Engineer II, Encryption / PKI - Identity Encryption Services

Working with Us
Challenging. Meaningful. Life-changing. Those aren’t words that are usually associated with a job. But working at Bristol Myers Squibb is anything but usual. Here, uniquely interesting work happens every day, in every department. From optimizing a production line to the latest breakthroughs in cell therapy, this is work that transforms the lives of patients, and the careers of those who do it. You’ll get the chance to grow and thrive through opportunities uncommon in scale and scope, alongside high-achieving teams rich in diversity. Take your career farther than you thought possible.

Bristol Myers Squibb recognizes the importance of balance and flexibility in our work environment. We offer a wide variety of competitive benefits, services and programs that provide our employees with the resources to pursue their goals, both at work and in their personal lives. Read more: careers.bms.com/working-with-us.

BMS Hyderabad is an integrated global hub where our work is focused on helping patients prevail over serious diseases by building sustainable and innovative solutions. This important science, technology, and innovation center will support a range of technology and drug development activities that will help us usher in the next wave of innovation.

Job Profile:

BMS is seeking an experienced Public Key Infrastructure (PKI) senior engineer that drives and improves Public Key Infrastructure (PKI), File Encryption and certificate management across the entire company. This is a technical role in a team with equally dedicated and passionate Engineers supporting our Cyber Identity and Encryption/PKI services.

Job Description & Responsibilities:

• Responsible for File Encryption, BMS Public Key Infrastructure (PKI) and certificate management.
• Effectively work directly with clients, team members, technical experts, professional staff, and management as needed to deliver new capabilities or provide operational support.
• Integrate certificates into Enterprise infrastructures like VPN, LDAP, various web servers, and applications like Adobe, SAP, etc.
• Provide technical assistance to protect enterprise data and infrastructure using certificates and security protocols like SSL/TLS, etc.
• Working experience with third-party certificate authorities such as DigiCert and cloud hosted PKI tools and gateway services from KeyFactor.
• Strong knowledge and working experience of PKCS protocols, encryption libraries like keytool, OpenSSL, PGP and networking tools like telnet, traceroute, and nslookup.
• Working experience with Windows Server utilities like IIS, certificate snap-ins, Microsoft Certificate Services (ADCS, OCSP).
• Scripting experience (Bash, PowerShell, Python).
• Software development experience using a development tool such as Postman or Java.
• Understanding of OOP principles, REST APIs, MVC architecture and Java frameworks (Spring).
• Understanding of load balancers, proxies, and end-to-end encryption architecture.
• Be self-directed, take the lead on technical escalations and drive incidents or problems until resolution. That involves automation, networking, cloud infrastructure security, and integration with 3rd party products.
• Develop Architecture documents, requirements, network designs, roadmaps, technology/maintenance/upgrade lifecycle, execution plans, monitoring, and health checks validations, recovery plan, roll back plans, and DR Solutions.
• Keep PKI infrastructure current and patched. Lead upgrades projects. Identify automation opportunities for certificate lifecycle.
• Configure, build and support required monitoring and testing of PKI services.
• Support and maintain in-house developed web applications and databases.
• Take part in an after-hours on-call support rotation and implement solutions, patching and deployment activities after hours as needed.
• Establish and maintain effective relationships with Internal Infrastructure, Application and Business partners to understand needs, use, and systems to facilitate effective IAM solutions.

Qualification:

• 3+ years of experience in Public Key Infrastructure and Active Directory
• Proficient with File Encryption protocols including PGP encryption solutions.
• Proficient in one of the known programming and scripting language (Python, Java, JavaScript)
• Troubleshooting and networking skills, including PKCS, SSL/TLS, DNS and load balancers
• Self-directed with excellent communication and documentation skills
• BS or equivalent in information technology, computer engineering, computer science, or related field

#HYDIT #LI-Hybrid

If you come across a role that intrigues you but doesn’t perfectly line up with your resume, we encourage you to apply anyway. You could be one step away from work that will transform your life and career.

Uniquely Interesting Work, Life-changing Careers
With a single vision as inspiring as “Transforming patients’ lives through science™ ”, every BMS employee plays an integral role in work that goes far beyond ordinary. Each of us is empowered to apply our individual talents and unique perspectives in an inclusive culture, promoting diversity in clinical trials, while our shared values of passion, innovation, urgency, accountability, inclusion and integrity bring out the highest potential of each of our colleagues.

On-site Protocol

BMS has a diverse occupancy structure that determines where an employee is required to conduct their work. This structure includes site-essential, site-by-design, field-based and remote-by-design jobs. The occupancy type that you are assigned is determined by the nature and responsibilities of your role:

Site-essential roles require 100% of shifts onsite at your assigned facility. Site-by-design roles may be eligible for a hybrid work model with at least 50% onsite at your assigned facility. For these roles, onsite presence is considered an essential job function and is critical to collaboration, innovation, productivity, and a positive Company culture. For field-based and remote-by-design roles the ability to physically travel to visit customers, patients or business partners and to attend meetings on behalf of BMS as directed is an essential job function.

BMS is dedicated to ensuring that people with disabilities can excel through a transparent recruitment process, reasonable workplace accommodations/adjustments and ongoing support in their roles. Applicants can request a reasonable workplace accommodation/adjustment prior to accepting a job offer. If you require reasonable accommodations/adjustments in completing this application, or in any part of the recruitment process, direct your inquiries to adastaffingsupport@bms.com. Visit careers.bms.com/eeo-accessibility to access our complete Equal Employment Opportunity statement.

BMS cares about your well-being and the well-being of our staff, customers, patients, and communities. As a result, the Company strongly recommends that all employees be fully vaccinated for Covid-19 and keep up to date with Covid-19 boosters.

BMS will consider for employment qualified applicants with arrest and conviction records, pursuant to applicable laws in your area.

Any data processed in connection with role applications will be treated in accordance with applicable data privacy policies and regulations.