Offer summary

Qualifications:

Over 12 years of experience in Information Security Architecture., At least 5 years of specialized experience in PKI, certificate management, and cryptography., Hands-on experience with Venafi Trust Protection Platform, including policy configuration and agent integrations., Strong understanding of PKI architecture, cryptographic standards, and deployment in cloud and hybrid environments..

Key responsibilities:

Lead the architecture, engineering, and integration of PKI and certificate management systems using Venafi.

Manage all project phases: discovery, design, implementation, support, and optimization.

Develop enterprise PKI-DSS aligned with compliance and security standards.

Partner with teams to ensure secure adoption of cryptographic services and evaluate emerging technologies.

Job description

Job Title: Senior PKIVenafi Architect Location: Remote
Employment Type: FullTime
Experience Level: 12+ Years

Job Summary:We are seeking a highly experienced and strategic Senior PKIVenafi Architect with deep expertise in Venafi, PKIDSS architecture, cryptography mechanisms, and cloud environments. This is a critical, greenfield opportunity to lead endtoend discovery, design, implementation, and support of enterprisegrade PKI and certificate lifecycle management solutions. Ideal candidates will have a strong architectural background and proven success in delivering secure, scalable, and compliant cryptographic infrastructures across hybrid cloud environments.

Key Responsibilities:
Lead the architecture, engineering, and integration of Public Key Infrastructure (PKI) and certificate management systems using Venafi Trust Protection Platform.

Drive all phases of the project lifecycle: discovery, design, implementation, support, and optimization.

Develop enterprise PKIDSS (Public Key Infrastructure – Data Security Standards) aligned with compliance, audit, and security frameworks.

Architect secure, scalable cryptographic solutions involving digital certificates, TLSSSL, key management, encryption mechanisms, and secure protocols.

Oversee integration of PKI and cryptographic services with cloud platforms (AWS, Azure, GCP) and DevSecOps toolchains.

Define and enforce policies for certificate lifecycle management, including issuance, renewal, rotation, and revocation.

Partner with security, infrastructure, and application teams to ensure secure adoption of cryptographic services.

Evaluate emerging technologies, contribute to security roadmap, and continuously improve cryptographic posture.

Required Qualifications:
12+ years of experience in Information Security Architecture, with at least 5 years specializing in PKI, certificate management, and cryptography.

Handson experience with Venafi Trust Protection Platform – policy configuration, workflow setup, agent integrations, etc.

Strong understanding of PKI architecture, CA hierarchy, HSMs, OCSP, CRLs, and key protection mechanisms.

Deep knowledge of cryptographic standards (RSA, ECC, AES, SHA, TLSSSL, etc.) and security protocols.

Experience in deploying PKIcertificate solutions in cloud (AWS, Azure, GCP) and hybrid environments.

Proven track record of working as an Architect, leading security design sessions, risk assessments, and solution implementations.

Strong scripting or automation skills (e.g., PowerShell, Python, REST APIs) for certificate lifecycle automation.

Familiarity with security frameworks like NIST, ISO 27001, PCIDSS, and regulatory compliance.

Preferred Qualifications:
Venafi or other relevant certifications.

Experience with HSMs (Thales, SafeNet, AWS CloudHSM).