Senior Certificate Engineer (PKI / Active Directory)
$85k - $121.4kGainwell Technologies
Senior Certificate Engineer (PKI / Active Directory)
Be part of a team that unleashes the power of leading-edge technologies to help improve the health and well-being of those most vulnerable in our country and communities. Working at Gainwell carries its rewards. You'll have an incredible opportunity to grow your career in a company that values work flexibility, learning, and career development. You'll add to your technical credentials and certifications while enjoying a generous, flexible vacation policy and educational assistance. We also have comprehensive leadership and technical development academies to help build your skills and capabilities.
Summary: We are seeking a highly skilled Senior Certificate Engineer to design, implement, and manage enterprise Public Key Infrastructure (PKI) solutions. This role will focus on Active Directory Certificate Services (AD CS), public certificate authority integrations, and end-to-end certificate lifecycle management across hybrid environments. The ideal candidate has deep expertise in Microsoft PKI architecture, certificate automation, and identity/security integration, along with experience working with public CAs (e.g., DigiCert, Entrust, Sectigo) in a large-scale enterprise environment.
Your Role In Our Mission
PKI Architecture & Engineering
- Design and maintain enterprise PKI solutions, including offline root CAs, issuing CAs, and certificate policies
- Lead PKI modernization efforts, including hybrid and cloud-integrated certificate services
- Architect solutions that support high availability, scalability, and security compliance
Active Directory Integration
- Implement and manage Active Directory Certificate Services (AD CS)
- Configure and maintain: Certificate templates Group Policy-based auto-enrollment CRL distribution points (CDPs) and AIA locations
- Integrate PKI with Active Directory, Azure AD, and hybrid identity environments
Public Certificate Authority Management
- Manage enterprise relationships and integrations with external/public CAs
- Oversee procurement, issuance, renewal, and revocation of public SSL/TLS certificates
- Integrate public CA services into automation workflows and enterprise platforms
Certificate Lifecycle Management
- Manage certificate lifecycle processes including: Issuance Renewal Revocation Expiration monitoring
- Implement automation using tools such as: PowerShell ACME / EST / SCEP protocols Certificate management platforms
Security & Compliance
- Ensure PKI solutions meet enterprise security policies and regulatory requirements (e.g., NIST, CIS, HIPAA, PCI)
- Conduct risk assessments related to certificate usage and cryptographic standards
- Maintain secure key management practices, including HSM integration where applicable
Operations & Troubleshooting
- Provide Tier 3 escalation support for PKI and certificate-related issues
- Troubleshoot: Authentication failures (TLS, smart card, etc.) Certificate chain issues Revocation and CRL distribution problems
- Develop monitoring, alerting, and reporting for certificate health and usage
Automation & Innovation
- Develop and maintain automation scripts and workflows for certificate deployment and management
- Integrate PKI processes with: ServiceNow Azure services DevOps pipelines
- Drive adoption of modern certificate management solutions and practices
What We're Looking For
- Bachelor's degree in Computer Science, Information Technology, or related field (or equivalent experience)
- 7+ years of experience in: Enterprise PKI engineering Active Directory administration
- Strong experience with: Active Directory Certificate Services (AD CS) Windows Server environments Public certificate authorities (DigiCert, Entrust, Sectigo, etc.)
- Proficiency in scripting and automation (PowerShell preferred)
- Deep understanding of: X.509 certificates TLS/SSL protocols Cryptographic algorithms and standards
What You Should Expect In This Role
- Remote position (US continental only)
- Opportunities to travel through your work (0-10%)
- Video cameras must be used during all interviews, as well as during the initial week of orientation
- The deadline to submit applications for this posting is 7/30/2026
- The pay range for this position is $85,000.00 - $121,400.00 per year, however, the base pay offered may vary depending on geographic region, internal equity, job-related knowledge, skills, and experience among other factors.
Put your passion to work at Gainwell. You'll have the opportunity to grow your career in a company that values work flexibility, learning, and career development. All salaried, full-time candidates are eligible for our generous, flexible vacation policy, a 401(k) employer match, comprehensive health benefits, and educational assistance. We also have a variety of leadership and technical development academies to help build your skills and capabilities.
