What you will be doing:
1. Lead PKI engineering and operational activities across secure enterprise environments.
2. Own the design, review, deployment, and governance of certificate templates.
3. Provide senior technical guidance on certificate management across Windows, Linux, web-based platforms, enterprise applications, and infrastructure services.
4. Work with architects, engineers, security teams, and application owners to define PKI integration requirements and ensure appropriate certificate usage.
5. Lead the definition, documentation, and ongoing maintenance of PKI governance artefacts, including the Certification Policy Statement.
6. Drive certificate lifecycle management processes, including issuance, renewal, revocation, auditing, reporting, and governance.
7. Administer and provide technical oversight of HSM environments, including operational processes and security controls.
8. Identify opportunities to improve PKI processes, automation, resilience, and operational maturity.
9. Act as an escalation point for complex PKI issues across project and operational workstreams.
10. Provide technical assurance that PKI services align with security, regulatory, and programme requirements.
What you will bring:
11. Strong knowledge of DPKI / PKI within enterprise or secure environments.
12. Proven experience in PKI engineering, administration, and architecture support.
13. Experience providing technical leadership or acting as a senior escalation point for PKI-related activities.
14. Hands-on experience with HSMs, ideally Thales HSM products.
15. Strong experience in certificate management, certificate template design, and certificate template deployment.
16. Experience managing certificate templates across enterprise-scale environments.
17. Good understanding of certificate lifecycle management, PKI governance, and policy documentation.
18. Ability to work with infrastructure, application, security, and architecture teams to translate requirements into secure PKI solutions.
19. Experience improving PKI processes, documentation, controls, or operational maturity.
It would be great if you had:
20. Experience supporting enterprise applications and infrastructure with PKI integration requirements.
21. Experience working in complex, secure, regulated, or Defence environments.
22. Experience contributing to PKI strategy, service design, automation, or operational transformation.
23. Experience mentoring engineers or providing technical direction within a project or service team.
If you are interested in this role but not sure if your skills and experience are exactly what we’re looking for, please do apply, we’d love to hear from you!
Employment Type: Permanent
Location: Hertfordshire
Security Clearance Level: Eligible for Developed Vetting (DV)
Internal Recruiter: Josh
Salary: Competitive, based on experience
Benefits: £5,400 car allowance, medical insurance, flex fund to purchase additional benefits, 25 days annual leave with the choice to buy extra days, life assurance, and 6% pension
If you’re interested and need to work flexibly, we encourage you to apply and talk to us about what might be possible.