Senior PKI/CLM Consultant
Posted 1 week ago by Falcon Chase International
Negotiable
Undetermined
Hybrid
London (Hybrid with 1-2 days/week onsite), UK
Summary: The Senior CLM/PKI Consultant will play a pivotal role in an enterprise security transformation program, focusing on Certificate Lifecycle Management (CLM) and PKI modernization. This position requires a blend of consulting and stakeholder management skills, alongside hands-on expertise in PKI and digital certificates. Responsibilities include conducting assessments, evaluating CLM tools, and planning implementation roadmaps. Active SC clearance is a prerequisite for this role.
Key Responsibilities:
- Lead workshops to assess current certificate management processes, risks, and business requirements.
- Assess enterprise PKI and certificate environments including public/private CAs, TLS/SSL certificates, renewal processes, and monitoring.
- Define target-state CLM operating models, governance, workflows, and automation opportunities.
- Support evaluation and selection of CLM platforms such as Venafi, Keyfactor, AppViewX, DigiCert, or similar tools.
- Design and execute PoCs including integrations, testing, findings, and recommendations.
- Advise on certificate lifecycle processes including issuance, deployment, renewal, revocation, and private-key management.
- Identify automation opportunities across certificate management processes.
- Produce assessment documentation, tool scorecards, risks, dependencies, and implementation roadmaps.
- Work closely with security, infrastructure, cloud, application, and service-management teams.
Key Skills:
- Strong experience in CLM, PKI, digital certificates, and enterprise security environments.
- Good understanding of X.509 certificates, TLS/SSL, trust chains, root/intermediate CAs, and key-management principles.
- Experience with enterprise PKI platforms such as Microsoft AD CS and CLM tools like Venafi, Keyfactor, AppViewX, DigiCert, or Sectigo.
- Experience supporting certificate discovery, monitoring, alerting, renewal, and reporting processes.
- Good understanding of Windows, Linux, cloud platforms, web servers, load balancers, and network environments.
- Experience integrating certificate management solutions with ITSM, SIEM, monitoring, DevOps, and cloud platforms.
- Strong consulting, stakeholder-management, workshop facilitation, and documentation skills.
Salary (Rate): undetermined
City: London
Country: UK
Working Arrangements: hybrid
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Role Overview
We are looking for an experienced Senior CLM/PKI Consultant to support an enterprise security transformation programme focused on Certificate Lifecycle Management (CLM) and PKI modernisation.
The ideal candidate will combine strong consulting and stakeholder-management skills with hands-on expertise in PKI, digital certificates, CLM tooling, and enterprise infrastructure environments. The role will involve current-state assessments, CLM tool evaluation, PoC delivery, and implementation roadmap planning.
Active SC clearance is required
Key Responsibilities
- Lead workshops to assess current certificate management processes, risks, and business requirements.
- Assess enterprise PKI and certificate environments including public/private CAs, TLS/SSL certificates, renewal processes, and monitoring.
- Define target-state CLM operating models, governance, workflows, and automation opportunities.
- Support evaluation and selection of CLM platforms such as Venafi, Keyfactor, AppViewX, DigiCert, or similar tools.
- Design and execute PoCs including integrations, testing, findings, and recommendations.
- Advise on certificate lifecycle processes including issuance, deployment, renewal, revocation, and private-key management.
- Identify automation opportunities across certificate management processes.
- Produce assessment documentation, tool scorecards, risks, dependencies, and implementation roadmaps.
- Work closely with security, infrastructure, cloud, application, and service-management teams.
Required Skills & Experience
- Strong experience in CLM, PKI, digital certificates, and enterprise security environments.
- Good understanding of X.509 certificates, TLS/SSL, trust chains, root/intermediate CAs, and key-management principles.
- Experience with enterprise PKI platforms such as Microsoft AD CS and CLM tools like Venafi, Keyfactor, AppViewX, DigiCert, or Sectigo.
- Experience supporting certificate discovery, monitoring, alerting, renewal, and reporting processes.
- Good understanding of Windows, Linux, cloud platforms, web servers, load balancers, and network environments.
- Experience integrating certificate management solutions with ITSM, SIEM, monitoring, DevOps, and cloud platforms.
- Strong consulting, stakeholder-management, workshop facilitation, and documentation skills.
Desirable Skills
- Experience with AWS Certificate Manager, Azure Key Vault Certificates, or cloud certificate services.
- Experience with Kubernetes certificates, cert-manager, ingress certificates, or container-platform certificate automation.
- Knowledge of APIs, PowerShell, Python, Shell scripting, or Infrastructure as Code.
- Experience working within enterprise or regulated environments.
- Relevant security or cloud certifications preferred.