Senior PKI Engineer

*Brief Description
PKI Engineer
Remote *
Grant Leading Technology is seeking a candidate for PKI Engineer to join our dynamic team. The candidate will provide PKI engineering and implementation support for the Identify Credential and Access Management (ICAM) team of our government client. This position will be remote, and the hours are 8 am to 5 pm EST.

*Responsibilities: *

• Focuses on public key infrastructure (PKI) information security domain architecture planning, design, and related functions in the areas of PKI encryption solutions, cryptographic services, key management (HSM) and related security technologies within the enterprise
• Provide guidance to key stakeholders and contribute to the technical direction of all areas of PKI architecture, including policies, standards, strategies, automation and governance
• Contribute to a technical team ensuring consistency and interoperability between solution components.
• Responsible for assisting with the enhancements and design of the PKI infrastructure on the cloud
• Implement, engineer and manager PKI infrastructure on Prem, AWS GOVCloud, and AZURE GOVCloud resources utilizing industry best practice
• Provide engineering support for cryptography, PIV authorization, IGA SailPoint IIQ, and addressing security vulnerabilities within the PKI infrastructure
• Manage two-tier Microsoft Certificate Authority, certificate trust chains and certificate enrollment
• Implement and manage Validation Authority, Validation Responders in a production environment
• Ensure correct firewall rules and cloud security groups are in place for PKI
• Implement and manage Thales HSMs appliances in a production environment
• Provide engineering support for the certificate management services with KeyFactor Command
• Implement and Engineer SailPoint IIQ on Prem and AWS GOVCloud
• Configure CRED, PRIV, TRUST, and IDENTITY sources for CDM SailPoint IIQ
• Create and edit infrastructure target state diagrams (TSD) detailing the layout of the network and how traffic will flow between the resources both on Prem and cloud
• Ensure compliance with PKI and SailPoint infrastructures by providing technical knowledge during the privacy impact assessments (PIA), the system security plans (SSP) and the authority to operate (ATO) process
• Consult with other members of project team to write, edit, and review of technical documents in the infrastructure
• Support proof of concept (POC) builds within the cloud infrastructure for future technologies (such as Ping and CyberArk)

*Qualifications And Education Requirements: *

• Bachelor of Arts (BA) degree in Cybersecurity, Computer Science, or related discipline
• Ten (10) years or more of experience in cybersecurity
• Four (4) years or more of experience in public key infrastructure (PKI)
• Advanced experience with certificate lifecycle management, enterprise authentication and web security, and commercial Certificate Authorities
• Strong proficiency in cryptography
• Familiarity with Cloud Technologies, such as AWS, Azure and Google cloud
• Ability to support the end-to-end deployment of secure, PKI-based Web applications
• Senior level architecture experience with deploying PKI solutions.
• General knowledge of integrating multifactor (MFA) and single sign-on (SSO) with Ping Federate
• General knowledge of NIST controls and FedRAMP compliance
• General knowledge of cloud technologies, communication routes within Azure and AWS
• Good team player
• Must live in the U.S.
• Must be authorized to work in the U.S.

*Preferred Skills: *

• Federal government experience preferred
• Experience supporting PKI enterprise environments with greater than 20,000 personnel
• Working knowledge of Shell scripting / PowerShell

*About Grant Leading Technology: *
Grant Leading Technology (GLT) is a verified Service-Disabled Veteran Owned Small Business (SDVOSB) government contracting firm. GLT provides expert knowledge and skills to deliver agile enterprise solutions and innovative technologies to our clients at the Federal Aviation Administration (FAA), Internal Revenue Service (IRS), Federal Emergency Management Agency (FEMA), National Aeronautics and Space Administration (NASA), and other federal and state agencies. We possess exceptional capabilities including, but not limited to, project management, cyber security, construction management, design, and management technology. GLT has been recognized for five consecutive years by Inc. 5000 as one of the fastest-growing private companies in America.

Our employees are at the heart of GLT's success. We value and fully embrace the diversity of individuals and ideas within our workforce. GLT provides a competitive compensation package with benefits that are immediately available. Our base healthcare plan is 100% employer paid and our 401k plan is immediately vested. We also offer paid time off, 11 federal holidays, short/long-term disability, 401k matching, and opportunities for professional development.

• Grant Leading Technology is an "equal opportunity employer". All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. Reasonable accommodations will be provided to those who are unable to utilize our online application system due to a disability. Please email with the subject line "Accommodation"

*Requirements
Qualifications and Education Requirements: *

• Bachelor of Arts (BA) degree in Cybersecurity, Computer Science, or related discipline
• 10 years of experience in cybersecurity
• 4 years of experience in public key infrastructure (PKI)
• Advanced experience with certificate lifecycle management, enterprise authentication and web security, and commercial Certificate Authorities
• Strong proficiency in cryptography
• Ability to support the end-to-end deployment of secure, PKI-based Web applications.
• Senior level architecture experience with deploying PKI solutions.
• General knowledge of integrating multifactor (MFA) and single sign-on (SSO) with Ping Federate
• General knowledge of NIST controls and FedRAMP compliance
• General knowledge of cloud technologies, communication routes within Azure and AWS
• Good team player

*Preferred Skills: *

• Federal government experience preferred.
• Experience supporting PKI enterprise environments with greater than 20,000 personnel.
• Working knowledge of Shell scripting / PowerShell