TalentProfile
Back to Jobs
Texas, Texas, United States Remote (Global) Full-time

Incedo is hiring a Senior PKI/Venafi Architect

About the Role

Qode is looking for a Senior PKI/Venafi Architect to lead the end-to-end discovery, design, implementation, and support of our enterprise-grade Public Key Infrastructure and certificate lifecycle management solutions. You will architect secure, scalable, and compliant cryptographic infrastructures across hybrid cloud environments.

What You'll Do

  • Lead the architecture, engineering, and integration of Public Key Infrastructure (PKI) and certificate management systems using Venafi Trust Protection Platform.
  • Drive all phases of the project lifecycle: discovery, design, implementation, support, and optimization.
  • Develop enterprise PKI-DSS (Public Key Infrastructure – Data Security Standards) aligned with compliance, audit, and security frameworks.
  • Architect secure, scalable cryptographic solutions involving digital certificates, TLS/SSL, key management, encryption mechanisms, and secure protocols.
  • Oversee integration of PKI and cryptographic services with cloud platforms (AWS, Azure, GCP) and DevSecOps toolchains.
  • Define and enforce policies for certificate lifecycle management, including issuance, renewal, rotation, and revocation.
  • Partner with security, infrastructure, and application teams to ensure secure adoption of cryptographic services.
  • Evaluate emerging technologies, contribute to the security roadmap, and continuously improve the cryptographic posture.

What We're Looking For

  • 12+ years of experience in Information Security Architecture.
  • At least 5 years specializing in PKI, certificate management, and cryptography.
  • Hands-on experience with Venafi Trust Protection Platform – policy configuration, workflow setup, agent integrations, etc.
  • Strong understanding of PKI architecture, CA hierarchy, HSMs, OCSP, CRLs, and key protection mechanisms.
  • Deep knowledge of cryptographic standards (RSA, ECC, AES, SHA, TLS/SSL, etc.) and security protocols.
  • Experience deploying PKI/certificate solutions in cloud (AWS, Azure, GCP) and hybrid environments.
  • Proven track record working as an Architect, leading security design sessions, risk assessments, and solution implementations.
  • Strong scripting or automation skills (e.g., PowerShell, Python, REST APIs) for certificate lifecycle automation.
  • Familiarity with security frameworks like NIST, ISO 27001, PCI-DSS, and regulatory compliance.

Nice to Have

  • Venafi or other relevant certifications.
  • Experience with HSMs (Thales, SafeNet, AWS CloudHSM).

Technical Stack

  • Venafi Trust Protection Platform, PKI-DSS, Cryptography (RSA, ECC, AES, SHA)
  • TLS/SSL, HSMs (Thales, SafeNet, AWS CloudHSM)
  • AWS, Azure, GCP
  • PowerShell, Python, REST APIs

Work Mode

This is a remote position.

Qode is an equal opportunity employer.

Required Skills
Venafi Trust Protection PlatformPKI-DSSCryptographyTLS/SSLHSMsAWSAzureGCPPowerShellPythonCertificate Lifecycle ManagementCloud SecurityAutomation
Scaling your freelance income?

Invoice multiple clients effortlessly

Managing 3+ international clients? Glopay streamlines everything. One EU company, unlimited invoices, automatic compliance. You just send and get paid.

Unlimited clients & invoices
Multi-currency support
Automated tax compliance
Client portal for easy payments
Scale with Glopay
Trusted by 10,000+ freelancers
About company
Incedo

A company seeking to expand market presence in India through freelance business development.

Visit website
Job Details
Category security
Posted 8 months ago

Similar Jobs

Other opportunities you might be interested in

KPMG

Network Security Senior Consultant

KPMG

Kyiv, Kyiv city, Ukraine Remote (Country)
ReversingLabs

Customer Success Engineer

ReversingLabs

United States Hybrid
Feeld

Trust & Safety Lead

Feeld

United Kingdom Remote (Global)
HERO Software

Information Security Senior Berater / Consultant (m/w/d)

HERO Software

Hybrid
Global Satcoms

CyberSecurity Engineer

Global Satcoms

On-site
EWOR GmbH

Cybersecurity Co-Founder / CCO (100 % remote) (m/f/d)

EWOR GmbH

Remote (Global)