🚀 About the Role
We are seeking a highly experienced PKI Security & Governance Specialist to lead the security, governance, and compliance of mission‑critical Public Key Infrastructure (PKI) environments.
You will play a pivotal role in defining and maintaining PKI security strategy, supporting the transition toward Post‑Quantum Cryptography (PQC), and ensuring long‑term crypto‑agility, compliance, and operational resilience.
🎯 Key Responsibilities
- Define, implement, and maintain the PKI security strategy, architecture, controls, and requirements for mission‑critical infrastructures
- Drive the organization's transition to Post‑Quantum Cryptography (PQC) and crypto‑agility frameworks
- Establish and maintain a comprehensive PKI governance framework, including:
- Certificate Policies (CP)
- Certification Practice Statements (CPS)
- PKI lifecycle governance
- Oversee and participate in critical PKI operations, including:
- Root and subordinate CA management
- Root key and signing ceremonies
- Key management and protection
- Develop, implement, and maintain PKI incident response and recovery procedures
- Ensure ongoing regulatory and standards compliance (eIDAS, NIST, ISO, ETSI, etc.)
- Support audits, risk assessments, and compliance reviews
- Monitor regulatory and technological developments impacting PKI and cryptography
- Act as a subject matter expert (SME), providing guidance to senior stakeholders
- Collaborate closely with IT, Security, and Operations teams to ensure alignment between security, governance, and operational delivery
✅ Required Qualifications
- 10+ years of professional experience in PKI security and governance, preferably in mission‑critical environments
- Strong background in cybersecurity and cryptography
- Proven experience designing and managing enterprise‑grade PKI infrastructures
- Deep expertise in:
- X.509 digital certificates
- Certificate Authorities (CAs)
- Certificate lifecycle management
- CRL / OCSP
- Digital signatures and non‑repudiation
- Hands‑on experience with Hardware Security Modules (HSMs) and key management
- Experience developing PKI governance frameworks, policies, and procedures
- In‑depth understanding of industry regulations and compliance standards
- Strong communication skills, with the ability to explain complex security topics to both technical and non‑technical stakeholders
- Demonstrated ability to work effectively on high‑stakes, mission‑critical projects
🔐 Technical Skills & Knowledge
- Public Key Infrastructure (PKI)
- Certification Authorities (Root & Subordinate)
- Certificate Policy (CP) & Certification Practice Statement (CPS)
- Hardware Security Modules (HSMs)
- Cryptographic key management
- Digital signatures & trust services
- Identity & Access Management (IAM)
- Security architecture & governance
- Incident response & recovery (PKI‑focused)
🧬 Cryptography & Standards
- Strong knowledge of classical cryptography (RSA, ECC, etc.)
- Knowledge of Post‑Quantum Cryptography (PQC) and crypto‑agility principles
- Familiarity with regulations and standards such as:
- eIDAS
- ETSI
- NIST
- ISO/IEC 27001
- FIPS
- PCI‑DSS (where applicable)
