GCS PKI Engineer, Vice President
Kilkenny
State Street
State Street provides investment servicing, investment management, investment research and trading services to institutional investors worldwide.Make Your Mark. Advance your career at State Street.
We are excited to see that you are reviewing career opportunities available at State Street. Follow the tips below when applying. If this opportunity is not right for you – perhaps you may want to refer a friend?
Are you advancing your own career?
After clicking “Apply” you will be able to update your Education and Job History. Use it to highlight courses, certifications, achievements or projects you have participated in at State Street. To make updates, go to the Career section of your Profile and edit it manually or by using the “Upload My Experience” option. Remember to review all new entries in your profile and make sure resume information was parsed correctly.
Before applying, please click here to read State Street’s Internal Mobility Policy. (For China, click here )
Are you referring a friend?
Please use the “Refer” button on the right. If you have any questions about the process please visit the corporate intranet and type in Refer a Friend into the search bar.
Job Description
The PKI technical engineer candidate will work to evolve and consolidate PKI infrastructure throughout the enterprise. The PKI Engineer candidate will drive the development of PKI solutions to meet security and business requirements. The PKI Engineer candidate must possess a strong understanding of the concepts of cryptography such as Symmetric/asymmetric cryptography, Secure hash functions, Digital signatures, SSL/TLS
The candidate must possess strong understanding of security best practices.
Responsibilities will include:
- Support and enhance company wide PKI services using current Certification Authorities (CAs) and Registration Authorities
- Design, implement Orchestration and Automation of Enterprise certificate management
- Design, implement Enterprise Code Signing Services
- Provide consulting and guidance to application teams around cryptographic technologies
- Design secure vaulting solutions using Hardware Security Modules (HSM) and Key Management systems (KMS)
- Support Simple Certificate Enrollment Protocol (SCEP) servers
- Design, test, implement changes in the PKI Infrastructure
- Interface with vendors that provide security/encryption services to the company
- Lead the definition and implementation of POCs around PKI and other certificate related technologies
- Developing and maintaining system orchestration to automate day to day processes
- Developing and maintaining ad-hoc and automated data reporting as needed using vendor tooling or custom automation as appropriate
- Creating and maintaining documentation for technical and administrative functions
- Evolving the framework for system monitoring and develop tooling to automate notifications and generate reporting/metrics
- Providing guidance for scoping complex, cross-organizational projects as needed
- Develop automation approaches to solve PKI lifecycle challenges
- Analyze legacy PKI solutions for security gaps and develop new approaches/capability to mitigate
- Develop standards and approaches to enable seamless integration across technical stacks
- Partner with architecture teams to understand security and business implications of PKI strategy
- Act as a technical owner on initiatives involving PKI technologies
- Champion PKI capability and integration across core security and IT
- Develop and deploy solutions to ensure that Digital Credential Services are performing according to specifications, meet defined procedures, and comply with applicable information security policies and requirements.
- Integrate applications and third-party products into internal services
Skills/Knowledge Desired:
- Certificate Authority Administration
- Certificate Enrollment Web Service & Policy Web Service
- Active Directory Certificate Services (ADCS) monitoring.
- PKI as service
- Data-in-motion Encryption
- Data-at-rest Encryption
- Expertise in Public Key Infrastructure (PKI) machine identity technologies such as SSH, SSL/TLS.
- Familiarity with Disaster Recovery process and Business Continuity procedures.
- Experience in managing Key Management Systems (KMS).
- Ability to design and implement solutions that optimize systems and processes
- Proficiency with a scripting language such as Java, Python or Powershell
- Experience in database configuration and SQL
- Experience with workflow and API development
- Ability to organize and rationalize complex data sets
Experience Desired
- 6+ years of experience working with PKI architecture
- 6+ years of System Administration of Windows, Unix/ Linux
- 6+ years of experience in infrastructure (security/systems/network) engineering and/or development
- 6+ years in technology and/or project management leadership positions
- 6+ experience developing executive-level reporting and communications
- 6+ experience establishing and defining the scope of new teams or functions
- 6+ experience working in large complex environments (financial services a plus)
Additional Locations
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory APIs Automation Certificate management Cryptography Encryption Java Linux Monitoring PKI POCs PowerShell Python Scripting SQL SSH Strategy TLS UNIX Windows
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Security Researcher jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs