Security Engineer

We are looking for a highly skilled and experienced PKI Security & Governance Specialist to help us:

• Define, implement and maintain the security strategy, design, requirements and controls for mission-critical PKI infrastructures, aligned with the transition to post quantum cryptography (PQC) and related crypto-agility needs.

• Establish, operate and maintain a comprehensive governance framework, including the development of certificate policies and practice statements, as well as the oversight of critical PKI processes, such as root key ceremonies.

• Develop, implement, and regularly update robust incident response and recovery procedures to safeguard the integrity and trustworthiness of the PKI.

• Ensure sustained compliance with relevant regulations and industry standards, support audit reviews and risk asessments, and proactively monitor the evolving regulatory landscape.

• Act as a subject matter expert on PKI security, governance, and compliance. Provide authoritative guidance and keep the organization informed of emerging trends, technologies, and best practices in the PKI domain.

• Manage stakeholders and closely collaborate with IT and Operations teams in charge of deploying and operating the PKI infrastructures to ensure alignment with security and governance requirements.

Qualifications

• Strong background in cybersecurity, with at least 10 years of professional experience in PKI security and governance, particularly for mission-critical infrastructures.

• In-depth PKI expertise, including X.509 digital certificates, certificate revocation lists, key management, hardware security modules, digital signature and non-repudiation.

• Proven experience in developing, implementing, and managing comprehensive PKI governance frameworks, policies, and procedures.

• In-depth understanding of industry regulations and compliance standards relevant to PKI.

• Technical proficiency and hands-on experience with Certification Authorities (CAs) and certificate lifecycle management technologies.

• Knowledge of classic and PQC, asymmetric algorithms, and related cryptographic protocols and standards.

• Excellent written and verbal communication skills, with the ability to clearly explain complex technical concepts to non-experts and senior stakeholders.

• Demonstrated drive, dynamism, and a strong focus on achieving results, with a proven ability to handle high-stakes, mission-critical projects effectively