Senior PKI Infrastructure Security Engineer
Company: Fisher Investments
Location: Plano
Posted on: November 12, 2024
Job Description:
It's an exciting time to be a member of the Fisher Investments
Technology Department. We're investing in the future of our firm's
technology and are building our team to achieve global growth. We
are looking for a Senior PKI Security Engineer to support our
Corporate Systems team. If you are looking for an opportunity to
make a difference as we develop scalable and strategic solutions to
support our global growth, we want to hear from you!
The Opportunity:
As a PKI/KMS/HSM/Certificates Architect, Engineer, and Implementer
you will be responsible for administration, operation, upgrade and
support of Certification Authorities (CA), Registration Authorities
(RA), online responders, and Hardware Security Modules (HSM) of a
Microsoft Windows-based enterprise Public Key Infrastructure (PKI).
You will take an active leadership role in maintaining and
communicating PKI/KMS industry changes, advising and directing
leadership to ensure that PKI requirements are addressed. You will
ensure PKI systems align to the firms Information Security
policies, standards, and the industry best practices.
You will report to the Vice President, Infrastructure Security.
The Day-to-Day:
- Build a mature enterprise-wide certificate management services
and Public Key Infrastructure capabilities. Support the definition,
design, and deployment of enterprise PKI system
- Provide detailed specifications for PKI/KMS
infrastructure
- Provide roadmap guidance and recommendations to existing
environment and future landscape (including the assessment &
discovery work)
- Maintain detailed procedures, policies, baselines, and work
instructions for PKI & KMS administration, advise on
improvements
- An understanding of SSH, especially the configuration and use
of SSH keys for authentication
- Experience with technologies that heavily use TLS/SSL
encryption
- Represent PKI Engineering on organizational project teams and
ensure adherence to existing security policies and
standards
- Manage the successful technical delivery of Information
Security projects and services for our customers by working
directly with key business stakeholders, executives and project
teams
- Keep up on current technologies and maintain awareness of
industry trends and threats, focusing on PKI/PKE technologies
Your Qualifications:
- 8+ years of advanced hands-on experience in deploying,
configuring, and managing certificated lifecycle management (KMS),
Public Key Infrastructure (PKI), Certification Authorities (CA),
Hardware Security Modules (HSM), Registration Authorities (RA),
Root CA, Azure Key Vault, Thales, Venafi, Keyfactor, and Entrust
integration experience (PKI/HSM/KMS/CRL/CRT)
- Experience in Entrust, HashiCorp, Thales, DigCert, Venafi,
Keyfactor
- Individuals in this role must be well versed and educated in
common Information Security practices and the CISSP domains, and
have general Information Technology experience
- You can use these experiences and education to identify
opportunities for improvement of present information security
environment, focusing on PKI, encryption, and certificate-based
authentication solutions
- Expert level experience with PKI implementation and certificate
lifecycle management solution
- Expert level experience with hardware security module (HSM)
technology
- Expert level experience in MS Certificate Management Services
and Active Directory Domain Services
- Expert level experience in SSL certificate management concepts,
processes, and solution management
- Expert level experience in cloud solution development with
Azure architectures as it related to PKI management
- Excellent knowledge in PKI / HSM ecosystem (technology,
standards, implementations, & migration)
- Technical Skills:
- Public key infrastructure
- Strong authentication / multi-factor authentication
technologies
- CodeSigning
- Cryptographic services
- Encryption
- Certificate Management
- Data Protection
- Bachelor's degree in Information Assurance, Computer Science,
Cybersecurity, Information Systems or related field of
study
- Security industry certification is required including but not
limited to CISSP, SSCP, CISM, SANS GSEC, ECSA, ECSP, and
Security+
Why Fisher Investments:
We work for a bigger purpose: bettering the investment universe. We
take great pride in our inclusive culture, our learning and
development framework customized for every employee, and our Great
Place to Work Certification. It's the people that make the Fisher
purpose possible, and we invest in them by offering exceptional
benefits like:
- 100% paid medical, dental and vision premiums for you and your
qualifying dependents
- A 50% 401(k) match, up to the IRS maximum
- 20 days of PTO, plus 10 paid holidays
- Family Support programs including 8 week Paid Primary Caregiver
Leave, fertility, family forming, and hormonal health assistance
and back-up child, adult, and elder care
- $10,000 fertility, hormonal health and family-forming
benefit
- Opportunity to participate in our hybrid work from home
program. This program is subject to change. Based on tenure and
performance eligibility, you will have the opportunity to work from
home up to 75 days per year
FISHER INVESTMENTS IS AN EQUAL OPPORTUNITY EMPLOYER
Keywords: Fisher Investments, Grand Prairie , Senior PKI Infrastructure Security Engineer, Engineering , Plano, Texas
Didn't find what you're looking for? Search again!
Loading more jobs...