PKI Analyst/ PKI Auditor

Position Overview: The PKI Analyst or PKI Auditor will play a pivotal role in ensuring the Department of Defense (DoD) compliance and efficiency of the Army's Public Key Infrastructure (PKI) systems. The candidate will be responsible for analyzing current-state PKI technologies, exploring emerging solutions, and developing comprehensive recommendations and implementation strategies to enhance the Army's PKI capabilities.

Key Responsibilities:

1. PKI Assessment: Conduct in-depth assessments and audits of the current PKI infrastructure to identify strengths, weaknesses, and compliance issues related to Certificate Practice Statement (CPS) and Registration Practice Statement (RPS) requirements.

2. Technology Integration: Research and evaluate new technologies in the PKI domain, and develop strategies for integrating these technologies to bridge the gap between existing and future capabilities.

3. Certificate Management: Manage and audit Army smart card/token systems, ensuring compliance with DoD directives. This includes responsibilities related to identity verification of requesters/subscribers, certificate issuance (both hard and soft), key recovery, certificate revocation, and suspensions.

4. Compliance and Auditing: Perform audits with Army Command Cyber Readiness Inspection (CCRI) teams to ensure compliance with PKI standards, including conducting DoD-directed audits and providing site assistance during compliance checks.

5. Recommendations and Solutions: Develop detailed analyses, recommendations, and actionable solutions to enhance PKI software/hardware-based certificate technologies within the Army.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent work experience).
• Knowledge of Public Key Infrastructure (PKI) principles and practices.
• Understanding of Certificate Practice Statement (CPS) and Registration Practice Statement (RPS) compliance requirements.
• Familiarity with Army smart card/token systems and associated audit responsibilities.
• Proven experience in evaluating and integrating emerging technologies in the PKI domain.
• Excellent analytical and problem-solving skills.
• Effective communication skills, both written and verbal.
• Ability to work collaboratively with DoD auditors and CCRI teams.