PKI Software Engineer

August Schell
Meade, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 170K

Job location

Meade, United States of America

Tech stack

Java
Artificial Intelligence
Bash
Linux
Programming Tools
Python
Kernel-Based Virtual Machine
Lightweight Directory Access Protocols (LDAP)
Public Key Infrastructure
X.509
Red Hat Enterprise Linux - RHEL
Linux Containers
Software Engineering
Scripting (Bash/Python/Go/Ruby)
Software Security
Kubernetes
Directory Server
Fedora
Docker

Job description

August Schell is looking for a PKI Software Engineer to join our team in support of DoD enterprise PKI modernization with our DISA customer. The engineer will work hand-in-hand with commercial product engineering and government teams on the next generation of Public Key Infrastructure capabilities - including post-quantum cryptography (PQC) migration - within Red Hat Enterprise Linux, Red Hat Certificate System, and the upstream Dogtag PKI open-source project.

Individuals in this role must be able to work hybrid and go on site at Fort Meade as requested.

Responsibilities Include:

  • Design, develop, test, and maintain high-quality PKI software components across Red Hat Certificate System (RHCS) and Dogtag PKI

  • Work software fixes and feature development directly with product engineering teams and the government development lab - owning issues end-to-end from requirements through testing and verification

  • Support the program's post-quantum cryptography migration, including PQC algorithm integration (ML-DSA) and legacy version transition planning

  • Develop and troubleshoot HSM integrations supporting CA operations and key escrow

  • Support certificate lifecycle automation (ACME) as the program transitions to shorter-lived certificates at higher issuance volume

  • Practice defensive programming and contribute to testing frameworks, CI/CD pipelines, and release quality

  • Communicate clearly across government stakeholders, commercial vendor engineering, and program contractors - translating technical status into program-level clarity

  • Proactively identify, document, and escalate risks and blockers before they impact program schedule

Requirements

  • Active Secret clearance minimum (Top Secret preferred and may be required)

  • Local to the DMV area with the ability to work on site at Fort Meade as requested

  • Five (5)+ years of professional software engineering experience (flexible for candidates with exceptional PKI depth)

  • Java and/or Rust programming experience

  • Strong knowledge of Linux and its development tools

  • Knowledge or experience with Linux containers and container orchestration (Podman / Docker) and VMs (KVM)

  • Hands-on experience with PKI, x.509, cryptography, and system/software security technologies

  • Direct experience with Red Hat Certificate System or Dogtag PKI (the upstream open-source project of the deployed DoD code base) - comparable enterprise CA platform experience considered (EJBCA, Microsoft AD CS, Entrust Authority, ISC CertAgent, or similar)

  • DoD 8570/8140 IAT Level II certification (Security+ or equivalent)

  • Strong written and verbal communication skills

Stand out with:

  • Post-quantum cryptography familiarity (ML-DSA/Dilithium, Kyber, CNSA 2.0 timelines)

  • HSM integration experience (Entrust nShield, Thales Luna)

  • ACME protocol and certificate automation at scale

  • Prior DISA or DoD PKI program experience (Purebred, derived credentials, RA/CRL/OCSP operations)

  • Directory Server / LDAP experience

  • Experience using AI agents to accelerate development efforts

  • Python, Bash, or similar scripting languages

  • Package maintenance on Fedora/RHEL

Apply for this position