Job
Description
Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Data Encryption Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud security. Roles & Responsibilities:- Perform day-to-day operations of PKI services including certificate issuance, renewal, revocation, and monitoring.- Maintain and troubleshoot Certificate Authorities (CAs), Online Responders (OCSP), and Certificate Enrollment Web Services (CEP/CES).- Support integration and certificate management for enterprise applications, servers, network devices, and security appliances.- Execute and monitor certificate lifecycle management tasks and ensure compliance with security standards.- Troubleshoot SSL/TLS-related issues and assist with application-level binding of certificates (e.g, IIS, LDAPS, etc)- Maintain service availability, perform routine health checks, and participate in DR/Resiliency testing.- Work closely with the IAM team on access control and authentication mechanisms where certificate-based auth is integrated.- Provide operational support for EKMS (Enterprise Key Management System) as an added advantage.- Follow ITIL processes for incident, change, and problem management.- Prepare and maintain SOPs, documentation, and runbooks for PKI and associated tools. Professional & Technical Skills: - Strong hands-on experience with Microsoft PKI, including Root and Subordinate CAs.- Experience in certificate lifecycle management for diverse enterprise environments.- Familiarity with Active Directory Certificate Services (ADCS).- Working knowledge of Online Responders, CEP/CES,NDES and Auto-Enrollment policies.- Knowledge on DigiCert certificates and management.- Good understanding of SSL/TLS protocols and digital certificates.- Basic scripting skills (PowerShell preferred) for automation of routine tasks.- IAM concepts and experience with directory services (Active Directory, Entra ID/Azure AD) is an added advantage.- Exposure to EKMS solutions (e.g Thales, Venafi, or other HSM-integrated key management platforms).- Ability to work in 24x7 rotational shifts and support global clients.- Strong communication and documentation skills. Must have skills -PKI management, DigiCert, SSL Certificate, CA Server and basic AD- Microsoft certifications related to security or infrastructure.- CompTIA Security plus Certified PKI Professional (CPKI), or similar.- Azure Security, SC-300 or SC-900 (optional, for IAM). Additional Information:- The candidate should have minimum 3 years of experience in Data Encryption.- A 15 years full time education is required. Qualification 15 years full time education
