PKI Architect

Job Description

PKI Architect 

Basingstoke

The PKI architect will be responsible for applying security best practices and industry standards derived from threat analysis to design and implement PKI technology according to customer requirements.

The position requires strong theoretical knowledge as well as industry experience in applying advanced cryptography schemes to secure complex IT infrastructure, customer-facing services, and sensitive customer and enterprise data. 

You must be keenly aware of the need to support end users with vital work by providing an excellent customer focused service. You will be responsible for the delivery of new & ongoing change to work packages, in response to evolving user requirements.

The successful candidate will have the responsibility of owning the delivery of a work packages from design, through prototyping, ensuring the work package meets functional and non-functional requirements. 

Creation and ownership of all related documentation artefacts relating to work packages including HLD, LLD, Installation guides. 

Knowledge, experience, and capability required for the role include:

• Expertise in both mainstream encryption schemes and key exchange protocols as well as quantum-safe cryptography;
• Familiarity with NIST post-quantum cryptography standardization & migration efforts;
• Strong experience of delivering on-premise PKI using technologies such as Keyfactor (EBJCA), Microsoft PKI and OpenSSL;
• Strong xperience of deliver of high assurance PKI to support Microsoft and Linux platforms;
• Familiarity with NIST Cryptographic Standards and Guidelines;
• Familiarity with IETF RFC standard and guidelines for PKI;
• Proficiency in Powershell and OpenSSL;
• Experience in creation of policy documentation via interpretation of customer Certificate Policies in relation to PKI usage i.e. CPS / Key Signing Ceremonies;
• Experience of working in secure environments (preferred).

Desirable - Experience across technologies such as:

• Experience in the development and delivery of software using Agile Methodologies
• Active Directory, working with secure networks, System hardening (GPOs etc.)
• Knowledge of Open Source products such as Python for scripting