We believe nothing is impossible when you bring together people who care deeply about making healthcare work better for everyone. Build your career with Gainwell, an industry leader. You'll be joining a company where collaboration, innovation, and inclusion fuel our growth. Learn more about Gainwell at our company website and visit our Careers site for all available job role openings. Gainwell Technologies is committed to a diverse, equitable, and inclusive workplace. We are proud to be an Equal Opportunity Employer, where all qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical condition), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We celebrate diversity and are dedicated to creating an inclusive environment for all employees.
- As a Systems Engineer supporting the Government, you will be a part... ...digital identities, Virtual Directory, PKI, Access Control, and more to... ...towards mission success Active TS/SCI clearance and ability... ...Term Life Insurance Tuition, Certification & Professional Development...SeniorTemporary workRelocation package
$130.8k - $209.4k
...health, and security of Active Directory, including forests, domains... ..., and secure enterprise PKI (ADCS), including certificate lifecycle, template governance... ...related tooling. Act as senior escalation point and technical mentor for other engineers. Participate in...Senior- ...to demonstrate true proficiency in: Active Directory (enterprise scale) Active Directory Certificate Services (ADCS) Public Key Infrastructure (PKI) Active Directory Federation... ...role is approximately 50% automation/engineering and 50% operations. Why this matters...Suggested
- ...providers across six states. POSITION SUMMARY: The Senior Systems Engineer - Active Directory / Azure will be part of an experienced team of... ...preferred. ~ Microsoft / MCSE / Azure Training or Certification, preferred. Knowledge, Skills & Abilities:...SeniorRemote work
$148.75k - $201.25k
...Operations Job Qualifications: Skills: Active Directory (AD), Azure Active Directory (AD), Systems Design, Systems Engineering Certifications: None Experience: 10 + years of related... ...Citizenship Required: Yes Job Description: Senior Active Directory Engineer Advance how...SeniorFull timeTemporary workImmediate startRemote workWorldwideFlexible hours- The Matlen Silver Group, Inc. is seeking a highly skilled Active Directory / Group Policy Engineer in Charlotte, NC. The ideal candidate will be responsible for designing and implementing complex Active Directory solutions, providing escalation support, and working within...Senior
- An innovative IT consulting firm in Maryland seeks a Systems Engineer to support the Government in engineering IDAM technologies. Responsibilities include overseeing technical projects and providing consultation on systems. Candidates must have 10 years of relevant experience...Senior
- UOB is seeking a skilled Windows Infrastructure Engineer with over 10 years of experience in managing Windows environments. The role involves administering Active Directory, integrating Microsoft 365, and ensuring high availability and performance. Candidates must have...Senior
- KellyMitchell Group is looking for a PKI Engineer to join their team in Spring, Texas. This on-site position involves designing... ...solutions. Ideal candidates are experienced with Active Directory, PKI certificates, and Infrastructure as Code tools like Terraform. The role...Senior
- ...solutions provider is seeking a Senior Identity Management R&D Engineer to design and develop identity and... ...The role requires expertise in Active Directory, PKI, and security compliance within... ...engineering skills and relevant certifications in cybersecurity. This position...Senior
$130.8k - $209.4k
Moderna is looking for an experienced engineer for its Cambridge technology hub to oversee the architecture and health of Active Directory and Windows Server environments. The ideal candidate will have extensive experience in managing authentication, security controls,...Senior- Business Integra Inc is looking for an Active Directory Specialist to support a Federal services contract in Arlington, VA. The role requires extensive experience managing Active Directory in a multi-domain environment, along with troubleshooting and system administration...SeniorContract work
- ...currently is seeking a Senior Azure AD / Entra ID Engineer to provide advanced engineering... ...and ATC documentation activities, including security... ...solutions in hybrid Active Directory environments (on-prem AD... ...Qualifications Certifications: Relevant Microsoft identity...SeniorFull timeRemote work
$122k - $184k
...accessible and affordable across the nation. Position Overview: Our rapidly evolving IT department is in search of an Active Directory Senior Engineer with excellent time management skills and a proven track record of setting and meeting results‑oriented goals. The role...SeniorFull timeWork at office$122k - $184k
Freddie Mac is looking for an Active Directory Senior Engineer in McLean, Virginia. This role focuses on ensuring the stability and security of Active Directory systems, providing technical leadership, automation, and process engineering. The ideal candidate will have...Senior$103.7k - $140.3k
