Job Description
Contribute to the Design, implementation, development, deployment, configuration, and enhancement of EJBCA-based PKI infrastructure, including CA hierarchies, RA functions, OCSP responders, and CRL distribution.
Define the technical roadmap for certificate lifecycle automation, secure key management, and high-assurance identity use cases.
Develop and maintain certificate lifecycle automation, including provisioning, renewal, revocation, monitoring, and audit logging.
Support internal stakeholders with certificate enrollment workflows (SCEP, EST, ACME, CMP) and usage patterns.
Help integrate certificate-based authentication into enterprise platforms, services, and workloads.
Support certificate lifecycle management processes for internal clients, applications, and devices.
Collaborate with security architects, infrastructure, and application teams to align PKI solutions with organizational policies and compliance requirements.
Participate in incident response and troubleshooting for PKI-related issues such as certificate validation failures or service outages.
Develop & contribute to documentation, operational runbooks, and standards for PKI operations.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or equivalent experience.
5+ years of hands-on experience in PKI systems, including EJBCA or similar CA/RA platforms.
8+ years of experience with scripting or programming languages (e.g., Python, Golang, Java)
Strong understanding of X.509 certificates, CRLs, OCSP, certificate templates, trust chains and key usage extensions.
Experience with enrollment protocols such as SCEP, EST, ACME, or CMP.
Familiarity with certificate lifecycle automation, workflows or CLM platforms and APIs
Familiarity with HSM integration, key escrow, and secure enclaves.
Understanding of PKI use cases for TLS/mTLS, device identity, Wi-Fi/EAP, VPN, code signing, workload identity, etc.
Proficiency with Linux environments and version control systems (e.g., Git).
Familiarity with cloud environments (AWS) and how PKI integrates with cloud services.
Solid understanding of DevOps practices, CI/CD, monitoring, and ownership of production systems.
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.