PKI Engineer, Senior
$139k - $159kASM Research, An Accenture Federal Services Company
The PKI Engineer, Senior designs, implements, and operates enterprise Public Key Infrastructure services that underpin secure authentication, encryption, and digital signatures across mission-critical systems. The role serves as the primary technical authority for certificate lifecycle management, key management, and trust architectures spanning on-premises and cloud environments. The engineer defines PKI standards, policies, and integration patterns for applications, devices, and identities, and leads troubleshooting, modernization, and automation initiatives to keep cryptographic services resilient, scalable, and audit-ready in a highly regulated federal IT environment.
Key Responsibilities
Architect and maintain enterprise PKI solutions, including certificate authorities, registration authorities, OCSP/CRL distribution, and hardware security modules, ensuring high availability and crypto-agility.
Oversee end-to-end certificate lifecycle management for users, services, devices, and workloads, including automated issuance, renewal, revocation, and inventory across hybrid and multi-cloud environments.
Design PKI trust models and integration patterns for TLS/SSL, S/MIME, code signing, VPN, Wi-Fi, and device authentication in support of zero-trust access and strong identity assurance.
Implement and enforce PKI security policies, certificate policies, and certification practice statements, aligning configurations with applicable government and industry cryptographic standards.
Build PowerShell or Python automation, APIs, and tooling to streamline PKI operations, monitoring, key rotation, and compliance reporting at enterprise scale.
Lead incident response for certificate-related outages or compromises, including rapid revocation, re-issuance, key rotation, and coordination with security operations and incident response teams.
Collaborate with identity, network, and application security architects to embed PKI requirements into new platforms and remediate legacy or non-compliant cryptographic implementations.
Guide risk assessments and audits focused on cryptographic controls, producing remediation roadmaps to address algorithm deprecation, weak ciphers, and end-of-life PKI components.
Required Qualifications
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field, or equivalent relevant experience.
8+ years of experience in cybersecurity engineering or closely related roles, including at least 5 years focused on PKI architecture and operations.
Strong background in cybersecurity, network security, and information systems, with deep understanding of standards-based security architectures, identity services, and device profiling.
Demonstrated expertise with enterprise PKI platforms, certificate lifecycle management, hardware security modules, and related tooling across on-prem and cloud environments.
Proficiency with automation and scripting (such as PowerShell or Python) to manage PKI operations, monitoring, and reporting at scale.
Excellent problem-solving, analytical, communication, and interpersonal skills, with the ability to manage multiple initiatives and incident responses effectively.
Ability to obtain and maintain a SECRET clearance; U.S. citizenship required.
Less than 10% travel required.
Preferred Qualifications
Experience engineering PKI for large federal or defense environments, including integration with smart cards, PIV/CAC, and enterprise identity governance platforms.
Professional certifications such as CISSP, CCSP, or vendor PKI/cryptography credentials demonstrating advanced knowledge of applied cryptography and key management.
Experience leading cryptographic modernization programs (for example, algorithm migrations, key-length upgrades, or post-quantum-readiness initiatives).
Familiarity with zero-trust architectures and how PKI enables strong device, user, and service identity within those models.
Compensation Ranges
Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.
EEO Requirements
It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.
All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age. All decisions on employment are made to abide by the principle of equal employment.
Physical Requirements
The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties' or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions.
Disclaimer
The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.
$139k - $159k
EEO Requirements
It is the policy of ASM that an individual's race, color, religion, sex, disability, age, gender identity, veteran status, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.
All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, veteran status, disability, gender identity, or age. All decisions on employment are made to abide by the principle of equal employment.
- ...The PKI Engineer, Mid designs, implements, and maintains enterprise public key infrastructure services that underpin secure authentication, encryption, and digital signatures for mission-critical systems. The role owns certificate lifecycle management processes, ensuring...SuggestedContract workWork at office
- ...Senior Boundary Engineer Montgomery, the perfect blend of charming southern town and vibrant new south city. The community of Montgomery, Alabama, is known as the Capital of Dreams. Named for Richard Montgomery, it is located on the Alabama River, in the Gulf Coastal...SeniorContract workFlexible hoursShift workRotating shiftDay shiftAfternoon shift
- JOB TITLE Hyundai America Technical Center, Inc. (HATCI) is seeking a Senior Engineer for the Production Vehicle Optimization (PVO) Team.The PVO Team is a part of the Vehicle Engineering Department, which focuses on optimizing North American produced vehicles for...SeniorFor contractorsFlexible hours
- A leading healthcare technology company is seeking an experienced software engineer to design and develop scalable applications. The position involves working in an agile environment, mentoring junior engineers, and creating engineering specifications. Candidates should...SeniorRemote work
- ...Senior Legacy Systems Engineer Bluewater Federal is looking for a Senior Legacy Systems Engineer to support the USAF at Maxwell AFB. The Base Maintenance (BMx) Family of Systems program provides critical lifecycle support for enterprise U.S. Air Force logistics...SeniorFor contractors
$102k - $148k
...Senior Storage EngineerRemote - United StatesJR013751 At Ensono, our Purpose is to be a relentless ally, disrupting the status quo... ...About the role and what you’ll be doing: The Senior Storage Engineer function ensures the stability, integrity, and efficient operation...SeniorFull timeTemporary workWork experience placementRemote workWork from homeFlexible hours$100k - $130k
SitusAMC is seeking a Quality Assurance Specialist in Montgomery, Alabama, with a strong background in QA for technology products. The ideal candidate will possess over 6 years of experience, focusing on testing standards and collaboration with cross-functional teams. ...SeniorRemote work- ...the bank, we're involved. If you want to make an impact on a global scale, come make a difference at Fiserv. Job Title Senior Systems Engineer (Tandem NonStop) About your role: We are seeking a Senior Systems Engineer to provide technical solutions in a highly...SeniorWork experience placementNight shift
- ...Systems Engineer
