C002872 PKI/Key Management Design/Implementation Engineer (CTS) - MON 5 Jun

Deadline Date: Monday 5 June 2023

Requirement: PKI/Key Management Design/Implementation Engineer

Location: The Hague, NL

Full time on-site: Yes

Time On-Site: 100%

NATO Grade: A/115

Total Scope of the request (hours): 760

Required Start Date: 17 July 2023

End Contract Date: 30 December 2023

Required Security Clearance: NATO COSMIC TOP SECRET

Duties and Role:

• Responsible for design of PKI components within an enterprise context
• The (technical) documentation of PKI services/components to support the design, implementation and transition phases of the project
• Installation and maintenance of PKI components
• Support the transition of the PKI capability into operations
• The design and implementation of the following:
  • PKI system backups and restore
  • PKI virtualized infrastructure
  • PKI networking components
  • PKI hardware infrastructure
  • Auto enrolment services; Entrust Admin Services; Entrust REST API (CA Gateway, Certificate Enrolment Gateway)
  • RHEL 389 LDAP directory service configuration and maintenance in part of user migration

Requirements

Skill, Knowledge & Experience:

• The candidate must have a currently active NATO COSMIC TOP SECRET security clearance
• 5 years extensive experience with PKI System development, design, management.
• Experience in data centre resilience / high availability for PKI systems
• Extensive knowledge of Information security and Cryptography (symmetric and asymmetric encryption, public key infrastructure (PKI) encryption, public key encryption, hash functions, digital signatures, digital certificates).
• Experience with writing, reviewing, and auditing of Certification Practices Statements.
• Knowledge of the principles of computer and communications security, networking, and vulnerabilities of modern operating systems and applications.
• Experience with SQL database administration.
• Experience with NATO Security Accreditation processes.
• Extensive knowledge of modern communication and Internet Protocol (IP) based networking technologies and systems including security aspects.
• Working knowledge of router and switches configuration.
• Practical experience in Windows Servers, RHEL and VMware system administration.
• Extensive experience in operating systems backup and restore.
• Practical experience in scripting (Python, Powershell).
• Practical experience in SSL and TLS.

Desirable Experience:

• NATO Security Policy, Directives, and Guidance (D/48 REV3, NPKI Certificate Policy)
• NATO Change Management processes (CR, ASI, A2SL)
• VMware (VCA, VCP)
• CISCO CCNA
• Microsoft Certified Solution Associate (MCSA).
• Microsoft Certified Solutions Expert (MCSE).
• Experience in development and implementation of computer security policies.