PKI Management Engineer

Overview/ Job Responsibilities

We are seeking a highly skilled and motivated Public Key Infrastructure (PKI) Management Engineer to join our DHS CISA team. As a PKI Engineer, you will be responsible for the design, implementation, and maintenance of DHS CISA’s PKI systems. Your primary focus will be on ensuring the security, scalability, and reliability of our PKI infrastructure, which underpins our organization's digital certificate management, encryption, and authentication processes.

Responsibilities

• Design, implement, and maintain the organization's PKI infrastructure, including Certificate Authorities (CAs), Registration Authorities (RAs), and Certificate Revocation Lists (CRLs).
• Manage the lifecycle of digital certificates, from issuance to renewal and revocation, ensuring compliance with industry standards and security best practices.
• Collaborate with cross-functional teams to integrate PKI services into various applications, systems, and network environments.
• Troubleshoot and resolve issues related to certificate provisioning, validation, and chain of trust.
• Conduct regular audits and vulnerability assessments to identify potential security risks and recommend mitigation strategies.
• Stay updated with emerging PKI technologies, industry trends, and cryptographic protocols to enhance the organization's security posture.
• Provide expertise and guidance in PKI-related matters to internal teams and stakeholders.
• Participate in on-call rotations to address urgent PKI incidents and maintain high availability of PKI services.

Minimum Qualifications

• Bachelor's degree in Computer Science, Information Security, or related field (Master's preferred).• 3-7 years of proven experience as a PKI Engineer, Security Engineer, or similar role.• Strong understanding of cryptographic concepts, including encryption, digital signatures, and hashing algorithms.• Proficiency in deploying and managing PKI components such as CAs, RAs, and Online Certificate Status Protocol (OCSP) responders.• Familiarity with industry standards like X.509, SSL/TLS, and relevant RFCs.• Hands-on experience with PKI management tools and software, such as OpenSSL, Microsoft ADCS, or EJBCA.• Knowledge of network and security technologies, including firewalls, IDS/IPS, and network protocols.• Excellent problem-solving skills and the ability to work effectively in a collaborative team environment.• Professional certifications like CISSP, CompTIA Security+, or Certified PKI Professional (CPKI) are a plus.

Desired Qualifications

Must be able to provide proof of U.S. Citizenship and be able to obtain a DHS clearance with CISAOther Duties: Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

Clearance Preference:

• DHS EOD - 1st priority
• Any DHS badge + DoD Top Secret or Secret - 2nd choice
• DoD Secret or Top Secret + willingness to get EOD clearance - 3rd choice (it can take 45 days to obtain EOD clearance – work can only begin once the clearance is fully adjudicated)

About Sev1Tech LLC

Founded in 2010, Sev1Tech provides IT, engineering, and program management solutions delivery. Sev1Tech focuses on providing program and IT support services to critical missions across Federal and Commercial Clients. Our Mission is to Build better companies.  Enable better government. Protect our nation. Build better humans across the country.

Join the Sev1Tech family where you can achieve great accomplishments while fostering a satisfying and rewarding career progression.  Please apply directly through the website at: https://careers-sev1tech.icims.com/    #joinSev1tech

For any additional questions or to submit any referrals, please contact: recruiting@sev1tech.com

Sev1Tech is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.