Job Specifications
Job Title: PKI Architect
Location: Lodi, CA//Sunnyvale, CA (Onsite- 4 days a Week)
Job Summary:
We are seeking a highly skilled PKI Architect to lead the design, implementation, and management of enterprise Public Key Infrastructure solutions. The ideal candidate will have deep expertise in cryptographic technologies, certificate lifecycle management, and secure key management practices, with a strong understanding of enterprise security architecture.
Key Responsibilities:
Design and architect scalable PKI solutions to support enterprise security requirements.
Lead the implementation and integration of PKI systems with identity management, authentication, and secure communications platforms.
Define and enforce certificate policies, key usage standards, and lifecycle management processes.
Manage root and subordinate Certificate Authorities (CAs), including hardware security modules (HSMs).
Ensure compliance with industry standards and regulatory requirements (e.g., NIST, ISO, GDPR).
Collaborate with cybersecurity, infrastructure, and application teams to integrate PKI into broader security architecture.
Conduct risk assessments and recommend improvements to PKI-related processes and technologies.
Provide technical leadership and mentoring to engineering teams on PKI best practices.
Required Skills & Qualifications:
Bachelor’s or Master’s degree in Computer Science, Information Security, or related field.
7+ years of experience in cybersecurity, with at least 3 years focused on PKI architecture and implementation.
Strong understanding of cryptographic protocols (TLS/SSL, S/MIME, IPsec), certificate formats (X.509), and key management.
Experience with PKI tools and platforms (e.g., Microsoft AD CS, Venafi, DigiCert, Entrust, Keyfactor).
Familiarity with HSMs, smart cards, and secure key storage solutions.
Knowledge of identity and access management (IAM) and integration with PKI.
Excellent problem-solving, documentation, and communication skills.
Preferred Qualifications:
Certifications such as CISSP, CISM, or vendor-specific PKI certifications.
Experience with cloud-based PKI solutions (AWS Certificate Manager, Azure Key Vault).
Knowledge of DevSecOps practices and automation of certificate management.
About the Company
Based in the Washington DC area, since 2001 InfiCare Technologies has been providing IT, HealthCare & non-technical staffing services to its clients across the US. We have grown steadily to become the leader in the staffing industry with an impressive client base. Be it a small niche company, a Fortune 500 global firm or a US Government agency - we have years of experience providing staffing services to them. Our clients rely on us for a qualified talent pool.
Know more