A leading technology services provider in Washington, DC is seeking a Directory Services System Administrator to manage and troubleshoot Active Directory and provide support for identity access systems. The role requires a Bachelor’s degree in Computer Science or a related...SeniorFlexible hours$101.55k - $120.71k
...Systems Engineer Principal Advance how our customers operate while you advance your... ..., and optimization of Army Active Directory (AD) systems. Active Directory Engineering... ...years of related technical experience Certifications : IASAE III (CISSP ISSAP, CISSP ISSEP,...Work at officeRemote work$119k - $161k
...Qualifications: Skills: Active Directory (AD), Microsoft Windows... ..., Working Independently Certifications: CompTIA Security+ CE |... ...ACTIVE DIRECTORY SYSTEMS ENGINEER Designs and defines system... ...Azure AD, Group Policies, DNS, PKI, Microsoft PowerShell,...Temporary workImmediate startRemote workWorldwideFlexible hours- Position Overview We are seeking a seasoned Active Directory Engineer with over 5 years of experience to support... .... Preferred Qualifications Microsoft certifications (e.g., MCSA, MCSE, Azure Administrator). Experience with PKI, LDAP, Kerberos, and SAML. Knowledge of identity...Local area
$135k - $182.1k
Job Title: Senior Directory Services Analyst Job Summary We are seeking... ...identity platform across on‑prem Active Directory, LDAP’s, and... ...Lead architecture, engineering, and operations for Active... ...fundamentals (TCP/IP, firewalls, TLS, certificates, PKI as it relates to identity)....SeniorShift workDay shift- Peraton is seeking an Active Directory Administrator to manage operating systems and directory services within the organization. The candidate will be responsible for administering, developing, testing, implementing, and maintaining system operations, focusing on Directory...Senior
$150k
...seeking a highly skilled Active Directory Architect / Engineer to review, re‑architect,... ...Architect, Engineer, or Senior Administrator in complex... ...Privilege. Working knowledge of PKI, ZTNA, secure enclaves,... ...platforms. Desired Certifications Microsoft Certified: Identity...For contractors- ...standalone company, we combine deep engineering expertise with the speed and... ...We are seeking a highly skilled Active Directory Operations Engineer to manage, operate... ...controls. Maintain and support PKI infrastructure including certificate authorities, templates, and...Relocation package
- The Fayette Chamber of Commerce is seeking a professional to advance certificate automation across the enterprise, focusing on deployment, installation, and validation across multiple platforms. You will partner with various teams to enhance security and eliminate manual...Senior
$147k - $184k
As a Sr. PKI Engineer I, you’ll work as part of a collaborative and high-performing team... ...customer trust and confidence with your active directory knowledge and skills. Creatively... ...knowledge of cryptographic principles, certificate lifecycle management, and key management...SeniorFull timeWork experience placementLocal areaFlexible hours- Job Title: Active Directory Engineer Location: Springfield, VA Onsite – onsite Security Clearance: Top Secret Responsibilities... ...proficiency with SCOM and SCCM Microsoft MSCE certification (desired) Familiarity with DoS processes (desired) Microsoft...Local area
- ...Responsibilities: ? Troubleshooting skills with Active Directory Infrastructure, Azure AD, Group Policies, DNS, PKI, Microsoft PowerShell, Windows Server 2008R2, 2... ...10 ? Experience with architecting and engineering enterprise level solutions ? Ability to quickly...
- ...A client of Insight Global is seeking an Active Directory Engineer to join their Cloud Infrastructure / Identity team. This is an engineer-... ...tools (ServiceNow) and Agile tooling (Jira) • Relevant certifications: Microsoft identity-focused certifications or equivalent...
$85k - $100k
...Active Directory Engineer The L2 Engineer for On-Premises and Azure Active Directory is responsible for maintaining the stability, performance... ...Sentinel, Defender for Identity, or equivalent. Certifications (Preferred): Microsoft Certified: Identity and...- ...Role Summary The Windows Active Directory Engineer is responsible for stabilizing, securing, and modernizing the enterprise Active Directory... .../ ESAE, Tiered Admin Model, and Zero Trust identity. Certifications: Microsoft Identity & Access Administrator (SC-300),...Immediate start
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Certificate Engineer (PKI / Active Directory). Be the first to apply!
- senior licensing manager United States
- senior cloud service delivery manager United States
- senior business analyst contract United States
- senior product design engineer United States
- senior game producer United States
- senior software manager United States
- senior creative strategist United States
- senior manager business analytics United States
- senior marketing account manager United States
- senior internal tool engineer United States

