PKI Software Engineer

August Schell
Fort Meade, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Fort Meade, United States of America

Tech stack

Java
Agile Methodologies
Artificial Intelligence
JIRA
Bash
Linux
Programming Tools
Python
Kernel-Based Virtual Machine
Lightweight Directory Access Protocols (LDAP)
Public Key Infrastructure
X.509
Scrum
Red Hat Enterprise Linux - RHEL
Linux Containers
Software Engineering
Scripting (Bash/Python/Go/Ruby)
Software Security
Kubernetes
Directory Server
Fedora
Docker

Job description

August Schell is looking for a PKI Software Engineer to join our team in support of DoD enterprise PKI modernization with our DISA customer. The engineer will work hand-in-hand with commercial product engineering and government teams on the next generation of Public Key Infrastructure capabilities - including post-quantum cryptography (PQC) migration - within Red Hat Enterprise Linux, Red Hat Certificate System, and the upstream Dogtag PKI open-source project.

Individuals in this role must be able to work hybrid and go on site at Fort Meade as requested.

Responsibilities Include: -Design, develop, test, and maintain high-quality PKI software components across Red Hat Certificate System (RHCS) and Dogtag PKI

-Work software fixes and feature development directly with product engineering teams and the government development lab - owning issues end-to-end from requirements through testing and verification

-Support the program's post-quantum cryptography migration, including PQC algorithm integration (ML-DSA) and legacy version transition planning

-Develop and troubleshoot HSM integrations supporting CA operations and key escrow

-Support certificate lifecycle automation (ACME) as the program transitions to shorter-lived certificates at higher issuance volume

-Practice defensive programming and contribute to testing frameworks, CI/CD pipelines, and release quality

-Communicate clearly across government stakeholders, commercial vendor engineering, and program contractors - translating technical status into program-level clarity

-Proactively identify, document, and escalate risks and blockers before they impact program schedule

Requirements

Active Secret clearance minimum (Top Secret preferred and may be required)

-Local to the DMV area with the ability to work on site at Fort Meade as requested

-Five (5)+ years of professional software engineering experience (flexible for candidates with exceptional PKI depth)

-Java and/or Rust programming experience

-Strong knowledge of Linux and its development tools

-Knowledge or experience with Linux containers and container orchestration (Podman / Docker) and VMs (KVM)

-Hands-on experience with PKI, x.509, cryptography, and system/software security technologies

-Direct experience with Red Hat Certificate System or Dogtag PKI (the upstream open-source project of the deployed DoD code base) - comparable enterprise CA platform experience considered (EJBCA, Microsoft AD CS, Entrust Authority, ISC CertAgent, or similar)

-DoD 8570/8140 IAT Level II certification (Security+ or equivalent)

-Strong written and verbal communication skills

Stand out with:

-Post-quantum cryptography familiarity (ML-DSA/Dilithium, Kyber, CNSA 2.0 timelines)

-HSM integration experience (Entrust nShield, Thales Luna)

-ACME protocol and certificate automation at scale

-Prior DISA or DoD PKI program experience (Purebred, derived credentials, RA/CRL/OCSP operations)

-Directory Server / LDAP experience

-Experience using AI agents to accelerate development efforts

-Python, Bash, or similar scripting languages

-Package maintenance on Fedora/RHEL

-Agile development methodologies (Scrum, JIRA)

Apply for this position