key Requirements
5 years experience in similar positionJob Description
We are seeking a highly skilled Cybersecurity & PKI Architect to lead the design, implementation, and governance of enterprise-grade security infrastructure and Public Key Infrastructure (PKI) solutions. The successful candidate will be responsible for designing secure authentication frameworks, certificate management systems, cryptographic services, smart card security architectures, device identity management, and secure communications for large-scale distributed environments. The ideal candidate should possess deep expertise in PKI, cryptography, secure device enrollment, hardware security modules (HSMs), digital certificates, and Zero Trust security architectures.
Responsibilities:
- Design and implement enterprise cybersecurity and Zero Trust architectures for distributed systems, connected devices, and transaction-processing platforms.
- Architect and manage enterprise PKI solutions, including certificate lifecycle management, trust hierarchies, cryptographic services, and key management processes.
- Design secure identity, authentication, and access management frameworks for users, devices, smart cards, and machine-to-machine communications.
- Develop security architectures for embedded devices, edge platforms, secure boot, code signing, firmware integrity, and secure software update mechanisms.
- Integrate PKI, HSM, KMS, IAM, and security monitoring solutions to ensure secure communications and data protection.
- Conduct threat modeling, security architecture reviews, risk assessments, and vulnerability remediation activities.
- Ensure compliance with cybersecurity standards, governance requirements, and industry best practices.
- Produce security architecture documentation, policies, and operational procedures while providing technical leadership and guidance to cross-functional teams.
Requirements:
- Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Security, Computer Engineering, IT, or a related field.
- Minimum 5 years of cybersecurity experience, including at least 5 years of hands-on PKI architecture and implementation experience.
- Proven experience designing enterprise PKI, certificate management, and cryptographic security solutions.
- Experience with smart card technologies, secure identity management, device authentication, and distributed systems security.
- Hands-on experience in security architecture reviews, threat modeling, and risk assessment.
Technical Skills:
- Strong expertise in PKI, X.509 certificates, certificate lifecycle management, trust models, and cryptographic technologies (RSA, ECC, AES, TLS/mTLS, Digital Signatures).
- Experience with certificate management protocols (SCEP, EST, OCSP, CRL, CMPv2), HSMs, KMS, IAM, and enterprise PKI platforms.
- Hands-on experience with OpenSSL, EJBCA, HashiCorp Vault, or similar security solutions.
- Familiarity with Docker, Kubernetes, cloud-native security, SSDLC, SIEM, network security, and Zero Trust architectures.
Competencies:
- Strong analytical, problem-solving, and risk assessment skills.
- Excellent communication and technical documentation abilities.
- Ability to lead security initiatives and collaborate across technical and business teams.
- Strong commitment to security best practices, governance, and continuous learning.
Preferred Qualifications:
- Professional certifications such as CISSP, CISM, CCSP, CEH, PKI Professional, or HSM-related certifications.
- Experience with national-scale PKI infrastructures, smart card authentication, embedded device security, HSM deployment, secure boot, code signing, and high-availability PKI environments.
- Experience in payment, transaction-processing, or large-scale distributed systems security.
Job Requirements
ثبت مشکل و تخلف آگهی
ارسال رزومه برای به پرداخت ملت
مقایسه من با سایر متقاضیان