Job Description
PKI Security & Governance Specialist
Overview
We are looking for a highly skilled and experienced PKI Security & Governance Specialist to help us:
Define, implement, and maintain the security strategy, design, requirements, and controls for mission-critical PKI infrastructures, aligned with the transition to post-quantum cryptography (PQC) and related crypto-agility needs
Establish, operate, and maintain a comprehensive governance framework, including the development of certificate policies and practice statements, as well as oversight of critical PKI processes such as root key ceremonies
Develop, implement, and regularly update robust incident response and recovery procedures to safeguard the integrity and trustworthiness of the PKI
Ensure sustained compliance with relevant regulations and industry standards, support audit reviews and risk assessments, and proactively monitor the evolving regulatory landscape
Act as a subject matter expert on PKI security, governance, and compliance, providing authoritative guidance and keeping the organization informed of emerging trends, technologies, and best practices in the PKI domain
Manage stakeholders and closely collaborate with IT and Operations teams responsible for deploying and operating PKI infrastructures, ensuring alignment with security and governance requirements
Qualifications
Strong background in cybersecurity, with at least 10 years of professional experience in PKI security and governance, particularly for mission-critical infrastructures
In-depth PKI expertise, including X.509 digital certificates, certificate revocation lists, key management, hardware security modules, digital signatures, and non-repudiation
Proven experience in developing, implementing, and managing comprehensive PKI governance frameworks, policies, and procedures
In-depth understanding of industry regulations and compliance standards relevant to PKI
Technical proficiency and hands-on experience with Certification Authorities (CAs) and certificate lifecycle management technologies
Knowledge of classical and post-quantum cryptography (PQC), asymmetric algorithms, and related cryptographic protocols and standards
Excellent written and verbal communication skills, with the ability to clearly explain complex technical concepts to non-experts and senior stakeholders
Demonstrated drive, dynamism, and a strong focus on achieving results, with a proven ability to effectively handle high-stakes, mission-critical projects
Skills
PKI Regulations & Compliance
Delivery & Results Orientation
Demonstrated drive, dynamism, and strong focus on achieving results, with the ability to handle high-stakes, mission-critical projects
Experience: 15 years
Level: Expert (10+)
PKI Governance Frameworks
Experience in developing, implementing, and managing comprehensive PKI governance frameworks, policies, and procedures
Experience: 15 years
Level: Expert (10+)
Communication Skills
PKI Technical Expertise
In-depth knowledge of X.509 certificates, CRLs, key management, HSMs, digital signatures, and non-repudiation
Experience: 15 years
Level: Expert (10+)
Cryptography (Classical & PQC)
PKI Security & Governance Experience
Cybersecurity Background
Certification Authorities & Lifecycle Management
