Talent.com
This job offer is not available in your country.
PKI Digital Certification with (Venafi / Primekey / Keyfactor / EJBCA)

PKI Digital Certification with (Venafi / Primekey / Keyfactor / EJBCA)

Randstad IndiaGreater Hyderabad Area, India
15 days ago
Job description

Overall - At least 8+ years of experience in performing Digital Certificate Management Operations including :

1. Core PKI & Security Skills

  • Advanced understanding of X.509 certificates, CRLs, OCSP, and complex CA hierarchies (root, intermediate, issuing).
  • Expertise in certificate lifecycle management at scale, cross-certification, and trust model architectures.
  • Strong cryptographic knowledge including symmetric / asymmetric encryption, digital signatures, and hashing algorithms.
  • Proven experience with key management policies covering generation, escrow, rotation, and secure destruction.
  • Demonstrated ability to lead complex PKI operations and guide junior team members.
  • Excellent collaboration skills working with security, DevOps, infrastructure, and application teams.
  • Operationalize secure PKI systems integrated with IAM, SSO, MFA, and compliant with standards such as NIST, FIPS 140-2, and ISO 27001.
  • In-depth knowledge of networking protocols relevant to certificate distribution and validation : SSH, TLS / SSL, HTTPS, S / MIME, IPsec, VPNs, DNS, LDAP, HTTP.
  • Proven experience leveraging automation for certificate lifecycle management using scripting tools like PowerShell and Python

2. Tools & Technologies :

  • Hands-on experience with OpenSSL, Keytool, Certutil.
  • Familiarity with Microsoft AD CS, KeyFactor, Venafi, HashiCorp Vault, and EJBCA.
  • Experience managing Hardware Security Modules (HSMs) such as Thales and SafeNet.
  • ACME protocol for automated certificate lifecycle management

    • 3. Monitoring, Logging and Compliance :

  • Lead and Operationalize certificate expiration monitoring and alerting systems to prevent outages.
  • Maintain thorough logging and auditing of all certificate operations for security and compliance purposes.
  • Proven ability to troubleshoot complex certificate-related issues across diverse platforms.
  • Strong documentation skills to support audit readiness and operational transparency.

    • 4. Automation

  • Python with libraries like cryptography, pyOpenSSL, requests, subprocess for PKI automation and API integration.
  • PowerShell for Windows PKI environments (e.g., AD CS).
  • Bash scripting for Linux-based PKI tools and OpenSSL automation.
  • Java for working with PKI tools such as EJBCA and integrations like HashiCorp Vault.
  • Other automation tools : Ansible, Terraform, and CI / CD systems (GitHub Actions, Jenkins).
  • RESTful API integrations for DigiCert, HashiCorp Vault, and ACME protocol platforms.

    • Desirable skills :

  • Bachelor's or master's degree in computer science, mathematics, information systems, engineering, or cybersecurity.
  • Industry certifications such as CEH, CISSP, SANS and / or other relevant certifications
    • Create a job alert for this search

    Certification • Greater Hyderabad Area, India