Public Key Infrastructure Engineer - RDT Identity & Access Management

At the heart of our digital security is the trust we build through encrypted communication. As PKI Engineer, you will join our Identity and Access Management (IAM) team to help manage the core certificate infrastructure. You'll be instrumental in ensuring that our digital certificates are issued, tracked, and renewed without a hitch, Scope

• Assist in the day-to-day administration of Microsoft Active Directory Certificate Services (AD CS), including template management and troubleshooting.
• Leverage Keyfactor Command to monitor certificate health, identify expiring assets, and assist in the cleanup of "rogue" or unknown certificates.
• Support the deployment and troubleshooting of ACME clients for automated certificate issuance across our web server environment.
• Participate in the automation of routine certificate tasks using Version Control systems and scripting as required (PowerShell or Python).
• Document PKI processes and maintain the Certificate Policy/Certification Practice Statement (CP/CPS) records.
• Collaborate with senior engineers to orchestrate certificate distribution to load balancers, firewalls, and application servers.

Impact/Strategy

• Contributes to projects or workgroups by providing well-analyzed requirements and supporting the design of solutions that align with business objectives within their specified area
• Demonstrates growing autonomy and expertise within their specific domain by translating requirements into a strategic plan with supervision, and may identify opportunities for minor process improvements within their immediate scope

Complexity

• Works on a product or larger contexts, handling requirements and analysis for specific features or components
• Can navigate moderate levels of complexity in requirements and stakeholder landscapes
• Begins to understand sources of influence and analyze business problems/opportunities within this product context, starting to map basic interconnections

Business/Technical ability

• Possesses a working knowledge of the relevant business domain and supporting technologies
• Understands sources of influence, comprehending internal and external factors affecting the problem space, and is capable of identifying and analyzing basic business problems or opportunities holistically

Education / Experience

• Experience: 3-5 years in IT infrastructure, security, or a systems administration role.
• Education: Bachelor's Degree in Computer Science, Cyber Security, or equivalent practical experience.
• Working knowledge of relevant business domains and supporting cybersecurity technologies
• Experience in conducting stakeholder interviews, synthesizing requirements, and mapping/analyzing current processes
• Demonstrated ability to independently handle less complex tasks and contribute to various stages of the security and business analysis lifecycle

Technical Skills

• A solid understanding of cryptography basics (Symmetric vs. Asymmetric, Hashing, Digital Signatures).
• Experience with Windows Server and Active Directory. Exposure to web servers like IIS, Apache, or Nginx. Comfortable using Git for basic file management and collaboration.
• Knowledge of the ACME protocol or experience using tools like Certbot.
• Familiarity with PowerShell or Python for automating repetitive tasks.
• A desire to earn certifications like CompTIA Security+ or Microsoft Identity and Access Administrator (SC-300).
• Understanding of Zero Trust principles, authentication factors and cryptography.
• Strong communication skills to convey technical concepts to diverse audiences and demonstrated success working collaboratively in Agile environments, contributing to cross-functional teams.
• Experience with version control systems (Git), CI/CD pipelines for secure code deployment, and optional scripting expertise with Curl, Python, Bash, or PowerShell. Strong debugging and problem-solving skills

Additional Qualifications

• A mindset of continuous improvement with a proactive approach to identifying solution-level issues, gaps, or inefficiencies
• Strong analytical and logical reasoning skills to identify discrepancies, challenge assumptions, and confidently present solutions

A healthier future drives us to innovate. Together, more than 100'000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact. Let's build a healthier future, together. Roche is an Equal Opportunity Employer.