PKI Auditor- Active Secret Clearance

*** This role is contingent upon Contract Award***

The PKI Auditor will support cybersecurity and compliance oversight efforts led by JFHQ-DODIN by conducting audits and assessments of Public Key Infrastructure (PKI) implementations across DoD components. This position ensures adherence to DoD cybersecurity policy, PKI directives, and trusted certificate management practices to support secure, interoperable communications across the Department of Defense Information Network (DODIN).

Responsibilities:

• Perform technical and compliance audits of DoD PKI implementations, ensuring alignment with DoDI 8520.02, CNSS, DISA, and JFHQ-DODIN requirements.
• Evaluate issuance practices, certificate management procedures, and registration authority operations (RA/LRA) at DoD agencies.
• Review and assess documentation, audit logs, and system configurations related to certificate authorities (CAs), Registration Authorities (RAs), and Key Recovery operations.
• Validate compliance with NIST 800-53 controls, CNSSI 1300 series, CNSSI 4005/4006, and applicable DoD cybersecurity frameworks.
• Collect artifacts, evidence, and metrics to support operational readiness inspections and security assessments.
• Collaborate with Information System Security Officers (ISSOs), COMSEC personnel, and network defenders to evaluate the implementation and enforcement of PKI-related security controls.
• Provide remediation recommendations and risk mitigation strategies to correct audit deficiencies and control gaps.
• Assist in preparing reports for JFHQ-DODIN, DoD CIO, and Component Cybersecurity Service Providers (CSSPs).

Requirements

• Active Secret clearance (TS/SCI eligible preferred).
• Minimum 3–5 years of cybersecurity or PKI audit experience in DoD or federal environments.
• Strong working knowledge of DoD PKI architecture, including issuance, revocation, recovery, and certificate lifecycle processes.
• Familiarity with DoD and DISA policies: DoDI 8520.02, CNSSI 4005/4006, NIST 800-53, and RMF.
• Experience using tools such as eMASS, STIG Viewer, ACAS, Nessus, and log analysis platforms.
• Strong writing and analytical skills for audit report development and artifact documentation.
• DoD 8570 IAM Level I or IAT Level II certification required (e.g., Security+ CE, CAP, CISM, CISSP).

Preferred Qualifications:

• Experience supporting or auditing JFHQ-DODIN missions, CSSPs, or mission partner enclaves.
• Hands-on experience with PKI certificate issuance, KMI/EKMS systems, and RA validation workflows.
• Familiarity with SIPRNet enclave operations and cross-domain PKI authentication.
• Completion of DISA/JFHQ-DODIN or NSA PKI auditing or compliance training.

Benefits

Essential Network Security (ENS) Solutions, LLC is a service-disabled veteran owned, highly regarded IT consulting and management firm. ENS consults for the Department of Defense (DoD) and Intelligence Community (IC) providing innovative solutions in the core competency area of Identity, Credential and Access Management (ICAM), Software Development, Cyber and Network Security, System Engineering, Program/Project Management, IT support, Solutions, and Services that yield enduring results. Our strong technical and management experts have been able to maintain a standard of excellence in their relationships while delivering innovative, scalable and collaborative infrastructure to our clients.

Why ENS?

• Free Platinum-Level Medical/Dental/Vision coverage, 100% paid for by ENS
• 401k Contribution from Day 1
• PTO + 11 Paid Federal Holidays
• Long & Short Term Disability Insurance
• Group Term Life Insurance
• Tuition, Certification & Professional Development Assistance
• Workers’ Compensation
• Relocation Assistance