PKI Architect for Certificate Management

Job description

The PKI Architect (Global, Hybrid, Multi-CA) will be responsible for defining and governing the enterprise trust architecture across private and public Certificate Authorities within a hybrid environment. The role will provide architectural direction and oversight by establishing CA-agnostic policies, certificate profiles, cryptographic standards, and decision frameworks supporting Machine Identity, code signing, and certificate-based trust across on-premises, Azure, AWS, and SaaS platforms (and other technologies and services as required). The architect will also define the organization’s Certificate Lifecycle Management (CLM) operating model to ensure consistent controls for discovery, issuance, renewal, revocation, and compliance at global scale, while enabling audit readiness, risk reduction, and long-term crypto agility including the development, and delivery of the strategy for post quantum computing, Key Responsibilities: · Defining the enterprise PKI reference architecture and trust model across ADCS and public CAs (DigiCert/Sectigo), including trust boundaries, CA roles, and chain strategy for hybrid environments. · Owning global standards for certificate profiles/template...