bachelor's degree in Computer Science, Information Security, or related field (or equivalent professional experience) Proven experience with
PKI design, deployment, and operations
in enterprise environments Hands-on expertise with
digital certificates management
(SSL/TLS, client authentication, code signing, device certificates) Experience with
HSM administration
and key management best practices Strong knowledge of
cryptography principles
(RSA, ECC, AES, SHA, TLS protocols, key exchange mechanisms) Familiarity with
automation and scripting
(e.g., PowerShell, Python, Bash) for certificate lifecycle management Solid understanding of
security frameworks and compliance standards
(DORA, NIST, ISO, PCI DSS, eIDAS) Strong troubleshooting, problem-solving, and analytical skills Excellent communication skills and ability to work collaboratively across teams Nice to have: Experience with
cloud-native PKI and certificate management services Proficient in
SecOps
and
DevSecOps , integrating cryptographic services into security monitoring, incident response, and CI/CD pipelines, including PKI, certificate management, and cryptographic controls Knowledge of
DevOps and CI/CD environments
with certificate automation (e.g., HashiCorp Vault, cert-manager, ACME/Let's Encrypt) Certifications such as
CISSP, CISM, CCSP, Microsoft Certified: Security, Compliance, and Identity , or vendor-specific PKI/HSM certifications Familiarity with
zero trust architectures
and secure identity management Company Profile Generali is a major player in the global insurance industry - a strategic and highly important sector for the growth, development and welfare of modern societies. Over almost 200 years, we have built a multinational Group that is present in more than 60 countries, with 470 companies and nearly 80,000 employees. GOSP - Generali Operations Service Platform is a joint-venture between Generali and Accenture and provides IT and Procurement services to Generali Group companies. Our purpose is to accelerate the Group's innovation and digitization strategy through the Cloud and shared platforms. Based in Italy it has 6 branches across Europe and employs about 1.200 people.
#J-18808-Ljbffr
Platform Security Engineer
with strong expertise in
Public Key Infrastructure (PKI) ,
Digital Certificates ,
Hardware Security Modules (HSMs) , and
Cryptography
to join our growing Platform Security team. The successful candidate will play a key role in designing, implementing, and managing security services that underpin our enterprise infrastructure and applications, ensuring trust, integrity, and compliance across our platforms. Key Responsibilities Design, deploy, and manage
PKI services , including root and subordinate Certificate Authorities (CAs) Oversee the lifecycle of
digital certificates
(issuance, renewal, revocation, automation) managing the
CLM solution
of the Group Administer and maintain
Hardware Security Modules (HSMs) , ensuring secure key storage and operations Support the management of
cryptographic solutions
(symmetric/asymmetric encryption, key management, signing, hashing) Collaborate with IT, DevOps, and application teams to integrate certificate and cryptography services into enterprise platforms and applications Define, enforce, and monitor compliance with internal security standards, industry best practices, and regulatory requirements (e.g., DORA, eIDAS, NIST, ISO 27001) Support audits and security assessments by providing evidence, documentation, and subject matter expertise Troubleshoot PKI, certificate, and cryptographic issues across multiple environments Research and evaluate emerging cryptographic technologies, standards, and trends Develop automation scripts and workflows to streamline PKI and certificate management Requirements Our ideal candidate will meet the following requirements: Bachelor's degree in Computer Science, Information Security, or related field (or equivalent professional experience) Proven experience with
PKI design, deployment, and operations
in enterprise environments Hands-on expertise with
digital certificates management
(SSL/TLS, client authentication, code signing, device certificates) Experience with
HSM administration
and key management best practices Strong knowledge of
cryptography principles
(RSA, ECC, AES, SHA, TLS protocols, key exchange mechanisms) Familiarity with
automation and scripting
(e.g., PowerShell, Python, Bash) for certificate lifecycle management Solid understanding of
security frameworks and compliance standards
(DORA, NIST, ISO, PCI DSS, eIDAS) Strong troubleshooting, problem-solving, and analytical skills Excellent communication skills and ability to work collaboratively across teams Nice to have: Experience with
cloud-native PKI and certificate management services Proficient in
SecOps
and
DevSecOps , integrating cryptographic services into security monitoring, incident response, and CI/CD pipelines, including PKI, certificate management, and cryptographic controls Knowledge of
DevOps and CI/CD environments
with certificate automation (e.g., HashiCorp Vault, cert-manager, ACME/Let's Encrypt) Certifications such as
CISSP, CISM, CCSP, Microsoft Certified: Security, Compliance, and Identity , or vendor-specific PKI/HSM certifications Familiarity with
zero trust architectures
and secure identity management Company Profile Generali is a major player in the global insurance industry - a strategic and highly important sector for the growth, development and welfare of modern societies. Over almost 200 years, we have built a multinational Group that is present in more than 60 countries, with 470 companies and nearly 80,000 employees. GOSP - Generali Operations Service Platform is a joint-venture between Generali and Accenture and provides IT and Procurement services to Generali Group companies. Our purpose is to accelerate the Group's innovation and digitization strategy through the Cloud and shared platforms. Based in Italy it has 6 branches across Europe and employs about 1.200 people.
#J-18808-Ljbffr