GMS - Staff - PKI

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

 

 

 

 

Managed Service – IAM MS – PKI (MS PKI / Venafi) Staff

 

The Security Analyst / Security Senior Analyst role will be primarily responsible for supporting the enterprise Public Key Infrastructure (PKI) systems, with a core focus on Microsoft Active Directory Certificate Services (ADCS) and Venafi Trust Protection Platform. This role involves collaboration with application owners, security leads, and infrastructure teams to ensure the secure issuance, lifecycle management, and compliance of digital certificates across the organization

 

 

Key Requirements / Responsibilities: 

 

• Assist in day-to-day operations of Microsoft PKI infrastructure, including the Root CA and Issuing CAs.
• Support certificate lifecycle management processes using Venafi, including discovery, issuance, renewal, and revocation.
• Manage certificate templates, CRL distribution, AIA locations, and related configurations for ADCS.
• Help automate certificate operations using PowerShell or Venafi workflows.
• Troubleshoot certificate enrollment issues across various platforms (Windows, Linux, network devices).
• Monitor PKI system health, certificate expiration, and potential vulnerabilities.
• Collaborate with application and platform teams to onboard services into Venafi for automated certificate management.
• Ensure compliance with cryptographic policies and audit requirements related to key usage and certificate issuance.
• Provide operational support during certificate-related incidents and outages.
• Participate in security assessments and internal audits involving PKI controls.

 

 

Qualifications:

 

Education:

 

• Bachelor or college degree in related field or equivalent work experience

.                   

Work Experience:  

                         

• 2-4 Years’ Experience

 

 

Skills Expertise

 

• Strong understanding of Microsoft PKI (ADCS), including Root and Issuing CA management, templates, key archival, and CRL management.
• Hands-on experience with Venafi Trust Protection Platform for certificate lifecycle  automation.
• Familiarity with TLS/SSL certificate standards (X.509), key algorithms, and security best practices.
• Understanding of certificate-based authentication mechanisms and their integration with enterprise platforms.
• Basic scripting knowledge (e.g., PowerShell) for certificate automation and reporting.
• Experience integrating Venafi with load balancers, web servers, and applications.
• Good troubleshooting skills for resolving certificate errors and enrollment failures.
• Effective communication and collaboration skills to engage with internal and external stakeholders.
• Strong attention to detail and documentation practices for audit readiness and governance.

 

 

Good to have:

 

• Familiarity with Key Management concepts, digital signatures, and HSMs.
• Knowledge of integrating PKI with platforms like ADFS, Azure AD, or VPN appliances.
• Understanding of Certificate Policy and Certificate Practice Statements (CP/CPS).

 

 

Certification:

 

• Azure Fundamental (Az-900) (Good to have)
• Venafi Certified Administrator (Good to have)
• Microsoft Identity and Access Administrator (Sc-300) (Good to have)

 

 

Work Requirements:

 

• Willingness to be on call support engineer and work occasional overtime as required
• Willingness to work in 24*7 rotational shifts as required

 

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.