TalentProfile
Back to Jobs
Remote (City) Full-time

AT&T Services, Inc. is hiring a Manager-Cybersecurity - Certificate Management Operations

About the Role

AT&T Communication Services India Private Ltd. is hiring a Manager - Cybersecurity - Certificate Management Operations. You will lead and manage a team of 10+ experienced cybersecurity professionals in AT&T India, overseeing PKI, cryptography, and the full lifecycle of digital certificates to ensure a secure and compliant enterprise ecosystem. This role involves close collaboration with developers, network engineers, and security teams.

What You'll Do

  • Functionally lead and manage a team of 10+ experienced professionals in AT&T India.
  • Manage PKI-related operations, mentor team members, and facilitate cross-team collaboration with security, DevOps, and infrastructure groups.
  • Manage certificate lifecycle operations including issuance, renewal, revocation, and cross-certification within complex CA hierarchies.
  • Enforce cryptographic key management policies including key generation, escrow, rotation, and destruction.
  • Monitor certificate status and proactively address expirations to prevent service disruptions.
  • Troubleshoot and resolve certificate-related issues across multiple platforms and applications.
  • Automate certificate management processes using scripting languages and certificate management tools.
  • Maintain accurate documentation of certificate inventories, configurations, and operational procedures.
  • Collaborate closely with developers, security teams, network administrators, and other stakeholders.
  • Ensure compliance with PKI best practices, industry standards, and regulatory requirements.
  • Establish monitoring and alerting mechanisms for certificate expiration and operational health.
  • Participate in periodic reviews and respond to certificate management-related queries.
  • Stay current with emerging trends, threats, and technologies in digital certificate management.
  • Lead incident response efforts related to certificate compromise or misuse.
  • Produce comprehensive documentation and communicate complex technical concepts clearly.
  • Provide training and support to internal teams on certificate best practices.
  • Collaborate with leadership teams, provide subject matter expertise and insights.
  • Support and guide team members in providing high-quality services and deliverables.
  • Support, guide and mentor team members in technical and functional matters.
  • Be flexible to provide coverage in US morning hours.
  • Be flexible with shifts and supporting on weekends.

What We're Looking For

  • 10+ years of experience in performing Digital Certificate Management Operations.
  • Advanced understanding of X.509 certificates, CRLs, OCSP, and complex CA hierarchies (root, intermediate, issuing).
  • Expertise in certificate lifecycle management at scale, cross-certification, and trust model architectures.
  • Strong cryptographic knowledge including symmetric/asymmetric encryption, digital signatures, and hashing algorithms.
  • Proven experience with key management policies covering generation, escrow, rotation, and secure destruction.
  • Demonstrated ability to lead complex PKI operations and guide junior team members.
  • Excellent collaboration skills working with security, DevOps, infrastructure, and application teams.
  • Ability to operationalize secure PKI systems integrated with IAM, SSO, MFA, and compliant with standards such as NIST, FIPS 140-2, and ISO 27001.
  • In-depth knowledge of networking protocols relevant to certificate distribution and validation: SSH, TLS/SSL, HTTPS, S/MIME, IPsec, VPNs, DNS, LDAP, HTTP.
  • Proven experience leveraging automation for certificate lifecycle management using scripting tools like PowerShell and Python.
  • Hands-on experience with OpenSSL, Keytool, Certutil.
  • Familiarity with Microsoft AD CS, KeyFactor, Venafi, HashiCorp Vault, and EJBCA.
  • Experience managing Hardware Security Modules (HSMs) such as Thales and SafeNet.
  • Experience with the ACME protocol for automated certificate lifecycle management.
  • Ability to lead and operationalize certificate expiration monitoring and alerting systems to prevent outages.
  • Ability to maintain thorough logging and auditing of all certificate operations for security and compliance.
  • Proven ability to troubleshoot complex certificate-related issues across diverse platforms.
  • Strong documentation skills to support audit readiness and operational transparency.
  • Experience with Python using libraries like cryptography, pyOpenSSL, requests, subprocess for PKI automation and API integration.
  • Experience with PowerShell for Windows PKI environments (e.g., AD CS).
  • Experience with Bash scripting for Linux-based PKI tools and OpenSSL automation.
  • Experience with Java for working with PKI tools such as EJBCA and integrations like HashiCorp Vault.
  • Experience with other automation tools: Ansible, Terraform, and CI/CD systems (GitHub Actions, Jenkins).
  • Experience with RESTful API integrations for DigiCert, HashiCorp Vault, and ACME protocol platforms.
  • Attention to detail and a sense of urgency.

Nice to Have

  • Bachelor's or master's degree in computer science, mathematics, information systems, engineering, or cybersecurity.
  • Industry certifications such as CEH, CISSP, SANS and/or other relevant certifications.
  • Ability to prioritize individual/group work in a high-stress and time-bound environment.
  • Excellent communication, problem-solving, and analytical skills.
  • Ability to work independently and as part of a team.

Technical Stack

  • Certificate Management Tools: OpenSSL, Keytool, Certutil
  • PKI Platforms: Microsoft AD CS, KeyFactor, Venafi, HashiCorp Vault, EJBCA
  • Hardware Security Modules: HSMs (Thales, SafeNet)
  • Programming & Scripting: Python, PowerShell, Bash, Java
  • Automation & Infrastructure: Ansible, Terraform, CI/CD systems (GitHub Actions, Jenkins)
  • Protocols & APIs: ACME protocol, RESTful APIs

Team & Environment

You will lead and manage a team of 10+ experienced cybersecurity professionals located in AT&T India.

Work Mode

This position follows a local-city work mode and is based in our offices in Hyderabad and Bengaluru.

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law.

Required Skills
OpenSSLKeytoolCertutilMicrosoft AD CSKeyFactorVenafiHashiCorp VaultEJBCAHardware Security Modules (HSMs)ThalesCertificate ManagementPublic Key Infrastructure (PKI)CryptographyAutomationScripting
Visa expiring soon?

Extend or switch without leaving Thailand

Running out of time on your current visa? SVBL identifies your best option — extension, category switch, or long-term visa — and handles the entire process.

Visa extensions & category switches
LTR & DTV visa applications
90-day reporting managed
Overstay prevention
Check your options
Prevent overstay issues
About company
AT&T Services, Inc.

AT&T Global Public Sector is a trusted provider of secure, IP enabled, cloud-based, network solutions and professional services to the Federal Government.

Visit website
Job Details
Category security
Posted 8 months ago

Similar Jobs

Other opportunities you might be interested in

Akumin

Security Engineer III

Akumin

On-site
Michelin

Responsable incendie et sûreté (F/H)

Michelin

On-site
The Hartford

Principal Security Architect - GenAI and Emerging Technologies - Remote

The Hartford

Hybrid
Incedo

Senior PKI/Venafi Architect

Incedo

Texas, Texas, United States Remote (Global)
KPMG

Network Security Senior Consultant

KPMG

Kyiv, Kyiv city, Ukraine Remote (Country)
ReversingLabs

Customer Success Engineer

ReversingLabs

United States Hybrid