Job Description
POSITION SUMMARY
The Enterprise Technology Experience organization is seeking a
Level 2 PKI Operator within the Identity and Access Management (IAM) team. This role is focused on the
day-to-day operation, support, and maintenance of Public Key Infrastructure (PKI) services, ensuring certificate-based security services remain reliable, compliant, and available.
The PKI Operator will work in a fast-paced, collaborative environment, supporting existing PKI platforms, handling certificate lifecycle activities, responding to incidents, and executing defined operational procedures under established standards and engineering guidance.
Basic Qualifications
- Perform certificate lifecycle operations, including issuance, renewal, revocation, and expiration monitoring
- Support and operate enterprise PKI platforms following documented procedures and runbooks
- Working knowledge of PKI concepts, including certificates, keys, trust chains, and encryption
- Experience supporting Certificate Authorities (CAs) and certificate-based authentication systems
- Exposure to Hardware Security Modules (HSMs) and key management activities under guidance
- Familiarity with Windows and Linux operating systems, including basic system administration tasks
- Experience supporting Active Directory and directory services in relation to certificate services
- Assist with IAM services and their integration with PKI (authentication, federation, and access controls)
- Support certificate-based solutions for web infrastructure and applications
- Experience supporting federation and certificate usage with technologies such as SAML and OIDC
- Execute documented operational handoffs and support procedures
- Participate in incident response, troubleshooting, and escalation for PKI-related issues
- Assist with audit support, evidence collection, and remediation tracking
- Ability to follow security policies, cryptographic standards, and compliance requirements
- Create and maintain operational documentation and knowledge base articles
- Use ticketing and collaboration tools such as JIRA, Confluence, and other Atlassian tools
- Strong organizational skills with the ability to manage multiple tasks
- Clear written and verbal communication skills, including communication with non-technical stakeholders
- Authorized to work in the United States without sponsorship now or in the future
Preferred Qualifications
- Associate or Bachelor's degree in Information Technology, Computer Science, or related field
- Hands-on experience supporting Active Directory Certificate Services (ADCS)
- Experience with certificate lifecycle management platforms (e.g., Venafi, CyberArk, or equivalents)
- Basic scripting or automation exposure using PowerShell or Python
- Foundational understanding of TLS, encryption, cipher suites, and certificate usage
- Awareness of NIST, FIPS, and internal security standards
- Familiarity with CA/B Forum principles and certificate compliance requirements
- Experience supporting or operating key management systems under established processes
- Exposure to cloud or third-party platforms such as Amazon, Okta, or CyberArk
- Understanding of ACME protocol operations for automated certificate management
- Experience working in enterprise environments with defined change, incident, and problem management
Core Responsibilities
- Operate and support PKI services to meet availability, security, and compliance requirements
- Follow documented procedures and escalate issues appropriately
- Monitor certificate health, expirations, and service performance
- Support operational changes approved by engineering and architecture teams
- Collaborate with IAM engineers, security teams, and application owners
- Maintain accurate records and documentation for audits and operational continuity
CORE VALUES
- Focus on the Customer: Provide timely, reliable support and maintain service availability
- Act with Integrity: Adhere to security policies, compliance requirements, and ethical standards
- Value People: Work respectfully with diverse teams and contributors
- Work Collaboratively: Partner with engineering, operations, and security teams to resolve issues
- Achieve Results: Execute operational responsibilities accurately and efficiently
