Role: PKI Engineer
Employment Type:
Permanent, Full-Time (Contract or Permanent)
Location:
On-site – Corsham / Farnborough
Clearance Required:
DV (Developed Vetting)
Role Summary
We're seeking a skilled PKI Support/Operator to provide 2nd–4th line support for Public Key Infrastructure (PKI) services and supporting infrastructure. This on-site role involves troubleshooting, maintenance, certificate lifecycle management, and ensuring compliance with security best practices in a high-assurance environment.
Key Responsibilities
Operational Support & Incident Management
* Provide 2nd/3rd line support for PKI systems including root, subordinate, and issuing CAs.
* Troubleshoot certificate issues (issuance, revocation, validation, auto-enrolment).
* Manage incidents, service requests, and changes within defined SLAs.
Infrastructure Maintenance
* Support identity and security services (e.g. AzureAD, Intune, SSO).
* Monitor and respond to alerts (e.g. Microsoft Defender).
* Maintain server health, backups, patching, and updates.
Certificate Lifecycle Management
* Handle certificate requests, renewals, and revocations.
* Maintain inventory and ensure timely renewals to avoid service disruption.
Compliance & Documentation
* Adhere to CP/CPS and security policies.
* Manage CA audit logs and role-based access controls.
* Maintain detailed technical and procedural documentation.
Required Skills & Experience
Technical:
* Solid understanding of PKI concepts (CAs, CRLs, OCSP, key management).
* Windows Server administration and PowerShell scripting.
* Network fundamentals: DNS, DHCP, TCP/IP.
* Familiarity with security frameworks (FIPS 140-2, NIST, GDPR).
* Experience with ITSM processes (incident/change/problem management).
* Exposure to cloud services (Azure, AWS, Intune).
* Strong documentation and troubleshooting skills.
Preferred Certifications
* CompTIA Security+ or relevant vendor certification (desirable)