PKI Engineer

Contractual | 6 months | ECS, Kubernetes, CloudHSM, Python
Foster City, CA, California, USA
quick apply

Currently, we are looking for talented resources for one of our listed clients. If interested please reply to me with your updated resume or feel free to reach out to me for more details at (949) 471-0480.

Title: PKI Engineer
Location: 4100 E 3rd Ave, Foster City, CA, United States of America, 94404
Duration: 6 months
Pay Rate: $82 - $87/Hr on W2 

Job Description:

  • The client is looking for a PKI DevOps Engineer to support our PKI team. The role will include innovating ways to deploy certificates for multiple use cases and improving the security posture surrounding machine identities across our hybrid environment.
  • You will be working with multiple teams to gather internal requirements and develop solutions to simplify processes for machine-to-machine authentication and help with operational maintenance of our HSM and Certificate Authority services. As we move to adopt Infrastructure as Code to replace manual procedures, you'll be working on designing solutions using IaC procedures. 
  • As with any startup, we move fast here at Client, and many candidates will be asked from time to time to jump on other projects and operational work. We would love to hear from you if you are up for adapting to the challenges, taking on new roles as needed, and hitting deadlines. If you’re not shy about herding cats and managing chaos, then this role was made for you!


  • A deep understanding of digital certificate lifecycle management functions and broad experience with different certificate types and uses
  • Deep knowledge of integrating workflows with Hashicorp Vault
  • Experienced with Microsoft PKI, PrimeKey PKI
  • 3+ years of Experience in performing Certificate Authority maintenance tasks such as certificate renewals and template generation.
  • Experience with Hardware Security Module (HSM) configuration and operation
  • Expert-level understanding of Cloud Security Principles
  • 3+ years of Infrastructure as Code (IaC) experience - Terraform, Bamboo, Salt
  • Experienced in Python
  • Experienced in Golang
  • Experienced with Docker, containerization, microservices, ECS, Kubernetes, CloudHSM
  • Excellent understanding of networking fundamentals
  • Experience with Clearpass is desirable


  • Work with Developers and Engineers to improve security with X.509 certificates and SSH certificates and resolve vulnerabilities in existing code while prioritizing stability, security, and simplicity
  • Communicate and collaborate with other teams, both technical and non-technical
  • Continuously review and evaluate the security settings/configuration of our PKI infrastructure, apply possible enhancements, and propose appropriate security tools
  • Define, design, and develop pipelines to improve PKI procedures through Terraform deployments
  • Propose and implement solutions to unify security policies on-prem and across hybrid Cloud environments
  • Build scalable cryptographic systems that support NIST, FIPS, SOX, and HIPAA compliance requirements for X.509 and key management services.

About us:
At our organization, we take our mission and values to heart! We are on a mission to offer more and better jobs all over the world! Our goal is to care for you while you care for our clients and get you paid the highest pay possible. All our associates working with us are expected to embrace our RACE values: R - Results Matter, A- Approachable, C - Care, and E - Emergency i.e. work with a sense of urgency.

For more relevant job opportunities please visit our website: Denken Solutions Careers