Senior PKI Engineer
Remote, US
Truepic:
Truepic develops the world's most secure camera technology for mobile devices. We empower viewers to make better-informed decisions through high integrity photos & videos. Our team is dedicated to restoring trust in every pixel of consequence, with the goal of having a shared sense of visual reality across the internet by 2030.
We are embarking on a game-changing endeavor to bring our award-winning Controlled Capture secure camera technology (named one of TIME Magazine’s Best Inventions of 2020) to any camera-enabled app.
About the Role:
As a Senior PKI Engineer in our R&D division, you will architect, implement, and own the high-performance, high-integrity PKI service that anchors the trust in the Truepic brand.
Your work will help cement Truepic’s position on the bleeding edge of the battle against visual deception, including defending against AI-synthesized deepfakes. Authenticatable photos and videos produced by apps that integrate your code will aid critical decision making by customers at Tier 1 internet platforms, financial service companies, international NGOs, and governments.
Core Responsibilities:
- Architect and implement a secure, high-performance, scalable PKI for the Truepic Certificate Authority, including offline root and proxied subordinate CAs that will issue cryptographic credentials for device authentication and file signing
- Architect and implement secure storage and accessibility for CA private keys using hardware security modules (HSMs)
- Architect and implement supplementary CA services including OCSP responders and publishing of CRLs
- Architect and implement an authentication front-end to the CA, which implements the secure, scalable protocol for authentication designed in collaboration with mobile device engineering. The authentication service will leverage mobile device attestation services from Apple, Google, Qualcomm, and others
- Architect and implement a trusted time-stamping service capable of very high transaction rates with full traceability
- Implement accounting service that tracks issuing of authentication credentials, file signing credentials, and time-stamping transactions for billing purposes
- Work with the product engineering team to lay the groundwork for integrating CA service as part of the wider Truepic infrastructure, including the issuing and verification of customer API keys.
- Be accountable to the Truepic product engineering team for CA, authentication, and billing services uptime and stability
- Contribute to the creation of an open standard for authenticatable media files alongside industry heavyweights such as Adobe, Twitter, Microsoft, and more.
- Collaborate with the broader Truepic R&D team on a unified architectural approach to Controlled Capture technology
You will succeed in this role if you:
- Have deep, proven experience developing secure, enterprise-grade applications in some or all of the following languages and frameworks:
-Java EE
-Go
-Node.js
-Amazon RDS for PostgreSQL
-Ansible
-Terraform
- Have deep, proven experience with CI/CD methodology and frameworks such CircleCI
- Have deep, proven expertise with Public Key Infrastructure (PKI) concepts, including internet standards for cryptographic algorithms, hashing schemes, digital signature schemes, trusted time-stamping, and cryptographic certificates.
- Have experience with leveraging mobile device attestation technologies for iOS and Android devices
- Have experience with building systems that integrate hardware security modules (HSMs), including Amazon CloudHSM
- Have experience with PrimeKey EJBCA platform for CA, RA, and VA services
- Have experience with PrimeKey SignServer platform for time-stamping services
- Have experience designing and implementing secure communication protocols between mobile devices and backend services
- Have experience designing and implementing proactive defenses against common threat vectors for public-cloud high-security applications
- Have superb communication skills and the ability to make compelling data-driven arguments for your architectural and implementation recommendations
- Have a proven ability to be self-driven in applying a methodical approach to exploring novel solutions to unexplored problem spaces
How to Apply:
Please send your resume and cover letter to: jobs@truepic.com
Tags: Android Ansible APIs CI/CD CircleCI Cloud Hashing iOS Java Node.js PKI PostgreSQL R&D Terraform
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs