Overview: We are looking for a highly skilled Cyber Security Engineer -Senior Certificate Lifecycle Management (CLM) Engineer to lead the technical implementation and management of our enterprise-wide Certificate Lifecycle Program. This role is critical in enhancing our security posture through automation and secure digital certificate management across our global infrastructure
Responsibilities
- Lead the technical implementation of a strategic CLM program in a large-scale environment.
- Design and develop robust integrations between the CLM platform and ServiceNow for automated orchestration.
- Centralize certificate issuance by integrating the CLM solution with public CAs (Digicert, Let's Encrypt) and internal Windows Server CAs.
- Establish seamless integration with Microsoft Entra ID for centralized identity provisioning and RBAC.
- Drive automation strategies to address the shortening of certificate lifecycles.
- Develop comprehensive reporting and analytics for certificate utilization, expiration, and compliance.
- Implement mechanisms for user group management and chargeback/billing utilization.
- Provide expert-level technical troubleshooting and support for the CLM platform.
- Maintain detailed technical documentation, including architecture diagrams and operational procedures.
- Collaborate with cross-functional teams (Infrastructure, AppDev, IT Ops) to ensure operational efficiency
Profile
- Bachelor of Science in Cyber Security, Computer Science, Information Systems, Engineering, or a related field.
- 8–12 years of overall IT / security experience, with 5+ years of hands-on PKI and certificate lifecycle management experience.
- Expert-level knowledge of PKI concepts (X.509, cryptographic algorithms, trust models).
- Hands-on experience with CLM platforms (e.g., AppViewX, Venafi, Keyfactor, or Sectigo).
- Deep experience with ServiceNow integrations (APIs, REST, SOAP, JavaScript).
- Proficiency in scripting and automation using Python, PowerShell, or similar languages.
- Strong understanding of Microsoft Entra ID and Active Directory Certificate Services (AD CS).
- Ability to design reporting mechanisms for high-level technical stakeholders
Requirements
- Advanced proficiency in English
- Over 7 years of experience in Information Security, with a strong focus on Public Key Infrastructure (PKI) and Certificate Lifecycle Management (CLM).
- Demonstrated success leading and managing CLM initiatives within large, complex enterprise environments.
- Excellent analytical abilities, along with strong communication and interpersonal skills.
- Highly self-driven, capable of working independently, and comfortable operating in a fast-paced, global team setting.
Additional Requirements
- Relevant industry certifications (CISSP, CISM, or PKI-specific) are a plus.
- Experience with cloud-native solutions (AWS Certificate Manager, Azure Key Vault) is welcome.
- Familiarity with DevOps principles as they relate to certificate management.
