Job Specifications
THIS JOB IS 5 DAYS A WEEK, ON-SITE, IN EITHER DENVER, CO OR CHARLOTTE, NC! THIS ROLE IS ONLY AVAILABLE ON W2.
JOB DESCRIPTION
Insight Global is seeking a Senior PKI Engineer to join the Global Information Security (GIS) team at a Fortune 50 financial institution. This ideal candidate will design, implement, and operate enterprise-grade Public Key Infrastructure (PKI) services with a strong focus on Microsoft Active Directory Certificate Services (AD CS) and Active Directory (AD) integration. They will need to have hands-on implementation and integration knowledge of certificate lifecycle management, CA hierarchy governance, enrollment automation, HSM-backed key protection, CA backup/restore, migration, and integration with Windows Server, Linux, network/security devices, cloud providers, MDM/EDR, and zero-trust tools.
Key Responsibilities Include:
Architecture & Design
• Design and maintain enterprise PKI architectures including Root, Policy, and Issuing CAs.
• Integrate PKI with Active Directory, Entra ID, Intune/MDM, GPOs, and Azure AD.
• Develop certificate lifecycle policies including revocation and renewal.
• Implement HSM-backed key storage and disaster recovery designs.
Operations & Automation
• Own certificate lifecycle management including automation.
• Manage CRL and OCSP publication and availability.
• Implement scripting and automation using PowerShell and APIs.
• Operate and maintain secure PKI infrastructure.
Security & Compliance
• Apply strong key management practices and CA hardening baselines.
• Perform PKI risk assessments and access reviews.
• Lead incident response for PKI-related outages.
• Maintain compliance with NIST, CA/B Forum, and internal frameworks.
REQUIRED SKILLS AND EXPERIENCE
• 8+ years in Security Engineering or Identity Infrastructure.
• 5+ years hands-on with Microsoft AD CS and enterprise PKI.
• Deep knowledge of X.509, CRLs, OCSP, EKUs, RSA/ECC, SHA-2.
• Strong PowerShell, Python, or C# scripting and Windows Server administration skills.
• Experience with Linux PKI, TLS/SSL, VPN authentication.
• Azure PKI integrations and HSM experience (Thales, Entrust, nCipher).
About the Company
Insight Global is an international professional services and staffing company specializing in delivering talent and technical solutions to Fortune 1000 companies across the IT, Non-IT, Healthcare, and Engineering industries. Fueled by staffing and talent experts, Evergreen, our professional services brand, brings technical advisors and culture consultants to help customers tackle their biggest challenges. With over 70 locations across North America, Europe, and Asia, and global staffing capabilities in 50+ countries, our tea...
Know more