Number of Applicants
:000+
Let AI Supercharge Your Job Hunt!
JobCopilot scans 500,000+ company career sites daily to find jobs for you
Role Summary
The PKI Certificate Lifecycle Management
(CLM) Engineer / Architect is responsible for the design,
implementation, enablement, and ongoing operation of enterprise PKI and
certificate lifecycle management solutions. This role will support a long‑term,
multi‑phase PKI improvement initiative, focused on implementing and
operationalising DigiCert One (SaaS) to improve certificate
governance, automation, and compliance across the organisation.
The role will work closely with
security, infrastructure, and application teams throughout phases of
the program, while also providing BAU and operational support once
the platform is live.
Key Responsibilities
â Lead the enablement, configuration,
and operation of PKI Certificate Lifecycle Management (CLM) solutions
in a SaaS environment
â Design, build, and configure DigiCert One, including account setup,
environment creation, and tenant configuration
â Implement and manage DigiCert One Trust Lifecycle Manager (TLM) for
certificate issuance, renewal, and revocation
â Design, implement, and maintain
enterprise Public Key Infrastructure (PKI) and Certificate
Lifecycle Management (CLM) solutions
â Configure and administer PKI platforms to ensure secure
certificate issuance, renewal, revocation, and compliance
â Support the ongoing operation and availability of certificate management
services across the enterprise
â Develop and maintain PKI policies, standards, and procedures aligned
to security and compliance requirements
â Work closely with application, infrastructure, and security teams to support
certificate‑based authentication and encryption use cases
â Perform certificate lifecycle operations, including key management,
certificate rotation, and expiration management
â Monitor PKI systems for performance, availability, and security issues
â Troubleshoot and resolve certificate‑related incidents, outages, and
configuration issues
â Maintain technical documentation, runbooks, and operational procedures for
PKI services
â Ensure compliance with internal security standards and external regulatory
requirements related to cryptography and certificates
â Support audits, security reviews, and risk assessments relating to PKI and
certificate usage
â Provide technical guidance and subject‑matter expertise on PKI best practices
and industry standards
Required Skills & Experience
â Strong expertise in Public Key
Infrastructure (PKI) and Certificate Lifecycle Management (CLM) concepts and
operations
â Hands‑on experience with DigiCert One, including Trust Lifecycle Manager
(TLM)
â Proven experience managing the full certificate lifecycle, including
issuance, renewal, revocation, and expiration management
â Solid understanding of X.509 certificates, TLS/SSL, key pairs, and
cryptographic algorithms
â Experience supporting enterprise‑scale PKI environments across hybrid (on‑prem
and cloud) infrastructures
â Familiarity with certificate discovery, automation, and governance frameworks
â Strong troubleshooting skills for certificate‑related issues impacting
applications, endpoints, and infrastructure
â Experience working with Windows and Linux operating systems in secure
environments
â Understanding of security controls, encryption standards, and compliance
requirements related to PKI
Education & Certifications
â Bachelor’s degree in Cybersecurity,
Information Technology, Computer Science, or a related field (or equivalent
practical experience)
â Preferred certifications:
· DigiCert
Certified Professional (or equivalent PKI certification)
· Microsoft, AWS, or
Azure security certifications with PKI focus
· CompTIA Security+
or equivalent cybersecurity certification
· CISSP, CISM, or
CCSP is a plus
Preferred Skills
â Experience with certificate
automation tools, APIs, and scripting (e.g., PowerShell, Python, REST APIs)
â Familiarity with hardware security modules (HSMs) and key protection
mechanisms
â Knowledge of cryptographic standards and regulations (e.g., NIST, ISO, CIS
benchmarks)
â Experience supporting certificate‑based authentication for applications,
devices, and services
â Exposure to vulnerability management, encryption compliance, or zero‑trust
initiatives
â Ability to work effectively with application, infrastructure, and security
teams in large enterprises
Auto-Apply to PKI Engineer Jobs with your AI JobCopilot
Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.