Cyber - Public Key Infrastructure (PKI) & Active Directory Security Specialist

Cyber- Public Key Infrastructure (PKI) & Active Directory Security Specialist

Job Specification

Maersk is a $30bn organisation with 100,000 people that move 20% of the world’s trade, and the largest shipping and logistics company in the world. We are transforming our company into a global integrator of container logistics. This is a unique opportunity to help shape that journey and the future organisation. As part of this process, you will participate in a global IT transformation programme that will set the direction of the future business model for this large global organisation.

What We Offer

As an organisation with a global presence, joining Maersk is an exciting opportunity to work with people of diverse talents and backgrounds. We offer a fast‑paced, challenging, and truly international atmosphere with activities across Copenhagen, London, Charlotte, and India. The environment is dynamic with a focus on high performance, results, and respect for our employees.

You will have opportunities for continuous professional and personal development and the ability to strengthen your technical skills across PKI, directory services, and identity security. As a Public Key Infrastructure (PKI) Specialist, you will be part of a team responsible for rolling out and integrating various solutions into our IT landscape. You will work independently and with development teams and stakeholders in multiple locations.

Key Responsibilities

The Public Key Infrastructure (PKI) Specialist is responsible for driving the function towards successful technical delivery, leveraging both project programmes and operational support to increase capability and reduce risk. Responsibilities include reducing technical debt, making sensible technology trade‑offs, and ensuring implementation quality across PKI and identity‑related platforms.

Working closely with engineering, architecture, and product teams, you will help ensure designs are robust, secure, and operationally aligned. You will collaborate with organisational partners to remove impediments and simplify delivery across interdependent services.

As a PKI Specialist, you will report to the Senior Manager of Cryptography & Directory Services with the following tasks:

• Continuous service improvement: PKI is heavily used within Maersk, and you will improve its performance, health, and reliability daily.
• Performing daily service checks and fulfilling request tickets for DNS & PKI.
• Responding to Incidents and Major Incidents in a timely manner to drive resolution.
• Driving automation in certificate and key lifecycle management across Maersk.
• Extracting data and generating reports that highlight service improvements and risk reduction opportunities.
• Ensuring documentation and code meet high standards and align with engineering frameworks.
• Building strong partnerships with architects, designers, engineers, vendors, and industry experts.
• Developing scope definitions and solution designs aligned to best practice.
• Providing technical guidance to solution architects.
• Highlighting risks, dependencies, or issues that may impact delivery.
• Building trusted relationships with Product Owners and guiding technical investment decisions.
• Collaborating across teams to define efficient, cohesive implementation strategies.
• Sharing best practices and supporting the technical growth of the wider team.
• Participating in the evolution of engineering standards, patterns, and policies.

We Are Looking For

Experience & Technical Skills

PKI & Identity (Core Requirements)

• Minimum 5+ years working with Public Key Infrastructure (PKI), access management, and identity security.
• Proficient in day‑to‑day PKI administration and annual signing ceremonies.
• Experience with Certificate Lifecycle Management platforms (preferably Venafi).
• Deep understanding of Microsoft ADCS, enterprise trust models, template management, and PKI security.
• Strong understanding of identity and access management protocols and solutions.

Active Directory & GPO (Strengthened Requirements for This Role)

• Extensive hands‑on experience with Microsoft Active Directory infrastructure and security configuration.
• Strong understanding of GPOs including certificate auto‑enrolment, cryptographic policies, RDP certificate deployment, and server/workstation baselines.
• Experience troubleshooting complex interactions between AD, GPO, ADCS, and Windows clients.
• Experience reviewing and configuring delegation models, ACLs, auditing, and secure administration practices.

Additional Technical Skills

• Experience managing and configuring Hardware Security Modules (preferably Thales).
• Experience with public DNS, DNSSEC concepts, and domain validation.
• Highly skilled in writing clean, reusable, readable automation (PowerShell preferred).
• Strong knowledge of modern technology trends, PKI lifecycle evolution, and identity standards.
• Knowledge of cloud-based document management products.

Advantage If You Have

• Experience with Key Management Systems (preferably Entrust).
• Knowledge of Microsoft Identity Manager.
• Experience integrating systems via modern APIs (REST, MS Graph, Log Analytics).
• Knowledge of ITIL v4 and Root Cause Analysis methodology.

Ways of Working

(These remain unchanged, with light reinforcement for PKI/AD work where helpful)

• Passionate about PKI, authentication, authorisation, and identity security; keeps up with industry developments.
• Understands least privilege principles and secure delegation practices.
• Confident taking ownership of problems end‑to‑end.
• Highly motivated and calm under pressure.
• Eager to learn new technologies and understand their relevance to Maersk.
• Clear communicator capable of adjusting technical depth to the audience.
• Able to articulate technical and business risks effectively.
• Excellent documentation skills including Confluence, design documents (LLD/HLD), end‑user guides, and source‑control‑based documentation.
• Strong analytical problem-solving capabilities, especially in complex identity and certificate flows.
• Collaborative, innovative, fact-based, and outcome oriented.
• Works effectively in agile environments and contributes to the wider engineering community.

Leader of People

• Able to lead peer reviews of designs and implementations.
• Capable of inspiring and engaging team members to achieve shared goals.
• Acts as a role model in technical delivery, professionalism, and engineering discipline.

Maersk is committed to a diverse and inclusive workplace, and we embrace different styles of thinking. Maersk is an equal opportunities employer and welcomes applicants without regard to race, colour, gender, sex, age, religion, creed, national origin, ancestry, citizenship, marital status, sexual orientation, physical or mental disability, medical condition, pregnancy or parental leave, veteran status, gender identity, genetic information, or any other characteristic protected by applicable law. We will consider qualified applicants with criminal histories in a manner consistent with all legal requirements.

We are happy to support your need for any adjustments during the application and hiring process. If you need special assistance or an accommodation to use our website, apply for a position, or to perform a job, please contact us by emailing <.