Senior PKI Infrastructure Security Engineer

Fisher Investments - Duncanville, TX

posted 5 days ago

Full-time - Senior
Remote - Duncanville, TX
Securities, Commodity Contracts, and Other Financial Investments and Related Activities

About the position

The Senior PKI Security Engineer will play a crucial role in supporting the Corporate Systems team at Fisher Investments. This position involves the administration, operation, upgrade, and support of Certification Authorities (CA), Registration Authorities (RA), and Hardware Security Modules (HSM) within a Microsoft Windows-based enterprise Public Key Infrastructure (PKI). The engineer will lead efforts to ensure that PKI systems align with the firm's Information Security policies and industry best practices, while also advising leadership on PKI/KMS industry changes.

Responsibilities

  • Build a mature enterprise-wide certificate management services and Public Key Infrastructure capabilities.
  • Support the definition, design, and deployment of enterprise PKI system.
  • Provide detailed specifications for PKI/KMS infrastructure.
  • Provide roadmap guidance and recommendations to existing environment and future landscape.
  • Maintain detailed procedures, policies, baselines, and work instructions for PKI & KMS administration.
  • Advise on improvements to PKI & KMS administration processes.
  • Represent PKI Engineering on organizational project teams and ensure adherence to existing security policies and standards.
  • Manage the successful technical delivery of Information Security projects and services for customers by working directly with key business stakeholders, executives, and project teams.
  • Keep up on current technologies and maintain awareness of industry trends and threats, focusing on PKI/PKE technologies.

Requirements

  • 8+ years of advanced hands-on experience in deploying, configuring, and managing certificate lifecycle management (KMS), Public Key Infrastructure (PKI), Certification Authorities (CA), Hardware Security Modules (HSM), Registration Authorities (RA), Root CA, Azure Key Vault, Thales, Venafi, Keyfactor, and Entrust integration experience.
  • Experience in Entrust, HashiCorp, Thales, DigCert, Venafi, Keyfactor.
  • Well versed in common Information Security practices and the CISSP domains, with general Information Technology experience.
  • Expert level experience with PKI implementation and certificate lifecycle management solution.
  • Expert level experience with hardware security module (HSM) technology.
  • Expert level experience in MS Certificate Management Services and Active Directory Domain Services.
  • Expert level experience in SSL certificate management concepts, processes, and solution management.
  • Expert level experience in cloud solution development with Azure architectures as it relates to PKI management.
  • Excellent knowledge in PKI/HSM ecosystem (technology, standards, implementations, & migration).
  • Bachelor's degree in Information Assurance, Computer Science, Cybersecurity, Information Systems or related field of study.
  • Security industry certification is required including but not limited to CISSP, SSCP, CISM, SANS GSEC, ECSA, ECSP, and Security+

Benefits

  • 100% paid medical, dental and vision premiums for you and your qualifying dependents.
  • A 50% 401(k) match, up to the IRS maximum.
  • 20 days of PTO, plus 10 paid holidays.
  • Family Support programs including 8 week Paid Primary Caregiver Leave, fertility, family forming, and hormonal health assistance and back-up child, adult, and elder care.
  • $10,000 fertility, hormonal health and family-forming benefit.
  • Opportunity to participate in our hybrid work from home program, allowing up to 75 days per year based on tenure and performance eligibility.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service