Job description

🔐 Senior Public Key Infrastructure (PKI) Engineer 📍 Location: On-Site | Reston, VA 💼 Employment Type: W-2 Contract 💰 Pay Range: Up to $65/hr (W-2 only) 🛑 Please Note: • U.S. Citizenship required • No C2C or third-party submissions • Must be able to obtain and/or hold government security clearance • On-site position; remote or hybrid work is not available for this role About the Role: An exciting opportunity is available for a Senior PKI Engineer to support enterprise-grade Identity and Access Management initiatives for a high-profile government contractor. In this role, you’ll be the subject matter expert for Public Key Infrastructure (PKI) strategy, implementation, and support—ensuring secure, scalable, and compliant digital certificate environments across a large technical enterprise. This is a mission-critical role within a dynamic and fast-paced security team that offers the chance to contribute to innovative infrastructure solutions at scale. You’ll be responsible for managing PKI environments, certificate lifecycle automation, HSM integration, and collaboration with security, infrastructure, and application teams. Key Responsibilities: • Oversee and manage the enterprise-wide Public Key Infrastructure (PKI) environment, including CA/RA management, CRL, OCSP, and HSM integrations • Deploy and maintain certificate platforms like Active Directory Certificate Services (ADCS), Keyfactor, GlobalSign, DigiCert, or Sectigo • Provide expert-level support and troubleshooting for digital certificates across platforms (Windows, Linux, Azure, AWS, F5, Java JKS, Tomcat, Apache) • Collaborate with IAM, Security, DevOps, and Infrastructure teams to align digital certificate practices with internal standards and regulatory frameworks • Configure and maintain PKI integrations supporting Smart Card, SSL/TLS, Code Signing, S/MIME, 802.1x, and EAP-TLS • Support automation using scripting tools and ACME-based lifecycle solutions • Maintain and enhance CP/CPS documentation and ensure alignment with X.509 and CA/Browser Forum requirements • Participate in change management, incident response, and technical support workflows What You'll Need to Succeed • 8–10+ years of relevant experience in IT security, infrastructure, or systems engineering • Deep expertise in PKI systems, cryptographic protocols, and certificate lifecycle management • Familiarity with certificate tools and platforms (ADCS, DigiCert, Sectigo, OpenSSL, Keyfactor, etc.) • Strong scripting knowledge for automation (PowerShell, Bash, Python preferred) • Solid experience installing SSL certs in multi-platform environments • Ability to collaborate across technical teams and document standards clearly • Bachelor’s degree in Computer Science, Information Systems, or equivalent experience • Microsoft certifications and Linux/Windows administration background are preferred Why This Role? This is a rare opportunity to step into a high-impact role with one of the most respected infrastructure-focused government contractors in the U.S. You’ll be working on initiatives that truly matter—enhancing national security and operational resilience across global operations. 📩 Ready to secure the future? Apply now and join a forward-thinking team supporting enterprise-grade security solutions.

Requirements