PKI Lead Engineer
$122.9k - $150kASM Research, An Accenture Federal Services Company
The PKI Lead Engineer serves as the senior technical authority for the design, implementation, and sustainment of enterprise Public Key Infrastructure services that enable secure authentication, encryption, and digital signatures across the client's IT environment. This role leads the lifecycle management of digital certificates and cryptographic keys, ensuring resilient, compliant, and well-governed PKI capabilities that protect sensitive information and support mission critical access control.
Key Responsibilities
Lead the design, implementation, and ongoing operations of enterprise PKI infrastructures, including root and subordinate certificate authorities, registration authorities, and associated hardware and software components.
Manage the full lifecycle of digital certificates and cryptographic keys for users, devices, applications, and services, including issuance, renewal, suspension, and revocation with strong controls and automation.
Develop, document, and enforce PKI policies, certification practice statements, standards, and procedures aligned to enterprise security and regulatory requirements.
Integrate PKI services with identity and access management platforms, directory services, network security controls, and secure application architectures to enable strong authentication and encryption.
Monitor, audit, and assess PKI infrastructure health and compliance, performing regular reviews, root cause analyses, and remediation activities to maintain high availability and integrity.
Lead the evaluation, selection, and implementation of PKI related tools, including certificate discovery, management, and automation solutions, and recommend improvements to strengthen cryptographic services.
Collaborate with security operations and application teams to analyze and respond to PKI related incidents, vulnerabilities, and findings, including support for penetration testing and secure code initiatives.
Provide expert guidance, training, and mentoring to engineers and developers on PKI usage, certificate management best practices, and secure cryptographic design patterns in enterprise environments.
Required Qualifications
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, or related technical discipline, or equivalent relevant experience.
Minimum of 8 years of experience in cybersecurity, security engineering, or network security roles, including significant hands-on exposure to PKI or cryptographic services.
Demonstrated experience designing, implementing, and operating enterprise PKI solutions, including certificate authorities, key management, and certificate lifecycle workflows.
Strong knowledge of authentication, authorization, and encryption concepts, including TLS, digital signatures, certificate based access control, and related standards (for example, X.509, OCSP, CRL).
Ability to obtain and maintain a Public Trust investigation, with US citizenship required in support of federal client requirements.
Proficiency with Unix/Linux or similar operating systems and enterprise infrastructure environments used to host PKI and security services.
Candidates must possess a current secret security clearance.
Preferred Qualifications
Advanced cybersecurity certifications such as CISSP, CISM, CISA, or CRISC demonstrating broad security architecture and governance expertise.
Experience integrating PKI with identity and access management platforms, federated identity standards (for example, SAML), and role based access control models in large enterprises.
Background supporting PKI and cryptographic services in complex federal or regulated IT environments with rigorous compliance requirements.
Handson experience with certificate discovery and management tools, hardware security modules, and automation frameworks for largescale certificate deployment.
Familiarity with secure software development practices, application security testing, and remediation of cryptographic vulnerabilities across web and service architectures.
Prior experience leading small technical teams or serving as a subject matter expert for enterprise security initiatives.
Job-Specific Skills
Enterprise PKI Architecture â?¯-- Designs and documents scalable PKI architectures, including root hierarchy, trust models, and integration patterns with enterprise systems.
Certificate Lifecycle Management â?¯-- Establishes and operates repeatable processes and automation for issuing, renewing, and revoking certificates for diverse identities and workloads.
Cryptographic Standards Expertise â?¯-- Applies industry cryptographic standards and algorithms to ensure strong encryption, signing, and key management practices in enterprise solutions.
Policy and Governance Development â?¯-- Authors and maintains PKI policies, standards, and certification practice statements, aligning them with organizational risk and compliance needs.
Security Integration Engineering â?¯-- Integrates PKI with identity, access management, network devices, and applications to enable secure, certificate based controls.
PKI Monitoring and Audit â?¯-- Implements monitoring, logging, and audit processes that provide visibility into PKI operations and support internal and external assessments.
Incident Response for PKI â?¯-- Leads investigation and remediation of PKI related incidents, including mis-issued certificates, key compromise, and cryptographic vulnerabilities.
Automation and Tooling â?¯-- Leverages scripting, configuration management, and PKI toolsets to streamline certificate issuance, enrollment, and inventory management.
Cross Functional Collaboration â?¯-- Works closely with security, infrastructure, application, and operations teams to align PKI capabilities with enterprise objectives and constraints.
