Matchpoint solutions is a fast-growing, young, energetic global it-engineering services company with clients across the us. We provide technology solutions to various clients like uber, robinhood, netflix, airbnb, google, sephora, and more! More recently, we have expanded to working internationally in canada, china, ireland, uk, brazil, and india. Through our culture of innovation, we inspire, build, and deliver business results, from idea to outcome. We keep our clients on the cutting edge of the latest technologies and provide solutions by using industry-specific best practices and expertise.
we are excited to be continuously expanding our team. If you are interested in this position, please send over your updated resume. We look forward to hearing from you!
job title: pki engineer
location: remote
employment type: contract
role overview
we are seeking a pki & clm engineer with strong hands-on expertise in enterprise public key infrastructure and certificate lifecycle management. The role focuses on designing, implementing, automating, and maintaining certificate services across hybrid and cloud environments using technologies such as adcs, aws acm/pca, and venafi.
key responsibilities
* pki infrastructure management
* manage and maintain enterprise pki hierarchy, including offline root ca and issuing cas
* configure and manage certificate templates, policies, and constraints
* ensure high availability and security of pki infrastructure components
* certificate lifecycle management (clm)
* own end-to-end certificate lifecycle: issuance, renewal, revocation, rekey, rollover, and retirement
* implement automated certificate provisioning and renewal processes
* manage internal and external certificate lifecycle workflows
crl & ocsp services
* configure, publish, and maintain crls and ocsp responders
* ensure availability, scalability, and performance of revocation services
automation & integration
* develop and maintain automation scripts (powershell) for certificate lifecycle operations
* integrate pki/clm solutions with enterprise applications, servers, and network devices
* enable certificate automation across windows, linux, and cloud platforms
cloud & clm platforms
* manage certificate services in cloud environments (aws acm / aws pca)
* implement and support clm solutions using venafi
* support hybrid pki deployments across on-prem and cloud
monitoring & inventory management
* maintain centralized inventory of certificates, keys, and machine identities
* monitor certificate health and expiration; proactively renew or revoke as needed
* identify and remediate expired, orphaned, or misconfigured certificates
security, compliance & governance
* enforce pki policies and standards (cp/cps, cab forum)
* support audits and compliance requirements
* ensure secure key management practices using hsms
operational excellence
* perform pki health checks, backups, and recovery procedures
* maintain documentation (runbooks, sops, architecture diagrams)
* troubleshoot pki and certificate-related issues across environments
required skills
* strong experience in pki & certificate lifecycle management
* hands-on expertise with microsoft adcs (ca, templates, crl, ocsp, ndes/scep)
* experience with aws acm / aws private ca (pca)
* experience with venafi (trust protection platform or similar clm tools)
* strong knowledge of x.509 certificates, tls, rsa/ecc, csr workflows
* experience with hsm integration and secure key management
* proficiency in powershell scripting for automation
* experience managing pki in enterprise and hybrid cloud environments
good to have
* knowledge of active directory, dns, iam
* exposure to cyberark or privileged access management tools
* relevant pki or security certifications
matchpoint solutions provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
this policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.