Job Description

Project Role :

Security Architect

Project Role Description :

Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills :

Data Encryption

Good to have skills :

NA

Minimum

3

year(s) of experience is required

Educational Qualification :

15 years full time education



Summary: We are seeking a dedicated and detail-oriented Team Member to join our Identity and Access Management (IAM) team, supporting a major US-based client. The role focuses on Public Key Infrastructure (PKI) operations with additional responsibilities around Enterprise Key Management System (EKMS) and Identity governance tools. This is a hands-on operational role requiring support in a 24x7 environment, following a rotational shift model. Roles & Responsibilities: - Perform day-to-day operations of PKI services including certificate issuance, renewal, revocation, and monitoring. - Maintain and troubleshoot Certificate Authorities (CAs), Online Responders (OCSP), and Certificate Enrollment Web Services (CEP/CES). - Support integration and certificate management for enterprise applications, servers, network devices, and security appliances. - Execute and monitor certificate lifecycle management tasks and ensure compliance with security standards. - Troubleshoot SSL/TLS-related issues and assist with application-level binding of certificates (e.g., IIS, LDAPS, etc.). - Maintain service availability, perform routine health checks, and participate in DR/Resiliency testing. - Work closely with the IAM team on access control and authentication mechanisms where certificate-based auth is integrated. - Provide operational support for EKMS (Enterprise Key Management System) as an added advantage. - Follow ITIL processes for incident, change, and problem management. - Prepare and maintain SOPs, documentation, and runbooks for PKI and associated tools. Professional & Technical Skills: - Strong hands-on experience with Microsoft PKI, including Root and Subordinate CAs. - Experience in certificate lifecycle management for diverse enterprise environments. - Familiarity with Active Directory Certificate Services (ADCS). - Working knowledge of Online Responders, CEP/CES,NDES and Auto-Enrollment policies. - Knowledge on DigiCert certificates and management. - Good understanding of SSL/TLS protocols and digital certificates. - Basic scripting skills (PowerShell preferred) for automation of routine tasks. - IAM concepts and experience with directory services (Active Directory, Entra ID/Azure AD) is an added advantage. - Exposure to EKMS solutions (e.g., Thales, Venafi, or other HSM-integrated key management platforms) is a plus. - Ability to work in 24x7 rotational shifts and support global clients. - Strong communication and documentation skills. - Preferred Certifications - Microsoft certifications related to security or infrastructure. - CompTIA Security+, Certified PKI Professional (CPKI), or similar. - Azure Security, SC-300 (Mandatory) and SC-900 - Thales Encryption Product Certifications Additional Information: - The candidate should have minimum 3 years of experience in Data Encryption. - This position is based at our Bengaluru office. - A 15 years full time education is required.




15 years full time education