Technical Mentorship â?¯-- Coaches junior engineers and developers on PKI concepts, secure implementation patterns, and operational best practices to uplift team capability.
Preferred Skills
Experience engineering PKI solutions in hybrid cloud and on premises environments, including integration with major cloud providers' identity and key management services.
Advanced scripting or automation capability (for example, PowerShell, Python, or similar) used to integrate PKI workflows with enterprise tooling and CI/CD pipelines.
Familiarity with certificate based network access control, VPN, and device authentication architectures in large, distributed environments.
Experience conducting PKI focused security assessments, including configuration reviews, key protection evaluations, and readiness for external compliance audits.
Compensation Ranges
Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.
EEO Requirements
It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.
All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age. All decisions on employment are made to abide by the principle of equal employment.
Physical Requirements
The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties' or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions.
Disclaimer
The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.
$122,900 - 150,000
EEO Requirements
It is the policy of ASM that an individual's race, color, religion, sex, disability, age, gender identity, veteran status, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.
All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, veteran status, disability, gender identity, or age. All decisions on employment are made to abide by the principle of equal employment.
- ...agile team that's constantly pushing the envelope to enhance, build, and deliver top-notch technology products. As a Senior Lead Software Engineer at JPMorganChase within the CDAO's AI/ML Data Platform's team, you are an integral part of an agile team that works to...SuggestedFor contractors
- ...agile team that's constantly pushing the envelope to enhance, build, and deliver top-notch technology products. As a Senior Lead Software Engineer at JPMorganChase within the CDAO's AI/ML Data Platform's team, you are an integral part of an agile team that works to...SuggestedFor contractors
- ...have an opportunity to impact your career and provide an adventure where you can push the limits of what's possible. As a Lead Software Engineer at JPMorganChase within Network Services team, you will take technical ownership of core services in a multi-vendor CDN...Suggested
- ...agile team that's constantly pushing the envelope to enhance, build, and deliver top-notch technology products. As a Senior Lead Software Engineer at JPMorganChase within the VPC Network organization, you provide deep engineering expertise and work across agile teams to...Suggested
- ...Your role will be instrumental in shaping the future at one of the world's largest and most influential companies. As a Lead Infrastructure Engineer at JPMorgan Chase within the Network Connectivity Services team, you will support operations, governance, and control...SuggestedWork at office
$38.25 - $45 per hour
...Overview Job Title: Lead Operating Engineer Job Description Summary Responsible to ensure the proper efficient operations and maintenance of the mechanical, electrical and plumbing systems for the assigned facility. The performance of all necessary maintenance and operational...Hourly payMinimum wageFor contractorsApprenticeshipWork at officeLocal areaImmediate startFlexible hoursShift work$43 - $48 per hour
...Learn more about American University Department: Operating Engineering 1 Time Type: Full time Job Type: Regular... ...Union: Excluded Job Description: Summary: The Lead Operating Engineer serves as a Team Lead and oversees the work...Hourly payFull timeLocal areaShift workAfternoon shift- Technical Lead Marine Engineer - Position Description Join a team that’s shaping the future of Navy support. ICI Services—an employee-owned company proudly celebrating 26 years of excellence—is seeking a Lead Technical Marine Engineer to join our team in Washington, DC...Temporary workFor contractorsImmediate startFlexible hours
- ...Your role will be instrumental in shaping the future at one of the world's largest and most influential companies. As a Lead Infrastructure Engineer at JPMorganChase within the Network Connectivity Services team, you apply deep knowledge in optical transport...
- ...JOB DESCRIPTION We're looking for a talented infrastructure engineer who thrives on solving complex challenges at scale. This is an... ...career alongside some of the best minds in the industry. As a Lead Infrastructure Engineer at JPMorgan Chase within the Network Services...Contract work
- ...JPMorgan Chase, you'll tackle complex challenges at scale with the support, tooling, and freedom to grow alongside top engineering talent. As a Lead Infrastructure Engineer at JPMorgan Chase within the Network Services Infrastructure Platform team, you will be...
- ...Overview: Lead Software Engineer, Full Stack Position Responsibilities 5 DAYS ON SITE CONTRACT TO HIRE ROLE (NO SPONORSHIP) JSCRIPT/REACT FRONT-END GO- BACKEND About the Role seeking a talented Lead Full Stack Software Engineer to join our forward...Full timeContract workTemporary workWork at office
- ...Offer Management tech team, onshore with 3 members and offshore with 15. The team is composed of a PM, Delivery Lead, Developers/QA, and Cloud DevOps Engineer. Top responsibilities for this position include: Design and develop reusable Microservice capabilities...
