This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Starcom Consulting - Dallas, TX
posted 2 months ago
About the position
The PKI Secrets Security Architect will play a crucial role in the Cybersecurity Architecture Center of Excellence, focusing on the review and enhancement of public key infrastructure (PKI) and secrets management capabilities across on-premises, client, and cloud environments. This position is pivotal in driving a Security-First mindset during the organization's technology modernization efforts, influencing control standards, and creating IT security standards that are user-friendly for stakeholders.
Responsibilities
- Produce security architecture deliverables related to PKI and secrets management initiatives.
- Proactively identify security gaps and propose solutions, collaborating with engineering teams for implementation.
- Serve as the subject matter expert for PKI and secrets management across the enterprise.
- Create and drive the internal and client PKI security capability roadmap with IT stakeholders.
- Develop and implement the secrets management capability roadmap with IT stakeholders.
- Influence changes in control policies with Technology Risk Management and build partnerships with IT Architecture and Application Development teams.
- Create IT security standards and promote best practices that are easily consumable by IT stakeholders.
- Own the enterprise-wide PKI architecture, including Hardware Security Modules (HSMs), Certificate Authorities (CAs), and Certificate Lifecycle Management (CLM).
- Identify access management gaps and partner with application development teams for remediation.
- Design processes and workflows for certificate generation, rotation, and revocation.
- Identify automation opportunities for certificate lifecycle management.
- Act as a domain specialist to guide and shape certificate management services.
- Design new certificate management services, integrations, and technologies.
- Mentor junior security architects to enhance their skills in security and architecture.
- Maintain knowledge of the evolving security landscape and cybersecurity frameworks.
- Create white papers and present at industry conferences to demonstrate thought leadership in security.
- Align risk and control processes into daily responsibilities to monitor and mitigate risk.
Requirements
- Strong Information Security experience, specifically in PKI/Cryptography (on-premise and cloud) and secrets management.
- Solid working experience with certificate issuance ceremonies.
- In-depth knowledge of Certificate Lifecycle Management, including best practices for certificate revocation lists (CRLs).
- Experience with at least two vendors such as Venafi, Hashicorp, Microsoft, Thales, Gemalto (SafeNet HSM), DigiCert, or Hitachi (HiPAM).
- Experience in SSL certificate management concepts, processes, and solution management.
- Strong experience with Online Certificate Status Protocol (OCSP) infrastructure, Hardware Security Modules (HSM), and Venafi software suites.
- Experience in building Certificate Policy (CP) and Certificate Practice Statements (CPS).
- Solid experience with Python, networking fundamentals, and OS (Windows/Linux) security.
- Familiarity with Information Security frameworks (e.g., ISO 27001 and NIST) and security architecture frameworks.
- Strong technical writing skills for documentation purposes.
- Demonstrated ability to collaborate across product management, engineering, risk, and IT teams.
- Strong communication skills with the ability to present to large audiences.
