Engineer, PKI

The Public Key Infrastructure (PKI) Engineer will be a key member of the new Versant Cyber organization and is responsible for designing, implementing, and maintaining the cryptographic infrastructure used to secure communications, authenticate identities, and protect data across digital systems. As this work is foundational to enabling secure operations across cloud, hybrid, and on-prem environments, this individual is a leader over the PKI discipline. RESPONSIBILITIES: Key areas of focus for the PKI Engineer include certificate lifecycle management through end-to-end automation of issuance, rotation, and revocation, maintenance of secure CA hierarchy and trust chains, and PKI integration with CI/CD pipelines, secrets stores, and signing tools. The successful candidate will be responsible for the following activities: Manage enterprise Certificate Authorities (CAs), including Root and Intermediate CAs (internal and third-party). Maintain Certificate Revocation Lists (CRLs) and Online Certificate Status Protocol (OCSP) services. Oversee the issuance, renewal, and revocation of user, device, service, and application certificates. Implement certificate lifecycle automation to reduce manual errors and expiry risk. Promote, foster, and advocate for an environment of collaboration, diversity, and inclusion.  Ensure systems adhere to industry best practices for encryption, signing, and key usage (e.g., RSA, ECC, SHA-2, TLS 1.2/1.3). Stay current with NIST guidelines, WebTrust requirements, and corporate cryptographic policies. Manage private key protection using Hardware Security Modules (HSMs), Trusted Platform Modules (TPMs), or cloud KMS. Ensure secure storage, usage, and backup of cryptographic materials. Investigate and remediate certificate-related outages or compromise scenarios (e.g., mass expiration, misissuance, stolen keys). Collaborate and drive productivity and effective integration with adjacent Versant Cyber functions and specifically the synergies required across the security stack and technology platforms.