Senior PKI Engineer
99999 Consulting Llc
Washington, United States of America
3 days ago
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Experience level
Senior Compensation
$ 250KJob location
Washington, United States of America
Tech stack
Web Servers
Networking Hardware
Key Management
OpenSSL
Public Key Infrastructure
X.509
Transport Layer Security
Load Balancing
Job description
- Work centers on designing and maintaining trust models that other systems depend on, often with little margin for error.
- Problems are rarely straightforward-solutions must account for vendor constraints, security requirements, and interoperability edge cases.
- Ownership of PKI architecture and implementation from policy design through operational support.
- High OPTEMPO; requires precision, persistence, and disciplined follow-through.
What You'll Do
- Design and manage PKI architectures, including root/intermediate hierarchies, chains of trust, and certificate lifecycle processes.
- Create and maintain segmented trust models (organizational partitions, cross-domain trust, constrained intermediates).
- Generate and support certificates for diverse use cases, including handling vendor-specific constraints and non-standard requirements (e.g., wildcard usage, SAN configurations, custom extensions).
- Troubleshoot certificate validation issues across systems, applications, and network boundaries.
- Collaborate with systems, network, and application teams to ensure certificates function correctly within their environments.
- Define and enforce certificate policies, revocation strategies (CRL/OCSP), and security controls.
- Mentor engineers on PKI fundamentals and correct implementation practices.
Tech Knowledge / Skills
- PKI fundamentals: X.509, certificate chains, trust stores, key management
- Microsoft CA, OpenSSL, and other PKI tooling
- TLS/SSL, mutual authentication, certificate-based access control
- CRL, OCSP, revocation and lifecycle management
- Integration points: web servers, load balancers, applications, network devices
Requirements
- 8+ years experience in PKI, security engineering, or related systems roles in secure/cleared environments
- Active TS; must be able to obtain TS/SCI
- Professional certification required; expert-level capability preferred
- Demonstrated ability to design and troubleshoot PKI systems across multiple platforms and vendors
- Experience with complex trust models and real-world certificate interoperability challenges
- DoD 8140 compliance required
Benefits & conditions
Pulled from the full job description
- 401(k)
- Health insurance
- Retirement plan
- 401(k) matching
- Paid time off
- Vision insurance
- Dental insurance, * The likely salary range for this position is $140,000-$250,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, and contractual agreements and could fall outside of this range.
Pay: $140,000.00 - $250,000.00 per year, * 401(k)
- 401(k) matching
- Dental insurance
- Flexible spending account
- Health insurance
- Life insurance
- Paid time off
- Retirement plan
- Vision insurance
Security clearance:
- Top Secret (Required)