PKI Engineer – ServiceNow Certificate Management

Summary: The PKI Engineer – ServiceNow Certificate Management is responsible for administering a large-scale cloud-native enterprise's PKI and digital certificate management. This role involves collaborating with cross-skilled cloud engineers to enhance technology security and operations through automation. Key duties include managing various types of certificates, leading acquisition efforts, and ensuring compliance with security best practices. The position requires a strong understanding of PKI concepts and tools, as well as experience in certificate lifecycle management.

Key Responsibilities:

• Inventory, manage and administer certificates across various teams and use cases
• Lead efforts in the acquisition of new and renewal of existing certificates
• Create, review, and process all documentation needed for certificate requests, modifications, renovations or rekeys
• Maintain and administer any local Certificate Authority, and intermediary Certificate Authority
• Establish security best practices/upgrades and is responsible for the overall health of PKI Infrastructure
• Identify certificate management process and infrastructure gaps and implement process improvements
• Develop dashboards for alerting and monitoring certificate renewal, expiration, usage, etc.
• Participate in production support and on-call rotations
• Participate in incident management and contribute to associated retrospective/post-mortem as needed
• Participate in Agile Sprints and associated ceremonies

Key Skills:

• Strong understanding of PKI certificate management and lifecycle management toolsets
• Experience with Amazon Certificate Manager (ACM) and Azure Key Vault
• Hands-on experience with Certificate Authority Administration and Active Directory Certificate Services (ADCS)
• Expertise in PKI concepts (infrastructure & architecture)
• Good understanding of CMDB, ITOM, Event Management
• Understanding of Microsoft Active Directory, LDAP, WSUS, group policies, and DNS
• Knowledge of PKIX, PKCS, SSL, TLS, S/MIME standards
• Strong knowledge of build, release, and configuration management practices
• Experience with operational monitoring tools and scripting (Python, Java Scripting, PowerShell)
• Strong communication and collaboration skills

Salary (Rate): undetermined

City: undetermined

Country: United States

Working Arrangements: remote

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT