Architect Design & Implem. Specialist
SWJ TECHNOLOGY · Greenville, SC · 3 wk ago
On-siteArt & CreativeFull-time
PURPOSE
This role leads the architecture, design, implementation, and management of enterprise-level Public Key Infrastructure (PKI) solutions, ensuring high availability, scalability, and security across global Group locations. Drives strategic PKI initiatives, including the adoption of new technologies and best practices.
RESPONSIBILITIES
- Architects and deploys Microsoft Active Directory Certificate Services (AD CS) components, including Certificate Authorities (CAs), Online Responders (OCSP), Certificate Revocation Lists (CRLs) and Network Device Enrollment Service (NDES).
- Manages the full certificate lifecycle using advanced Certificate Lifecycle Management (CLM) platforms and Hardware Security Modules (HSMs).
- Develops and implements automation scripts (PowerShell, Python) for PKI operations, certificate issuance, revocation, and monitoring.
- Implements proof of concepts for PKI solutions.
- Provides expert-level (Tier 3) support for complex PKI and Certificate Management incidents, performing root cause analysis and implementing permanent solutions.
- Collaborates with cross-functional teams, including Product Owners, DevOps, and IT Security, to integrate PKI solutions into various applications and services.
- Contributes to the overall security architecture, providing expert guidance on cryptographic standards, key management, and secure communication protocols.
- Conducts comprehensive risk assessments for PKI deployments and develops mitigation strategies to ensure compliance with industry regulations and internal security policies.
- Creates and maintains high-quality technical documentation, including design specifications, operational procedures, and test plans.
- Conducts research on existing systems and devises solutions that work within those systems.
- Responds to questions regarding PKI and Certificate Management capabilities and requirements.
- Maintains a high-level understanding of the organization's IT-Security processes and requirements.
- Works on the delivery of DevOps User Stories within specified functional area(s).
- Supports the roll-out and operation of global Public Key Infrastructure (PKI) and Certificate Management initiatives within the Group for multiple departments and all global locations.
- Understands and models VPS (Value Added Production System) Principles and concepts of Standard Work and Problem Solving.
- Adheres to 5S and Safety Standards and Principles.
- Performs other duties as assigned by Group Operations Supervisor
QUALIFICATIONS
- Bachelor's or master’s degree in computer science, Information Security, or a related technical field.
- 6+ years of hands-on experience with Microsoft Active Directory Certificate Services (AD CS) -OR Equivalent platform, including design, deployment, and troubleshooting of Certificate Authorities (CAs), Online Responders (OCSP), and Network Device Enrollment Service (NDES).
- 3+ years of expertise in certificate lifecycle management (CLM) platforms (e.g., Venafi, AppViewX, Keyfactor) and Hardware Security Modules (HSMs) (e.g., Thales, nCipher, Utimaco).
- 5+ years of proven track record of successfully delivering complex PKI projects in large-scale enterprise environments.
- 5+ years of experience driving products from concept and ideation through successful launch.
- 5+ years of experience working on a team employing standardized project delivery methods (Agile/Scrum development methods preferred).
- 5+ years of experience in understanding and working with non-functional requirements.
- 5+ years of experience of working in an enterprise environment.
REQUIRED SKILLS
- Proficiency in PowerShell for AD Certificate Services administration and automation; experience with Python for security tool development is a plus.
- Knowledge of (functional) testing methodologies and tools, including test automation.
- Root cause analysis, debugging methods, and diagnostic tools. knowledge of Databases and query language (e.g., SQL).
- Knowledge of modern operating systems (especially but not limited to MS Windows and Unix/Linux derivates).
- IT Security and risk assessment.
- Knowledge of certificate lifecycle management and Public Key Infrastructure.