IT Security Analyst-PKI

About the Role

We are seeking an experienced IT Security Analyst PKI to join our IT Security Operations team. This role is primarily responsible for administering and supporting the organization’s Public Key Infrastructure (PKI) and certificate lifecycle management platforms. The ideal candidate will have hands-on experience with Microsoft PKI, certificate lifecycle management tools such as Keyfactor or Venafi, and external Certificate Authorities. Experience with Email Security and Web Application Firewall (WAF) technologies is considered a plus.

Roles and Responsibilities

Public Key Infrastructure (PKI)

• Administer and support enterprise PKI infrastructure and certificate lifecycle management platforms.
• Manage certificate issuance, renewal, revocation, and replacement activities.
• Create and maintain certificate workflows, templates, reports, and automation processes.
• Monitor certificate lifecycles and proactively address certificate expiration risks.
• Support integrations for certificate automation through Keyfactor, Venafi, or similar platforms.
• Maintain and support Microsoft PKI environments, SCEP services, and Certificate Revocation Lists (CRLs).
• Coordinate with external Certificate Authorities such as DigiCert, GlobalSign, and Entrust.
• Troubleshoot certificate-related incidents and resolve issues across all levels of support.
• Develop and maintain operational documentation, technical procedures, and Standard Operating Procedures (SOPs).
• Support compliance, audit, and risk management activities related to PKI controls.

Email Security (Good to Have)

• Support enterprise email security platforms such as Check Point Harmony Email & Collaboration.
• Assist with troubleshooting SPF, DKIM, and DMARC configurations.
• Support Microsoft 365 messaging security initiatives.

Web Application Firewall (WAF) (Good to Have)

• Support enterprise WAF platforms such as Imperva WAF.
• Assist with application onboarding and troubleshooting WAF-related issues.
• Support policy tuning and application security initiatives.

Skills and Qualifications

Required:

• 4+ years of experience in Information Security, Infrastructure Security, PKI Administration, Network Security, or Cybersecurity.
• Proven expertise administering and supporting enterprise PKI environments.
• Hands-on experience with Microsoft PKI infrastructure.
• Experience with certificate lifecycle management platforms such as Keyfactor, Venafi, or similar solutions.
• Experience managing certificate issuance, renewal, revocation, and automation processes.
• Familiarity with SCEP, CRLs, certificate templates, and certificate enrollment services.
• Experience working with external Certificate Authorities such as DigiCert, GlobalSign, and Entrust.
• Strong understanding of PKI concepts, digital certificates, cryptography, and certificate management best practices.
• Experience working in mid-to-large enterprise environments.
• Strong troubleshooting skills and experience with ServiceNow or similar ticketing systems.
• Ability to write and maintain clear Standard Operating Procedures (SOPs).
• Experience supporting compliance and audit initiatives (e.g., SOX, NIST CSF, PCI DSS).
• Ability to collaborate effectively with cross-functional teams and vendors.
• Ability to work in a 24/7 operational environment.

Preferred:

• Bachelor’s degree in information technology, Cybersecurity, Computer Science, or a related discipline.
• Experience with Check Point Harmony, Proofpoint, Mimecast, or Microsoft Defender for Office 365.
• Experience with Imperva WAF or similar Web Application Firewall technologies.
• Experience supporting cloud-based certificate management solutions in Azure and/or AWS.
• Experience with ServiceNow ITSM processes and workflow automation.

Certifications:

• Keyfactor or Venafi product certifications (preferred).

• CompTIA Security+.

Shift Timing:

  • Work hours may vary, and the position may require availability during off-business hours as dictated by project needs, system changes, or security events.