Role: PKI Engineer

Employment Type: Permanent, Full-Time (Contract or Permanent)

Location: On-site – Corsham / Farnborough

Clearance Required: DV (Developed Vetting)

Role Summary

We're seeking a skilled PKI Support/Operator to provide 2nd–4th line support for Public Key Infrastructure (PKI) services and supporting infrastructure. This on-site role involves troubleshooting, maintenance, certificate lifecycle management, and ensuring compliance with security best practices in a high-assurance environment.

Key Responsibilities

Operational Support & Incident Management

• Provide 2nd/3rd line support for PKI systems including root, subordinate, and issuing CAs.
• Troubleshoot certificate issues (issuance, revocation, validation, auto-enrolment).
• Manage incidents, service requests, and changes within defined SLAs.

Infrastructure Maintenance

• Support identity and security services (e.g. AzureAD, Intune, SSO).
• Monitor and respond to alerts (e.g. Microsoft Defender).
• Maintain server health, backups, patching, and updates.

Certificate Lifecycle Management

• Handle certificate requests, renewals, and revocations.
• Maintain inventory and ensure timely renewals to avoid service disruption.

Compliance & Documentation

• Adhere to CP/CPS and security policies.
• Manage CA audit logs and role-based access controls.
• Maintain detailed technical and procedural documentation.

Required Skills & Experience

Technical:

• Solid understanding of PKI concepts (CAs, CRLs, OCSP, key management).
• Windows Server administration and PowerShell scripting.
• Network fundamentals: DNS, DHCP, TCP/IP.
• Familiarity with security frameworks (FIPS 140-2, NIST, GDPR).
• Experience with ITSM processes (incident/change/problem management).
• Exposure to cloud services (Azure, AWS, Intune).
• Strong documentation and troubleshooting skills.

Preferred Certifications

• CompTIA Security+ or relevant vendor certification (desirable)