Job Description
Walter Everett is a Search and Selection Recruitment Agency. We are specialists in Technology, Cyber, Data, AI and Engineering. We are currently helping one of our fantastic clients (a global brand name and one of the best rated employers in the UK) to hire a Cyber Security Professional.
This role requires a team player, someone who thrives in a very busy environment! You will be working specifically on the Public Key infrastructure and their AWS Key Management Systems (Hashicorp, Azure and Google Key Vault/ Management Systems are also considered.) In order to be considered for this role, you must have a strong understanding of SSL, Certificates, Public Key infrastructure, Proxys and HSMs security modules (Thales).
Role Level
This role will consider Engineers and Senior Engineers and there is a broad salary level depending on your knowledge and experience. the PKI engineer, look after the Lifecycle of the certificates etc and will be helping to introduce a system that will automate this using ACME protocols. To be considered for the senior, you will need to have designed and deployed a Key Management system like Amazon vault or similar (venafi) Hashicorp, Google or Azure
Salary Level
The salary is dependent on a number of factors including your knowledge and experience in relation to the company's current team structure. Everything is fair and banded by the skills that you bring to the team in Key Management Systems. The company has excellent benefits, 25 days holiday, Life Insurance, Health Insurance with Aviva, which can also cover family. They run an annual bonus scheme and have so many other benefits because of what they do... You'll definitely want to hear about these ;-).
Location
This is a full-time hybrid position based in Greater London, with flexibility for some remote work. They will also consider other locations such as Leeds or Livingston. London is their preference though.
The Role
As a PKI Engineer, you will be responsible for managing and maintaining the Public Key Infrastructure (PKI) and their Key Management systems. This role would also suit a Cyber/ Security Engineer who has a thorough understanding of Key Management Systems. You will understand the process of issuing and revoking digital certificates, configuring and managing encryption keys, and ensuring the security of cryptographic systems. This company uses AWS, although Azure, Google or Hashicorp Key Vaults will also be considered.
Responsibilities
Your day-to-day responsibilities will be more operational if you are joining as an Engineer. If you are joining as a Senior Engineer you will have demonstrable examples of when you have implemented and configured Key Management Systems and Proxys. You will have a knowledge of scripting and automating certificate renewal etc. Below is a list of the main responsibilities:
Please apply even if you haven't got all the skills listed - there will be some training at an engineering level
Maintaining, designing, building, and operating PKI solutions and environments.
Managing Certificate Authority Administration, including Certificate Enrolment Web
Service and Policy Web Service, and monitoring Active Directory Certificate Services (ADCS)
Managing Key Management Systems (KMS) to ensure robust cryptographic key
security.
You will support and manage the PKI, Certificate deployment / automation and Thales HSMs.
Understanding details of existing certificate use-cases and prepare onboarding roadmaps to the new PKI service.
Working with cyber vulnerability assessment teams to prioritise automated certificate management.
Work with App Service managed certificates, private and public certificates.
Understanding of asymmetric and symmetric cryptography and their differences.
Experience:
A deep knowledge and understanding of Information and/or Cyber Security.
Knowledge of cybersecurity principles and practices and an understanding of security frameworks e.g., NIST, ISO27001.
Ability to liaise with stakeholders at varying levels of seniority across the business.
Additional language skills will be an advantage.
Good understanding of PKI systems and services, ACME protocol, use of RESTful APIs. The API's are already coded in Python, but you will need to understand their purpose and interactions.
Hands-on experience with Certificate Authority Administration, ADCS monitoring, and related tasks.
Familiarity with Data-in-motion and Data-at-rest Encryption techniques.
Expertise in PKI machine identity technologies such as SSH, SSL, TLS.
Experience managing Key Management Systems (KMS) for cryptographic key security.
PKI and Certificate deployment and automation.
Thales HSMs.
AWS, Azure, google or Hashicorp Key Vaults.
Both Walter Everett and our clients are committed to Diversity and inclusion. Please let us know if you require any reasonable adjustments during the interview process.
TPBN1_UKTJ