PKI-SSL Certificates Engineer | REMOTE

  • Location
    San Francisco, California
  • Category:
    IT - IT
  • Job Type:
  • Job reference:

A company in the sports technology and services industry is looking for a PKI/SSL Certificates Engineer to join their Operation team. This role is fully remote.

As a member of the Operations team, you will be building technologies to help create and implement a certificate management program. Your job will also include the design, deployment, and support of PKI solutions for the entire platform.

The ideal candidate must possess a strong analytical approach to problem-solving and excellent communication skills.


Job Responsibilities:

  • Consult with technical users and other business unit members to identify PKI requirements and develop documentation.
  • Help with the technical direction on all areas of PKI architecture, automation, strategies, and enforce standards.
  • Support and guide key stakeholders on PKI lifecycle processes and procedures.
  • Process service and fulfillment requests, and/or catalog tasks.
  • Manage SSL/TLS Certificates in association with the Certificate Authority (CA). 
  • Monitor managed PKI (Internal) and public (External) CA SSL/TLS Certificates for upcoming expiration dates.
  • Monitor expiry notifications to prevent issues with certificate expiration.
  • Revoke unused SSL Certificates in both Public CA portals and managed PKI. 
  • Interact directly with IT customers and vendors about certificate troubleshooting and key issues.
  • Update and manage documentation and process guides for certificate request and distribution.
  • Provide technical guidance on moving some manual certificate provisioning process to an automated method.
  • Work with DevOps engineers in automating certificates in CI/CD methods.
  • Ensure successful implementation by assisting in certificate coordination.

    Job Requirements:

  • X.509 and general certificate management processes knowledge
  • Previous experience with Public Certificate Authority providers 
  • DigiCert ACME automation integration experience (e.g. DigiCert)
  • Public key infrastructure (PKI) and certificate life cycle management (e.g. DigiCert CertCentral) experience
  • Experience and certification in IT operational standards (ITIL v3 highly preferred)
  • General knowledge of cryptographic keys and methodologies, symmetric and asymmetric keys, cryptographic key algorithms, cipher blocks, and IT organization processes 
  • Web Application Firewall technologies experience like AWS WAF, Cloudflare, and GCP Cloud Armor is desired
  • Excellent listener, mentor, and collaborator.

    Equal Opportunity Employer/Veterans/Disabled

    To read our Candidate Privacy Information Statement, which explains how we will use your information, please navigate to

    The Company will consider qualified applicants with arrest and conviction records