Finding the best job has never been easier
Tesla Sr. PKI Engineer Infrastructure United States, California, Fremont 811196727
16.04.2025
Share
What You’ll Do What You’ll Bring
- Design, implement, and manage comprehensive PKI environments, ensuring secure certificate lifecycle management, encryption, and access control. Leverage tools such as EJBCA and Active Directory Certificate Services (ADCS) for CA operations and certificate management
- Digital Certificate Lifecycle Management, Oversee the creation, distribution, revocation, and renewal of digital certificates across the organization. Ensure automated certificate management processes are in place to minimize downtime and risk
- Design, deploy, and integrate Key Management and HSM Services with customers, providing VM and payload encryption in addition to code and document signing and emerging use cases
- Integrate PKI solutions with Identity and Access Management (IAM) systems, including Active Directory, Azure AD, and other identity providers, to ensure secure access, authentication, and encryption across applications, services, and networks
- Collaborate with security teams to implement strong authentication protocols and access control policies, including RBAC and/or ABAC to enhance the security of enterprise systems
- Develop and implement automation for certificate generation, deployment, and management using scripting languages (e.g., PowerShell, Python), ensuring high availability and scalability of PKI services
- Monitor the security posture of PKI environments, identifying risks and implementing remediation strategies. Conduct regular security audits and ensure compliance with internal security policies and industry standards. Create reports, dashboards, and alerts using platforms like Splunk and Grafana to provide observability
- Actively participate in the 24/7 on-call rotation to provide expert-level support for PKI and IAM systems during outages, incidents, or security events. Conduct postmortem analysis and implement corrective actions as needed
- Maintain comprehensive documentation for PKI, HSM, and KMS processes, configurations, and policies. Develop detailed reports and dashboards to track system performance, certificate health, and security incidents
- Evaluate and manage relationships with vendors providing PKI and IAM solutions. Stay up to date with emerging technologies and implement best practices to enhance the security and efficiency of the identity management infrastructure
- Bachelor’s Degree in Computer Science, Information Security, or a related field; or equivalent work experience
- 5+ years of experience in PKI, Identity and Access Management (IAM), and security technologies, with a focus on enterprise-level PKI implementations
- Proven experience with EJBCA, Active Directory Certificate Services (ADCS), and other PKI management tools and platforms
- Expertise in digital certificate management, including generation, renewal, revocation, and security policies
- Strong knowledge of PKI architecture, certificate authorities (CAs), and certificate lifecycle management tools
- Experience with IAM platforms such as Active Directory, Azure AD, and other third-party identity providers
- Proficient in scripting languages like PowerShell (preferred), or other scripting languages for automating PKI processes and system administration tasks
- Strong understanding of network security protocols, encryption, and identity management standards such as SAML, OIDC, OAuth, and Kerberos
- Experience with cloud security (e.g., AWS, Azure) and managing security in multi-cloud or hybrid environments
- Experience with Identity Governance and Administration (IGA) solutions, including role-based access control (RBAC) and user lifecycle management
These jobs might be a good fit
