Certificate Services and Data Encryption Engineer

November 25

Apply Now

Receive Emails with Similar Jobs

Velera

WebsiteLinkedInAll Job Openings

Credit Processing • Debit Processing • ATM Network • Fraud & Risk Management • Recovery Solutions

1001 - 5000 employees

Founded 1983

💳 Fintech

💸 Finance

🤝 B2B

Description

• Manage the full lifecycle of digital certificates, including issuance, renewal, revocation, and decommissioning. • Direct administration and engineering for all dependent cryptographic implementations in support of securing Velera’s sites, communications, data, proprietary code, connections, etc. • Oversee both internal and external certificate authorities (CAs), ensuring compliance with industry standards and organizational policies, utilizing Venafi for certificate management automation, monitoring, and reporting. • Implement monitoring systems to track certificate expiration dates and ensure timely renewals to avoid service interruptions. • Administer an HSM(s) for the secure storage and management of cryptographic keys used in certificate services. • Manage and oversee at-rest cryptographic data encryption solutions to protect corporate data assets, collaborating with IT and security teams to align encryption strategies with organizational goals and regulatory requirements. • Utilizing tools such as Netwrix for monitoring, auditing, and reporting, ensure comprehensive visibility and control over the environment to monitor infrastructure data blind spots to mitigate or prevent data loss and corruption. • Act as a subject matter expert on PKI, certificate types, use cases, and certificate lifecycle management.

Requirements

• Bachelor’s degree in computer science, Information Technology, or a related field, or equivalent combination of education and experience • Relevant certifications (e.g., Certified Information Systems Security Professional (CISSP), Certified Encryption Specialist (CES)) are a plus • 7+ years of experience in certificate management, PKI, and data encryption • 5+ years of direct systems and/or network engineering • Understanding of Kerberos / Microsoft Secure Channel required • Understanding of Linux SSH and SSSD is helpful • Direct experience with Microsoft Active Directory and ADCS is a must • Experience managing services with a trusted, outside certificate provider required • Experience working with a trusted certificate issuer like Digicert • Experience managing certificates via a certificate management platform like Venafi • Experience utilizing and managing a cryptographic data tokenization platform like CipherTrust • Experience with F5, JKS, IIS, JBoss/JDK, IDP’s/SP’s and their integration with certificate services a plus • Experience managing Hardware Security Modules (HSMs) for key protection • Strong knowledge of PKI, certificate lifecycle management, and typical certificate infrastructure topologies • Deep understanding of cryptographic technologies, processes, and data encryption technology integration best practices • Strong communication skills, with the ability to provide clear guidance to technical and non-technical stakeholders.

Benefits

• Competitive wages • Medical with telemedicine • Dental and Vision • Basic and Optional Life Insurance • Paid Time Off (PTO) • Maternity, Parental, Family Care • Community Volunteer Time Off • 12 Paid Holidays • Company Paid Disability Insurance • 401k (with employer match) • Health Savings Accounts (HSA) with company provided contributions • Flexible Spending Accounts (FSA) • Supplemental Insurance • Mental Health and Well-being: Employee Assistance Program (EAP) • Tuition Reimbursement • Wellness program