Match score not available

Unlock Premium Benefits Today!
🚀 Elevate your career with priority access.
Stand out to top recruiters with Jobgether Priority Access:
  • ✅ Top Match: We help you identify job offers where you're a perfect fit.
  • ✅ Exclusive Referral Service: Connect directly with recruiters as a Jobgether Certified Premium User.
  • ✅ Personalized Feedback: Receive feedback and expert guidance on applications, and have your profile manually reviewed.

Start Your Free Trial Now!

Start my free trial

Microsoft Active Directory Public Key Infrastructure (AD PKI) Expert

Remote: 
Full Remote
Contract: 
Fixed term
Experience: 
Expert & Leadership (>10 years)
Work from: 
United States

Offer summary

Qualifications:

Expert-level knowledge of Microsoft AD Certificate Services (AD CS) and PKI best practices., Hands-on experience in PKI migrations and hybrid cloud deployments., Knowledge of compliance frameworks related to PKI security., Relevant certifications preferred..

Key responsabilities:

  • Conduct a thorough review of existing AD PKI infrastructure.
  • Provide expert recommendations on PKI migration and future-state architecture.

MetroSys, Inc. logo
MetroSys, Inc. Information Technology & Services SME https://www.metro-sys.com
11 - 50 Employees
About MetroSys, Inc.
MetroSys is a I.T. Professional Services company based in sunny San Diego, CA. Established in 2006, MetroSys has technical talent supporting the Americas. Our Mission Statement; To simplify our customers’ business solutions while having fun with what we do. Our creative geniuses have been pioneering data solutions for our valued customers and partners in the following areas: Data Mobility: Enterprise Storage, Cloud Migrations, Systems Integration & Installation: Storage, Networking, Virtualization, Database, Messaging Flexible Workforce: Recruiting, Staffing, Direct Placement Assessment Services: Storage, Networking, Performance, Periodic, Get Healthy ingenuity. Agility. Speed. These are key ingredients to our success. Navigating the world of I.T. Professional Services can pose many challenges. We help customers, channel partners, resellers & manufacturers deliver! Our team of highly experienced professionals can help bridge any gap for your I.T. requirements. Whether assistance with pre-sales or post-sales services, recruiting, or assisting with the launch of emerging technologies, We CAN Help! Great people. Great Company. MetroSys has carefully crafted its team of highly skilled talent by not only hiring industry experts, but by selecting people that share our view on company culture. Our core values include teamwork, integrity, accountability, & embracing diversity. Our customer first approach builds strong relationships as a trusted advisor and technology partner. Our team integrates with your business and maximizes efficiency. Simply put, we make it easy. For more information, please visit our website @ http://www.metro-sys.com
See all jobs

Job description

Position Summary:

We are seeking a Microsoft Active Directory Public Key Infrastructure (AD PKI) Expert for a short-term engagement to conduct a deep-dive discovery, analysis, and review of our existing PKI environment. The consultant will provide a detailed report on the current state, along with recommendations and options for migration, separation, and alternative on-premises or cloud-based architectures.

Key Responsibilities:

  • Deep-Dive PKI Discovery & Assessment:

    • Conduct a thorough review of the existing AD PKI infrastructure, including Certificate Authorities (CAs), Certificate Templates, CRL distribution, and Auto-Enrollment policies.
    • Analyze dependencies, security configurations, and compliance gaps.
    • Evaluate PKI integration with Active Directory, network services, and enterprise applications.

  • Analysis & Reporting:

    • Provide a detailed assessment report outlining the current PKI architecture, strengths, weaknesses, and risks.
    • Identify potential issues, security vulnerabilities, and areas for improvement.
    • Offer guidance on best practices for PKI security hardening and lifecycle management.

  • Migration & Separation Strategy:

    • Provide expert recommendations on PKI migration and separation strategies, considering:
      • Splitting PKI environments for multiple organizations or business units.
      • Migrating from on-premises to cloud-based PKI solutions (e.g., Microsoft Intune SCEP, AWS Private CA, or Azure Key Vault).
      • Transitioning from legacy PKI to a modern, scalable architecture.
    • Assess the impact of moving to cloud-native, hybrid, or third-party PKI solutions.

  • Future-State Architecture & Roadmap:

    • Design and present high-level architecture options tailored to business requirements.
    • Provide recommendations for governance, automation, and certificate lifecycle management.
    • Suggest enhancements for security, compliance, and resilience (e.g., HSM integration, CRL optimization, OCSP setup).
Qualifications & Skills:
  • Expert-level knowledge of Microsoft AD Certificate Services (AD CS), PKI design, implementation, and security best practices.
  • Experience with certificate lifecycle management, HSMs, and enterprise PKI solutions.
  • Strong understanding of certificate-based authentication, encryption, and digital signatures.
  • Hands-on experience in PKI migrations, separation strategies, and hybrid cloud PKI deployments.
  • Familiarity with cloud-based PKI alternatives, such as Microsoft Intune SCEP, AWS Private CA, or Azure Key Vault.
  • Experience with PowerShell scripting for automation of PKI-related tasks.
  • Knowledge of compliance frameworks (NIST, CIS, ISO 27001) and PKI security hardening techniques.
  • Relevant certifications (preferred): Microsoft Certified: Identity and Access Administrator, CISSP, CISM, or other security-related certifications.

Required profile

Experience

Level of experience: Expert & Leadership (>10 years)
Industry :
Information Technology & Services
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Hard Skills

EncryptionAuthorization (Computing)Digital SignatureCompliance ManagementAzure SecurityWindows PowerShellEnterprise Network SecurityISO/IEC 27000 SeriesNIST 800
Are you interested?

Infrastructure Architect Related jobs

See more Infrastructure Architect jobs