Senior IT Security Engineer / PKI - Build and Improve (f/m/d)

Your area of work

Secure the future of Deutsche Börse Group by building and maintaining our critical PKI infrastructure. As a key member of the Security IT - Engineering team, you'll be responsible for the design, implementation, and operation of our next-generation PKI solution. This includes ensuring the confidentiality, integrity, and availability of digital certificates and cryptographic keys, enabling secure communication and transactions across the organization. Contribute to a challenging and rewarding environment where your expertise will have a direct impact on the security posture of a leading global organization.

Your Responsibilities

• Architect, design, and implement a robust and scalable PKI solution, including certificate authorities, registration authorities, and related components.
• Manage and maintain the PKI infrastructure, ensuring high availability and performance.
• Develop and implement policies and procedures for certificate issuance, revocation, and lifecycle management.
• Troubleshoot and resolve PKI-related issues, ensuring minimal downtime and disruption to business operations.
• Automate PKI tasks and processes using scripting and automation tools.
• Collaborate with other security teams to integrate PKI with existing security systems.
• Maintain comprehensive documentation in line with international Quality Management standards.
• Conduct regular security assessments and vulnerability scans of the PKI infrastructure.
• Stay abreast of industry best practices and emerging threats in the PKI landscape.
• Provide occasional on-call support (rotational basis).

Your Profile

• Deep understanding of PKI principles, concepts, and best practices.
• Extensive experience in designing, implementing, and managing PKI solutions using industry-standard tools and technologies.
• Experience with Hardware Security Modules (HSMs) and key management best practices.
• Solid understanding of X.509 certificates, CRLs, and OCSP.
• Experience with scripting and automation tools (e.g., BASH, Python, PowerShell, Ansible, Terraform).
• Strong problem-solving skills and an analytical mindset.
• Excellent communication and collaboration skills.
• Proficiency in written and spoken English.

Nice to have

• Experience in cloud infrastructures.
• Experience with cloud-based Encryption Keys Management.
• Experience with certificate lifecycle management tools.
• Knowledge of IT security standards and frameworks (e.g., ISO 27001, NIST).