Design and engage contractors to provision and maintain Public Key Infrastructure supporting X.509 certificate issuance and validation using AWS Private CA
Manage CA operations including certificate issuance, revocation, and renewal while configuring OCSP/CRL distribution points and Certificate Repository for validation processes
Ensure CA/CR availability, reliability, security, and performance in compliance with ISO27000, NIST standards and work with vendors to establish operational procedures and configurations
Plan and conduct periodic key ceremonies, backup restoration testing, and disaster recovery testing while developing automation for certificate lifecycle management
Troubleshoot PKI issues with service providers and stakeholders, maintain technical logs and monitoring, and support internal and external audits
Oversee procurement processes including vendor engagement, tender specifications, contract negotiations, and monitor SLA adherence and operational performance
Job Requirements:
Background in Computer Science, Information Systems, Information Technology, or related.
3 to 5 years of combined experience in PKI operations and engineering.
Solid knowledge of X.509 certificates, AWS Private CA, OCSP/CRL, key management and PKI standards would be advantageous to the candidate.
Strong skills in technical review, audit, and vendor oversight.
Certifications such as CISA, CISM or CISSP would be advantageous to the candidate.
