Specialist Cybersecurity - Certificate Management Operations

Job Description:

Role: Specialist – Certificate Management Operations

About the Company:

Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it.

About the Job:

We are seeking a highly skilled and detail-oriented Digital Certificate Management Operations Specialist to join our Cybersecurity team. The ideal candidate will have deep functional and operational expertise in the Public Key Infrastructure (PKI), cryptography, and certificate lifecycle management to ensure the secure issuance, renewal, revocation, and overall management of digital certificates across the enterprise. This role will collaborate with developers, network engineers, and security teams to maintain a robust and compliant certificate ecosystem that supports secure communications and data protection. This role will have hands-on experience with relevant tools and compliance frameworks.

Experience Level: 5+ years.

Location: Hyderabad / Bengaluru

Responsibilities Include:

• Manage the full lifecycle of digital certificates including issuance, renewal, revocation, and replacement.
• Monitor certificate status and proactively address expirations to prevent service disruptions.
• Troubleshoot and resolve certificate-related issues across multiple platforms and applications.
• Automate certificate management processes using scripting languages and certificate management tools.
• Maintain accurate documentation of certificate inventories, configurations, and operational procedures.
• Collaborate closely with developers, security teams, network administrators, and other stakeholders to ensure secure and compliant certificate deployments.
• Ensure compliance with PKI best practices, industry standards, and regulatory requirements.
• Participate in periodic reviews / checks and respond to certificate management-related queries.
• Stay current with emerging trends, threats, and technologies in digital certificate management.
• Support incident response efforts related to certificate compromise or misuse.
• Provide training and support to internal teams on certificate best practices.
• Attention to detail is crucial
• Should be flexible to provide coverage in US morning hours
• Should be flexible with shifts and supporting on weekends

Required skills:

• Overall - At least 5+ years of experience in performing Digital Certificate Management Operations including:

PKI Fundamentals

• Strong understanding of X.509 certificates, Certificate Authorities (CAs), and Registration Authorities (RAs).
• Experience with certificate lifecycle management: issuance, renewal, and revocation.
• Knowledge of Certificate Revocation Lists (CRLs) and Online Certificate Status Protocol (OCSP).
• Experience leveraging automation for certificate lifecycle management using scripting tools like PowerShell and Python

Cryptography

• Familiarity with symmetric and asymmetric encryption techniques.
• Understanding of hashing algorithms such as SHA-2 and SHA-3.
• Experience with key management and secure key storage practices.

Operating Systems

• Proficient with Windows Server environments, particularly Active Directory Certificate Services (AD CS).
• Working knowledge of Linux systems and open-source PKI tools like OpenSSL and EJBCA.

Networking & Protocols

• Expertise in SSH, TLS/SSL, HTTPS, S/MIME, IPsec, and VPNs.
• Understanding of DNS, LDAP, and HTTP protocols as they relate to certificate distribution and validation.

Tools & Technologies:

• Hands-on experience with OpenSSL, Keytool, Certutil.
• Familiarity with Microsoft AD CS, KeyFactor, Venafi, HashiCorp Vault, and EJBCA.
• Experience managing Hardware Security Modules (HSMs) such as Thales and SafeNet.
• Knowledge of ACME protocol for automated certificate issuance.
• Proficient in automation leveraging scripting languages such as Java, Python, PowerShell, and Bash/Shell scripting.

Security & Compliance Knowledge:

• Deep understanding of PKI best practices and standards, including NIST guidelines and RFC 5280.
• Proven ability to troubleshoot complex certificate-related issues across diverse platforms.
• Strong documentation skills to support audit readiness and operational transparency.
• Familiarity with compliance frameworks such as FIPS 140-2, GDPR, and HIPAA.

Desirable skills:

• Bachelor's or master's degree in computer science, mathematics, information systems, engineering, or cybersecurity. 
• Industry certifications such as CEH, CISSP, SANS and/or other relevant certifications
• Ability to prioritize individual/group work in a high-stress and time-bound environment
• Excellent communication, problem-solving, and analytical skills. 
• Ability to work independently and as part of a team.

Additional information (if any): 

• Should be flexible to provide coverage in US morning hours
• Should be flexible with shifts and supporting on weekends

#Cybersecurity

Weekly Hours:

40

Time Type:

Regular

Location:

IND:AP:Hyderabad / Argus Bldg 4f & 5f, Sattva, Knowledge City- Adm: Argus Building, Sattva, Knowledge City

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.