Sr. Software Engineer

Insight Global
San Francisco, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 139K

Job location

San Francisco, United States of America

Tech stack

Java
API
Amazon Web Services (AWS)
Audit Trail
User Authentication
Computer Security
Continuous Integration
DevOps
Multi-Factor Authentication
Virtual Private Networks (VPN)
Python
Key Management
Linux System Administration
Open Web Application Security
Public Key Infrastructure
X.509
Cloud Services
Zero Trust Network Access
Wi-Fi Technology
Scripting (Bash/Python/Go/Ruby)
Cloud Platform System
Istio
GIT
Kubernetes
Information Technology
U-Boot
Software Version Control
Go
Programming Languages

Job description

Contribute to the Design, implementation, development, deployment, configuration, and enhancement of EJBCA-based PKI infrastructure, including CA hierarchies, RA functions, OCSP responders, and CRL distribution. Define the technical roadmap for certificate lifecycle automation, secure key management, and high-assurance identity use cases. Develop and maintain certificate lifecycle automation, including provisioning, renewal, revocation, monitoring, and audit logging. Support internal stakeholders with certificate enrollment workflows (SCEP, EST, ACME, CMP) and usage patterns. Help integrate certificate-based authentication into enterprise platforms, services, and workloads. Support certificate lifecycle management processes for internal clients, applications, and devices. Collaborate with security architects, infrastructure, and application teams to align PKI solutions with organizational policies and compliance requirements. Participate in incident response and troubleshooting for PKI-related issues such as certificate validation failures or service outages. Develop & contribute to documentation, operational runbooks, and standards for PKI operations.

Requirements

We are seeking a Lead/Senior Software Engineer with hands-on experience in Enterprise grade Public Key Infrastructure (PKI) technologies. In this role, you will contribute to the design/architecture, development, automation, and support of PKI and certificate lifecycle management capabilities across the enterprise environment. The role involves strong collaboration with security, infrastructure, and application teams to ensure secure authentication, encryption, and digital trust within our systems., Bachelor's degree in Computer Science, Engineering, Cybersecurity, or equivalent experience. 5+ years of hands-on experience in PKI systems, including EJBCA or similar CA/RA platforms. 8+ years of experience with scripting or programming languages (e.g., Python, Golang, Java) Strong understanding of X.509 certificates, CRLs, OCSP, certificate templates, trust chains and key usage extensions. Experience with enrollment protocols such as SCEP, EST, ACME, or CMP. Familiarity with certificate lifecycle automation, workflows or CLM platforms and APIs Familiarity with HSM integration, key escrow, and secure enclaves. Understanding of PKI use cases for TLS/mTLS, device identity, Wi-Fi/EAP, VPN, code signing, workload identity, etc. Proficiency with Linux environments and version control systems (e.g., Git). Familiarity with cloud environments (AWS) and how PKI integrates with cloud services. Solid understanding of DevOps practices, CI/CD, monitoring, and ownership of production systems.

Nice to Have Skills & Experience

Experience with hardware-backed security mechanisms such as TPM, HSM, or secure enclaves. Experience with PKI in Kubernetes or service mesh environments (e.g., Istio, SPIRE, cert-manager). Exposure to device attestation, platform security, or Secure Boot concepts. Familiarity with relevant security frameworks or compliance standards (e.g., NIST, ISO, SOC 2). Awareness of common security weaknesses (OWASP Top 10, CWE Top 25). General understanding of core security concepts such as MFA, Zero Trust, and secrets management.

Benefits & conditions

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.

Apply for this position