- ...Lead Cybersecurity Engineer We are looking for an experienced Lead Cybersecurity Engineer to join our Randstad Digital client's team in Washington, D.C. In this role, you will play a pivotal role in enhancing our cybersecurity posture. Your responsibilities will include...Long term contract
$140.69k - $150.69k
...and inclusion are core to our business. Join Evolent for the mission. Stay for the culture. What You’ll Be Doing: Lead Software Engineer (Arlington, VA) – Telecommuting Permissible. (multiple positions). Lead the design, development, and delivery of large-scale...Immediate startRemote work- Front End React Developer Looking for a front end React developer with Node.js experience. Minimum 5 years of experience. Required skills include ReactJS for 3 years and Node.js for backend. Typescript is also required. Basic qualification and additional skills are ...
- ...professionals for this role. Planet Technologies, the Nation’s leading Microsoft services provider to the public sector, is looking... ...lead cloud role and a bachelor’s degree in computer science, engineering, or related field; or equivalent work experience. ~ Deep...Work experience placement
- ...Description Hybrid 2 Days Onsite/3 Days Remote in Washington, DC Our client seeks a Lead Cybersecurity Engineer to design and implement enterprise security solutions across a hybrid federal environment. The role will lead engineering initiatives spanning threat detection...Remote workNight shift
$209k - $238.5k
A leading financial services company is seeking a Sr Lead Software Engineer to lead technology projects and a team of developers. This role requires expertise in programming languages such as JavaScript and cloud computing with AWS. The ideal candidate will have a Bachelor...Remote work$161k - $266k
...Lead Software Engineer Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure...Full timePart timeFlexible hours$120k - $190k
Lead Security Engineer, #1073 Security Requirement: U.S. Citizenship required Work Location: Suitland, MD We are seeking a Subject Matter Expert (SME)-level Lead Security Engineer to lead application security across a large-scale, cloud-native federal modernization...Work at officeRemote workFlexible hours- ...Lead Security Engineer This position supports Revolutional's federal customer as part of an application transformation and modernization initiative. This program is driving a large-scale transformation of systems into a data-centric, cloud-native ecosystem capable...For contractors
- ...Lead Security Engineer Job Description Overview CoStar Group is a leading global provider of commercial and residential real estate information, analytics, and online marketplaces. Included in the S&P 500 Index, CoStar Group is on a mission to digitize the...Hourly payFull timeWork at officeWork from homeMonday to Thursday
$103.71k - $138.28k
...and hands‑on position requiring the selected candidate to both lead and participate in multiple team environments and to provide independent... ...knowledge and experience in system architecture and engineering disciplines. Specific technical knowledge of enterprise level networking...Temporary workRemote work$127.5k - $276.2k
...Lead Security Engineer Category: Software Development/ Engineering Main location: United States, District of Columbia, Washington Position ID: J0626-1754 Employment Type: Full Time Position Description: The Lead Security Engineer is the enterprise...Full timeWork at officeLocal area- A leading provider of real estate information is seeking a Lead Security Engineer in Arlington, VA. The ideal candidate will have over 10 years of experience in Information Security and a strong background in incident response and technical assessments. The role requires...
- ...have an opportunity to impact your career and provide an adventure where you can push the limits of what's possible. As a Lead Software Engineer at JPMorgan Chase within the Core Foundational Platforms team, you are an integral part of an agile team that works to...
$101.9k - $200k
...a range of pathways that help learners achieve their goals and lead a choice-filled life. Our culture values inclusion, engagement... ...you'll do here: In your role as Technology Lead, Experience Engineering within our Digital organization, you are responsible for...Work experience placementLive inLocal areaWorldwide$114.1k - $268.18k
...development opportunities, a world-class training facility, and leading market tools, we help our people continue to grow both... ...professional certifications (for example:SailPoint Certified IdentityNow Engineer) are preferred Provenapplication onboarding and migration...Full timeH1bLocal area$140k - $155k
...the members of the Seneca Nation. Clear Creek Federal is seeking a Lead Security Enginee r in Washington, D.C. The ideal candidate is a highly skilled and experienced Lead Security Engineer. The successful candidate will lead a team of three security engineers and...Full timeContract workFlexible hours
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to PKI Lead Engineer. Be the first to apply!



