Consultant - Keyfactor AgileSec
Posted 3 days ago by GDH
Negotiable
Undetermined
Remote
Remote
Summary: This role involves managing and automating the entire certificate lifecycle and PKI infrastructure within large-scale production environments. The candidate will ensure continuous security and operational integrity of machine identities, cryptographic keys, and certificates, requiring hands-on experience in certificate management, automation, and troubleshooting in dynamic enterprise settings.
Key Responsibilities:
- Manage end-to-end certificate lifecycle processes including issuance, renewal, revocation, and rotation across multiple enterprise environments
- Develop and maintain automated workflows for certificate management integrated into CI/CD pipelines
- Operate and scale Public Key Infrastructure (PKI) environments, including internal CAs, trust stores, and related components
- Integrate Keyfactor or comparable PKI platforms with various tools such as GitHub Actions, Jenkins, Azure DevOps, AWS, Azure, F5, NGINX, IIS, and Kubernetes
- Troubleshoot and resolve TLS/SSL handshake failures, broken trust chains, and certificate expiration incidents
- Collaborate with engineering teams in an agile environment to implement security as code practices
- Monitor and improve certificate management processes to prevent outages and ensure security compliance
- Support production incident investigations related to certificates, encryption, and trust issues
- Document procedures, configurations, and incident resolutions to maintain operational clarity
- Continually evaluate and enhance automation strategies to improve scalability and visibility of machine identities
Key Skills:
- Proven experience managing PKI and certificate lifecycle management in production environments
- Strong hands-on experience with certificate automation and lifecycle processes
- In-depth understanding of TLS handshake mechanics, encryption methodologies, and certificate chains, including root and intermediate CAs
- Familiarity with CRL and OCSP protocols and their application in certificate validation
- Practical experience with Keyfactor or similar PKI platforms in enterprise settings
- Proficiency in scripting languages such as PowerShell or Python used for automation tasks
- Experience supporting and troubleshooting production security incidents involving certificates or encryption protocols
- Knowledge of integrating certificate management within CI/CD pipelines
- Understanding of cloud-native certificate services like AWS ACM and Azure Key Vault is advantageous
- Experience working with containerized environments (Kubernetes, ingress controllers) is preferred
- Ability to translate security requirements into effective, automated, and scalable solutions
- Strong problem-solving skills with a focus on real-world operational challenges
Salary (Rate): £85.71 hourly
City: undetermined
Country: undetermined
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Role Summary
This role involves managing and automating the entire certificate lifecycle and PKI infrastructure within large-scale production environments. The candidate will be responsible for ensuring continuous security and operational integrity of machine identities, cryptographic keys, and certificates. It requires a dedicated operator with hands-on experience in certificate management, automation, and troubleshooting in dynamic enterprise settings.
Responsibilities
- Manage end-to-end certificate lifecycle processes including issuance, renewal, revocation, and rotation across multiple enterprise environments
- Develop and maintain automated workflows for certificate management integrated into CI/CD pipelines
- Operate and scale Public Key Infrastructure (PKI) environments, including internal CAs, trust stores, and related components
- Integrate Keyfactor or comparable PKI platforms with various tools such as GitHub Actions, Jenkins, Azure DevOps, AWS, Azure, F5, NGINX, IIS, and Kubernetes
- Troubleshoot and resolve TLS/SSL handshake failures, broken trust chains, and certificate expiration incidents
- Collaborate with engineering teams in an agile environment to implement security as code practices
- Monitor and improve certificate management processes to prevent outages and ensure security compliance
- Support production incident investigations related to certificates, encryption, and trust issues
- Document procedures, configurations, and incident resolutions to maintain operational clarity
- Continually evaluate and enhance automation strategies to improve scalability and visibility of machine identities
Qualifications
- Proven experience managing PKI and certificate lifecycle management in production environments
- Strong hands-on experience with certificate automation and lifecycle processes
- In-depth understanding of TLS handshake mechanics, encryption methodologies, and certificate chains, including root and intermediate CAs
- Familiarity with CRL and OCSP protocols and their application in certificate validation
- Practical experience with Keyfactor or similar PKI platforms in enterprise settings
- Proficiency in scripting languages such as PowerShell or Python used for automation tasks
- Experience supporting and troubleshooting production security incidents involving certificates or encryption protocols
- Knowledge of integrating certificate management within CI/CD pipelines
- Understanding of cloud-native certificate services like AWS ACM and Azure Key Vault is advantageous
- Experience working with containerized environments (Kubernetes, ingress controllers) is preferred
- Ability to translate security requirements into effective, automated, and scalable solutions
- Strong problem-solving skills with a focus on real-world operational challenges
Publishing Pay Range: $82.27 - $85.71 hourly
This position is based in remote and requires the employee to work on-site.