AT&T Services, Inc. was looking for a Manager-Cybersecurity - Certificate Management Operations

AT&T Communication Services India Private Ltd. is hiring a Manager - Cybersecurity - Certificate Management Operations. You will lead and manage a team of 10+ experienced cybersecurity professionals in AT&T India, overseeing PKI, cryptography, and the full lifecycle of digital certificates to ensure a secure and compliant enterprise ecosystem. This role involves close collaboration with developers, network engineers, and security teams.

What You'll Do

• Functionally lead and manage a team of 10+ experienced professionals in AT&T India.
• Manage PKI-related operations, mentor team members, and facilitate cross-team collaboration with security, DevOps, and infrastructure groups.
• Manage certificate lifecycle operations including issuance, renewal, revocation, and cross-certification within complex CA hierarchies.
• Enforce cryptographic key management policies including key generation, escrow, rotation, and destruction.
• Monitor certificate status and proactively address expirations to prevent service disruptions.
• Troubleshoot and resolve certificate-related issues across multiple platforms and applications.
• Automate certificate management processes using scripting languages and certificate management tools.
• Maintain accurate documentation of certificate inventories, configurations, and operational procedures.
• Collaborate closely with developers, security teams, network administrators, and other stakeholders.
• Ensure compliance with PKI best practices, industry standards, and regulatory requirements.
• Establish monitoring and alerting mechanisms for certificate expiration and operational health.
• Participate in periodic reviews and respond to certificate management-related queries.
• Stay current with emerging trends, threats, and technologies in digital certificate management.
• Lead incident response efforts related to certificate compromise or misuse.
• Produce comprehensive documentation and communicate complex technical concepts clearly.
• Provide training and support to internal teams on certificate best practices.
• Collaborate with leadership teams, provide subject matter expertise and insights.
• Support and guide team members in providing high-quality services and deliverables.
• Support, guide and mentor team members in technical and functional matters.
• Be flexible to provide coverage in US morning hours.
• Be flexible with shifts and supporting on weekends.

What We're Looking For

• 10+ years of experience in performing Digital Certificate Management Operations.
• Advanced understanding of X.509 certificates, CRLs, OCSP, and complex CA hierarchies (root, intermediate, issuing).
• Expertise in certificate lifecycle management at scale, cross-certification, and trust model architectures.
• Strong cryptographic knowledge including symmetric/asymmetric encryption, digital signatures, and hashing algorithms.
• Proven experience with key management policies covering generation, escrow, rotation, and secure destruction.
• Demonstrated ability to lead complex PKI operations and guide junior team members.
• Excellent collaboration skills working with security, DevOps, infrastructure, and application teams.
• Ability to operationalize secure PKI systems integrated with IAM, SSO, MFA, and compliant with standards such as NIST, FIPS 140-2, and ISO 27001.
• In-depth knowledge of networking protocols relevant to certificate distribution and validation: SSH, TLS/SSL, HTTPS, S/MIME, IPsec, VPNs, DNS, LDAP, HTTP.
• Proven experience leveraging automation for certificate lifecycle management using scripting tools like PowerShell and Python.
• Hands-on experience with OpenSSL, Keytool, Certutil.
• Familiarity with Microsoft AD CS, KeyFactor, Venafi, HashiCorp Vault, and EJBCA.
• Experience managing Hardware Security Modules (HSMs) such as Thales and SafeNet.
• Experience with the ACME protocol for automated certificate lifecycle management.
• Ability to lead and operationalize certificate expiration monitoring and alerting systems to prevent outages.
• Ability to maintain thorough logging and auditing of all certificate operations for security and compliance.
• Proven ability to troubleshoot complex certificate-related issues across diverse platforms.
• Strong documentation skills to support audit readiness and operational transparency.
• Experience with Python using libraries like cryptography, pyOpenSSL, requests, subprocess for PKI automation and API integration.
• Experience with PowerShell for Windows PKI environments (e.g., AD CS).
• Experience with Bash scripting for Linux-based PKI tools and OpenSSL automation.
• Experience with Java for working with PKI tools such as EJBCA and integrations like HashiCorp Vault.
• Experience with other automation tools: Ansible, Terraform, and CI/CD systems (GitHub Actions, Jenkins).
• Experience with RESTful API integrations for DigiCert, HashiCorp Vault, and ACME protocol platforms.
• Attention to detail and a sense of urgency.

Nice to Have

• Bachelor's or master's degree in computer science, mathematics, information systems, engineering, or cybersecurity.
• Industry certifications such as CEH, CISSP, SANS and/or other relevant certifications.
• Ability to prioritize individual/group work in a high-stress and time-bound environment.
• Excellent communication, problem-solving, and analytical skills.
• Ability to work independently and as part of a team.

Technical Stack

• Certificate Management Tools: OpenSSL, Keytool, Certutil
• PKI Platforms: Microsoft AD CS, KeyFactor, Venafi, HashiCorp Vault, EJBCA
• Hardware Security Modules: HSMs (Thales, SafeNet)
• Programming & Scripting: Python, PowerShell, Bash, Java
• Automation & Infrastructure: Ansible, Terraform, CI/CD systems (GitHub Actions, Jenkins)
• Protocols & APIs: ACME protocol, RESTful APIs

Team & Environment

You will lead and manage a team of 10+ experienced cybersecurity professionals located in AT&T India.

Work Mode

This position follows a local-city work mode and is based in our offices in Hyderabad and Bengaluru.

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law.