Job
Description
About The Role
Project Role :Security Architect
Project Role Description :Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills :Data Encryption
Good to have skills :NA
Minimum 3 year(s) of experience is required
Educational Qualification :15 years full time education
Summary:We are seeking a dedicated and detail-oriented Team Member to join our Identity and Access Management (IAM) team, supporting a major US-based client. The role focuses on Public Key Infrastructure (PKI) operations with additional responsibilities around Enterprise Key Management System (EKMS) and Identity governance tools. This is a hands-on operational role requiring support in a 24x7 environment, following a rotational shift model.
Roles & Responsibilities:
Perform day-to-day operations of PKI services including certificate issuance, renewal, revocation, and monitoring. Maintain and troubleshoot Certificate Authorities (CAs), Online Responders (OCSP), and Certificate Enrollment Web Services (CEP/CES). Support integration and certificate management for enterprise applications, servers, network devices, and security appliances. Execute and monitor certificate lifecycle management tasks and ensure compliance with security standards. Troubleshoot SSL/TLS-related issues and assist with application-level binding of certificates (e.g., IIS, LDAPS, etc.). Maintain service availability, perform routine health checks, and participate in DR/Resiliency testing. Work closely with the IAM team on access control and authentication mechanisms where certificate-based auth is integrated. Provide operational support for EKMS (Enterprise Key Management System) as an added advantage. Follow ITIL processes for incident, change, and problem management. Prepare and maintain SOPs, documentation, and runbooks for PKI and associated tools.
Professional & Technical
Skills: Strong hands-on experience with Microsoft PKI, including Root and Subordinate CAs. Experience in certificate lifecycle management for diverse enterprise environments. Familiarity with Active Directory Certificate Services (ADCS). Working knowledge of Online Responders, CEP/CES,NDES and Auto-Enrollment policies. Knowledge on DigiCert certificates and management. Good understanding of SSL/TLS protocols and digital certificates. Basic scripting skills (PowerShell preferred) for automation of routine tasks. IAM concepts and experience with directory services (Active Directory, Entra ID/Azure AD) is an added advantage. Exposure to EKMS solutions (e.g., Thales, Venafi, or other HSM-integrated key management platforms) is a plus. Ability to work in 24x7 rotational shifts and support global clients. Strong communication and documentation skills. Preferred Certifications Microsoft certifications related to security or infrastructure. CompTIA Security+, Certified PKI Professional (CPKI), or similar. Azure Security, SC-300 (Mandatory) and SC-900 Thales Encryption Product Certifications
Additional Information: The candidate should have minimum 3 years of experience in Data Encryption. This position is based at our Bengaluru office. A 15 years full time education is required.
Qualification15 years full time education
