Calix provides the cloud, software platforms, systems and services required for communications service providers to simplify their businesses, excite their subscribers and grow their value.
Roles & Responsibilities
PKI Infrastructure Management
- Design, deploy, and maintain PKI infrastructure comprising of HSM, CA Services, and CLM.
- Configure and maintain Certificate Templates, Certificate Revocation Lists (CRLs), and Online Certificate Status Protocol (OCSP) responders.
- Define and enforce certificate policies and practices in line with regulatory requirements.
- Monitor PKI health, performance, and security posture using tools and dashboards.
- Start and stop PKI component services as needed for maintenance or incident response.
Advanced Configuration & Governance
- Configure CDP (CRL Distribution Point) and AIA (Authority Information Access) URLs.
- Configure Policy Modules and Exit Modules to control certificate issuance and post-processing.
- Define Certificate Manager restrictions and roles to ensure proper access control.
- Define Enrollment Agent (EA) restrictions and Key Recovery Agent (KRA) roles.
- Define and manage other CA administrators and their permissions.
- Enable, publish, and configure CRL schedules to ensure timely revocation updates.
- Configure audit parameters to log critical PKI operations and support compliance audits.
Integration & Automation
- Integrate PKI with enterprise systems including Active Directory, VPNs, web servers, and endpoint management platforms.
- Automate certificate management using tools such as Venafi, Certbot, or custom scripts.
- Support secure onboarding of new applications and services requiring certificate-based authentication.
Compliance & Documentation
- Ensure PKI operations comply with standards like NIST, ISO 27001, and internal policies.
- Maintain documentation of PKI architecture, configurations, procedures, and audit logs.
- Participate in internal and external audits, providing evidence of PKI controls and practices.
Qualifications:
- Bachelor s degree in computer science, Information Security, or related field.
- 5-8 years of experience in PKI administration or enterprise security infrastructure.
- Expertise in implementing and managing PKI infrastructure components such as Certificate authorities, key material storage, key management systems, device keystore provisioning and code signing.
- Understanding of cryptographic protocols like RSA / ECC, security protocols and standards like TLS/SSL, X.509, S/MIME. Knowledge of Network Security, Microsoft Active Directory, Power Shell Scripting, REST API is desirable.
- Proficiency in scripting languages (PowerShell, Python) for automation and reporting.
- Familiarity with identity and access management (IAM) and secure authentication protocols.
- Develop and enforce PKI policies, procedures, and standards to ensure industry compliance.
- Certifications such as CISSP, CISM, or Microsoft Certified: Identity and Access Administrator.
- Experience with on-prem and cloud-based PKI solutions
- Exposure to enterprise security tools, SIEM platforms, and compliance frameworks.
Location:
India - (Flexible hybrid work model - work from Bangalore office for 20 days in a quarter)
