Senior PKI & Identity Infrastructure Engineer

Location:

Experience:

Employment Type:

Job Summary:

Senior PKI & Identity Infrastructure Engineer

This project is scheduled for one year that is extended up-to 3 years

Key Areas Of Responsibility

PKI Infrastructure

• Design and maintain enterprise PKI architecture using Windows Certificate Authority.
• Administer and optimize Keyfactor platform for certificate lifecycle management.
• Configure and manage Hardware Security Modules (HSMs).
• Automate certificate discovery, issuance, and renewal processes.
• Develop PKI policies, procedures, and disaster recovery plans.
• Monitor PKI environments to ensure compliance with security standards.
  

Active Directory & Identity Management

• Architect and secure enterprise Active Directory infrastructure.
• Lead Active Directory hardening and consolidation initiatives.
• Configure and manage Microsoft Entra ID (formerly Azure AD).
• Design and manage enterprise SSO solutions and application integrations.
• Implement Zero Trust Architecture and identity lifecycle management.
• Establish security monitoring and alerting for AD environments.
  

Cloud Infrastructure

• Design and maintain hybrid environments across AWS EC2 and Azure.
• Develop Infrastructure as Code (IaC) solutions using Terraform.
• Implement cloud security best practices and compliance frameworks.
• Manage cloud identity federation and networking.
• Design disaster recovery solutions and optimize cloud resource utilization.
  

Required Technical Skills

PKI Expertise:

• Advanced experience with Windows Certificate Authority.
• Hands-on with Keyfactor platform.
• Deep understanding of HSMs and certificate lifecycle management.
• Knowledge of PKI standards and compliance requirements.
  

Active Directory & Identity

• Expert-level understanding of Active Directory architecture.
• AD security hardening, consolidation, and remediation.
• Experience with Microsoft Entra ID (Azure AD).
• Familiarity with SSO, application federation, and SIEM integration.
  

Cloud & Automation

• Proficient in Terraform scripting for AWS/Azure infrastructure.
• Strong understanding of AWS EC2, Azure VM, networking, and identity.
• Automation using PowerShell, Python, and integration with CI/CD pipelines.
  

Required Qualifications

• 8+ years of experience in IT infrastructure and security.
• 5+ years of specialized experience in PKI and Keyfactor.
• Strong cloud infrastructure knowledge (AWS and Azure).
• Proven track record of securing and managing enterprise-scale AD environments.
  

Certifications Preferred

• Microsoft (MCSE, Azure Security Engineer)
• AWS (Associate or Professional level)
• Security (CISSP, CISM)
  

Additional Skills

• Strong project management and leadership abilities
• Excellent communication and problem-solving skills
• Experience in technical documentation and change management
• Ability to explain complex concepts to both technical and non-technical stakeholders
  

Key Projects & Tasks

PKI Infrastructure:

• Design and deploy enterprise PKI.
• Automate certificate lifecycle with Keyfactor.
• Configure HSMs and ensure compliance.
  

Active Directory

• Implement AD hardening and security monitoring.
• Manage Entra ID and enterprise SSO.
• Establish identity governance.
  

Cloud Infrastructure

• Develop Terraform modules for hybrid cloud.
• Implement cloud security controls and DR planning.
• Optimize cloud costs and automate deployments.