An employer is looking for a Remote Sr. DevOps Engineer to work PST hours. This person needs to have deep expertise in Public Key Infrastructure (PKI) to support the design, automation, and maintenance of enterprise-grade cryptographic systems. This role is critical to ensuring the integrity, availability, and compliance of our certificate services and secure key management infrastructure. In this role, the individual will be responsible for designing, building, and deploying enterprise-grade Public Key Infrastructure (PKI) systems, including private Certificate Authorities (CAs). Their daily tasks will include ensuring these systems comply with data privacy and protection frameworks such as FIPS and NIST, while adhering to industry best practices. They will assess and remediate PKI designs to mitigate risks, manage and test configurations before production deployment, and automate PKI infrastructure using CI/CD pipelines and DevOps methodologies. The role also involves managing and integrating Hardware Security Modules (HSMs) and Key Management Systems (KMS), troubleshooting issues related to PKI, TLS/SSL, and HSMs, and maintaining accurate system documentation. Staying current with emerging threats and cryptographic standards-including post-quantum cryptography like FIPS-204-is essential. Additionally, the individual will collaborate with system administrators and developers to support CA-related application changes and integrations, while continuously refining PKI best practices and operational standards.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
[email protected] learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience• 8+ years of experience with enterprise PKI systems and certificate lifecycle management.
• 7+ years of hands-on experience with HSMs (e.g., Thales, Entrust) and KMS platforms (e.g., Azure Key Vault, AWS KMS, HashiCorp Vault).
• 7+ years of experience supporting the design, build, and deployment of enterprise PKI systems, including private certificate authorities
• 7+ years of experience managing the configuration of PKI systems and testing PKI systems before production deployment.
• 7+ years of experience automating PKI infrastructure using CI/CD pipelines and DevOps patterns of practice
• 7+ years of experience managing HSM devices and Key Management Systems (KMS)
• Strong scripting and automation skills (e.g., PowerShell, Python, Bash).
• Familiarity with infrastructure-as-code tools (e.g., Terraform, Ansible).
• Familiarity with NIST and FIPS frameworks and standards including Post Quantum Computing cryptography standards like FIPS-204
• Deep understanding of cryptographic protocols (TLS/SSL), authentication mechanisms, and secure key storage.
• Knowledge of compliance frameworks such as NIST, FIPS, SOX, and ISO 27001.
• Experience with CI/CD tools (e.g., GitHub Actions, GitLab CI, Azure DevOps).
• Excellent troubleshooting and incident response skills.
Nice to Have Skills & Experience• Certifications such as CISSP, CISM, Microsoft Certified: Identity and Access Administrator, or equivalent.
• Experience with certificate lifecycle platforms like Venafi, KeyFactor, or Axiad.
• Exposure to post-quantum cryptography standards and migration strategies.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.
