Capgemini

PKI/PKE Engineer

Capgemini$100K — $120K *
San Antonio, TX 78228In-Person
Information Technology
Less than 5 years of experience
2 weeks ago
Job Overview by Ladders

Qualifications

  • 3+ years of experience in PKI/PKE administration.
  • Bachelor's degree in computer science or related field.
  • In-depth knowledge of asymmetric/symmetric encryption and hashing algorithms.
  • Skilled in using PowerShell, Python, or OpenSSL for automation.
  • Familiarity with X.509 and relevant security standards.
  • Ability to obtain Secret level government security clearance required.
  • CompTIA Security+ certification preferred.

Responsibilities

  • Architect and maintain Certificate Authority hierarchies using Microsoft ADCS, Entrust, or DigiCert.
  • Enable applications for using certificates in secure communications.
  • Implement and manage Certificate Lifecycle Management tools for automation.
  • Manage lifecycle of Hardware Security Modules ensuring security and compliance.
  • Draft and enforce Certificate Policy to meet legal regulations.
  • Lead transition to Post-Quantum Cryptography for enhanced security.
  • Act as subject matter expert for certificate-related issues and emergencies.

Benefits

  • Health, dental, and vision insurance.
  • Retirement plan options with company matching.
  • Generous paid time off and holiday schedule.
  • Professional development opportunities and training.
  • Flexible work hours and potential for remote work.
Full Job Description
PKI/PKE Engineer will be tasked to design, implement, and operate systems that enable secure digital identity and data confidentiality. This role serves as the technical lead for Certificate Authorities (CAs), Hardware Security Modules (HSMs), and the integration of encryption services across enterprise workflows.

Responsibilities

  • Architect and maintain multi-tier Certificate Authority hierarchies (Root, Subordinate, and Issuing CAs) using Microsoft ADCS, Entrust, or DigiCert.
  • "Enable" applications (Web, Mobile, IoT) to use certificates for S/MIME email encryption, TLS/SSL, and 802.1X network authentication.
  • Implement and manage Certificate Lifecycle Management (CLM) tools like Venafi, Keyfactor, or AppViewX to automate renewals and prevent outages
  • Manage the physical and logical lifecycle of Hardware Security Modules (HSMs) such as Thales/nCipher or Utimaco.
  • Draft and enforce the Certificate Policy (CP) and Certification Practice Statement (CPS) to ensure legal and regulatory compliance (e.g., FIPS 140-2/3).
  • Lead the transition to Post-Quantum Cryptography (PQC) algorithms to protect against "harvest now, decrypt later" threats.
  • Act as the SME for certificate-related outages, compromised keys, or emergency revocation (CRL/OCSP) procedures.


Requirements

  • Minimum of 3+ years of progressive experience in PKI/PKE administration
  • Bachelor's degree in computer science, or a related field.
  • Deep understanding of asymmetric/symmetric encryption, hashing algorithms (SHA-256/384), and protocols (OCSP, SCEP, EST, CMP).
  • Proficiency in PowerShell, Python, or OpenSSL for automating certificate requests and inventorying.
  • Familiarity with X.509, NIST SP 800-53/175, and RFC 5280.
  • Ability to obtain Secret level government security clearance / Active clearance preferred
  • Ability to obtain CompTIA Security+ / Active certification preferred


About Capgemini

Capgemini is a global leader in consulting, digital transformation, technology and engineering services. The company is headquartered in Paris, France and operates in over 50 countries. Capgemini provides a range of services including strategy and transformation, application services, technology services, and engineering services. The company serves clients in a variety of industries including automotive, consumer products, financial services, healthcare, and retail.
Learn more about Capgemini
Industry
Information Technology
Founded
1967
NASDAQ
CGEMY
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at Capgemini

More Information Technology Jobs

Find similar PKI/PKE Engineer jobs:

NationwideSan Antonio, TX