Qode
Job Title: Senior PKI/Venafi Architect
Location:
Remote
Employment Type:
Full-Time
Experience Level:
12+ Years
Job Summary:
We are seeking a highly experienced and strategic
Senior PKI/Venafi Architect
with deep expertise in
Venafi ,
PKI-DSS architecture ,
cryptography mechanisms , and
cloud environments . This is a critical, greenfield opportunity to lead end-to-end
discovery, design, implementation, and support
of enterprise-grade PKI and certificate lifecycle management solutions. Ideal candidates will have a strong architectural background and proven success in delivering secure, scalable, and compliant cryptographic infrastructures across hybrid cloud environments.
Key Responsibilities: Lead the
architecture, engineering, and integration
of Public Key Infrastructure (PKI) and certificate management systems using
Venafi Trust Protection Platform . Drive all phases of the project lifecycle:
discovery, design, implementation, support , and optimization. Develop enterprise
PKI-DSS (Public Key Infrastructure - Data Security Standards)
aligned with compliance, audit, and security frameworks. Architect secure, scalable cryptographic solutions involving
digital certificates, TLS/SSL, key management, encryption mechanisms , and secure protocols. Oversee integration of PKI and cryptographic services with
cloud platforms (AWS, Azure, GCP)
and DevSecOps toolchains. Define and enforce policies for
certificate lifecycle management , including issuance, renewal, rotation, and revocation. Partner with security, infrastructure, and application teams to ensure secure adoption of cryptographic services. Evaluate emerging technologies, contribute to
security roadmap , and continuously improve cryptographic posture. Required Qualifications:
12+ years of experience in
Information Security Architecture , with at least 5 years specializing in
PKI, certificate management, and cryptography . Hands-on experience with
Venafi Trust Protection Platform
- policy configuration, workflow setup, agent integrations, etc. Strong understanding of
PKI architecture ,
CA hierarchy , HSMs, OCSP, CRLs, and key protection mechanisms. Deep knowledge of
cryptographic standards
(RSA, ECC, AES, SHA, TLS/SSL, etc.) and security protocols. Experience in deploying PKI/certificate solutions in
cloud (AWS, Azure, GCP)
and hybrid environments. Proven track record of working as an
Architect , leading security design sessions, risk assessments, and solution implementations. Strong scripting or automation skills (e.g., PowerShell, Python, REST APIs) for certificate lifecycle automation. Familiarity with security frameworks like NIST, ISO 27001, PCI-DSS, and regulatory compliance. Preferred Qualifications:
Venafi or other relevant certifications. Experience with HSMs (Thales, SafeNet, AWS CloudHSM).
Location:
Remote
Employment Type:
Full-Time
Experience Level:
12+ Years
Job Summary:
We are seeking a highly experienced and strategic
Senior PKI/Venafi Architect
with deep expertise in
Venafi ,
PKI-DSS architecture ,
cryptography mechanisms , and
cloud environments . This is a critical, greenfield opportunity to lead end-to-end
discovery, design, implementation, and support
of enterprise-grade PKI and certificate lifecycle management solutions. Ideal candidates will have a strong architectural background and proven success in delivering secure, scalable, and compliant cryptographic infrastructures across hybrid cloud environments.
Key Responsibilities: Lead the
architecture, engineering, and integration
of Public Key Infrastructure (PKI) and certificate management systems using
Venafi Trust Protection Platform . Drive all phases of the project lifecycle:
discovery, design, implementation, support , and optimization. Develop enterprise
PKI-DSS (Public Key Infrastructure - Data Security Standards)
aligned with compliance, audit, and security frameworks. Architect secure, scalable cryptographic solutions involving
digital certificates, TLS/SSL, key management, encryption mechanisms , and secure protocols. Oversee integration of PKI and cryptographic services with
cloud platforms (AWS, Azure, GCP)
and DevSecOps toolchains. Define and enforce policies for
certificate lifecycle management , including issuance, renewal, rotation, and revocation. Partner with security, infrastructure, and application teams to ensure secure adoption of cryptographic services. Evaluate emerging technologies, contribute to
security roadmap , and continuously improve cryptographic posture. Required Qualifications:
12+ years of experience in
Information Security Architecture , with at least 5 years specializing in
PKI, certificate management, and cryptography . Hands-on experience with
Venafi Trust Protection Platform
- policy configuration, workflow setup, agent integrations, etc. Strong understanding of
PKI architecture ,
CA hierarchy , HSMs, OCSP, CRLs, and key protection mechanisms. Deep knowledge of
cryptographic standards
(RSA, ECC, AES, SHA, TLS/SSL, etc.) and security protocols. Experience in deploying PKI/certificate solutions in
cloud (AWS, Azure, GCP)
and hybrid environments. Proven track record of working as an
Architect , leading security design sessions, risk assessments, and solution implementations. Strong scripting or automation skills (e.g., PowerShell, Python, REST APIs) for certificate lifecycle automation. Familiarity with security frameworks like NIST, ISO 27001, PCI-DSS, and regulatory compliance. Preferred Qualifications:
Venafi or other relevant certifications. Experience with HSMs (Thales, SafeNet, AWS CloudHSM).