Distinguished Engineer, Platform Security Engineering- PKI and Certificate Management (REMOTE)

As a Distinguished Engineer, you will collaborate with our Sr Staff, Staff, and Sr. Engineers to innovate and construct new systems, enhance existing ones, and discover fresh opportunities to apply your specialized knowledge in PKI and Certificate Management to resolve critical issues. You will spearhead the strategy and execution of a technical roadmap that accelerates product delivery and unlocks new engineering capabilities. Your leadership will be crucial in the design, implementation, and maintenance of a robust PKI framework, ensuring secure authentication and encrypted communication throughout the organization.

Position Responsibilities

· Lead the development and execution of PKI and certificate management strategies across the enterprise.

· Ensure the quality, usability, and performance of cryptographic solutions.

· Influence and educate leadership on the importance of PKI and secure data practices.

· Share best practices and improve processes for PKI management within and across teams.

· Manage the certificate lifecycle efficiently, including issuance, renewal, and revocation.

· Implement tokenization and encryption solutions to minimize sensitive data exposure.

· Stay updated on emerging trends in cryptography and apply this knowledge to enhance data protection strategies.

· Provide technical guidance and mentorship, fostering a culture of innovation and continuous improvement.

· Collaborate with cross-functional teams to integrate PKI solutions seamlessly with organizational goals.

· Build resilient and scalable PKI architectures, driving innovation and cost efficiency.

Qualifications

· Profound expertise in cryptographic protocols, digital certificates, and encryption standards such as X.509, TLS, and AES.

· Demonstrated experience in designing and implementing resilient, scalable, and efficient PKI solutions.

· Strong problem-solving abilities with a proactive approach to security risk mitigation.

· Excellent communication skills for conveying technical concepts to diverse stakeholders.

· Desirable certifications: CISA, CISSP, CISM.

· Extensive experience with Kubernetes (K8s) and cloud platforms, particularly Azure.

· Expertise in building and evolving CI/CD tools and pipelines using technologies such as Bazel, Terraform, and Argo CD/Workflows/Rollouts.

· Proficient in implementing and utilizing infrastructure observability and monitoring tools like Grafana, Prometheus, OpenTelemetry, and eBPF.

· In-depth experience with PostgreSQL, including its native replication mechanisms.

· Strong software engineering skills, with a preference for experience in Go.

Experience

· 10+ years in security engineering with a focus on PKI and Certificate Management.

· 8+ years in security, encryption, architecture, and design with PKI specialization.

· 6+ years with open-source frameworks related to security and PKI.

· 4+ years with cloud services and their security aspects, preferably with experience …