CrawlJobs Logo
Citi Logo Citi · IT - Software Development

PKI Engineer

Hungary, Budapest · Job Posted March 19, 2026
Apply Position
Job Link Share

Job Description

The purpose of this role is to design, develop and engineer Cryptographic, PKI and Certificate management Systems alongside existing engineering team members fulfilling corporate requirements, policies and standards. The candidate will take part in defining cryptographic standards, architectures, and governance, and help develop Citi’s next generation crypto ecosystem, a large scale enterprise security solutions using the latest advancements in cryptography and information security and advanced algorithms.Certificate management engineering, focused on automated certificate management, deployment, renewal in various clients, applications operating systems; cryptographic protocols and controls, including but not limited to, post-quantum cryptography, PKI solutions, and strategic vendor interaction. The candidate’s responsibilities will also include working with advanced mathematical algorithms within PKI.The engineer will participant in device and user certificate management focusing on certificate lifecycle automation projects in Citi, including certificate automation for microservices, desktops, servers, Windows/Unix hosts, network security devices and other appliances.

Job Responsibility

  • Design and introduce enterprise level certificate automation processes and solutions, which will include working on PKI architectures
  • Work with all disciplines, engineers, and operational product owners to integrate PKI and certificate management related technologies with Citi platforms to protect and manage the cryptography of mission critical systems
  • Perform product evaluation, testing and certification of PKI and Crypto technologies
  • Ensure that all security products meet or exceed Citi internal and regulatory requirements
  • Provide occasional 4th level support for the product toolset
  • Produce documentation of processes and procedures for the usage of the product
  • Follow the Technology Development Life Cycle in the development of all security tools

Requirements

  • 5-8 years of relevant experience in an Engineering role
  • Strong solid experience in cryptography, crypto protocols/algorithms and peripheral technologies
  • Must be familiar with information security concepts, best practices and solutions
  • Must have a strong engineer background
  • Database knowledge, preferably MSSQL and scripting background, preferably Powershell
  • Must have experience with PKI and a good understanding of cryptography, including the principles related to PKI, private keys, encryption methods, CRL, and advanced key usages
  • Understanding of Microsoft Windows and Unix operating systems
  • Sound security engineering principles as background to understanding the inner workings of the systems and controls that form an enterprise security ecosystem
  • Understanding of symmetric key encryption and asymmetric encryption
  • Bachelor’s degree/University degree or equivalent experience
  • Information Security Certification(s)

Nice to have

  • Experience with commercial Certificate Authority (CA) products and/or certificate management systems
  • Experience with a variety of HSM platforms
  • Working with Trust Providers
  • Master’s degree

What we offer

  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Socially active employee communities with diverse networking opportunities
Citi - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

PKI Engineer

8 matching positions

Pki Engineer

Engineer the future of global finance. At Citi, our Tech team doesn’t just suppo...
Location
Location
United Kingdom , Belfast
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Senior level experience in cryptography
  • Experience with commercial Ca products and/or certificate management systems is a plus
  • Working with Trust Providers is a plus
  • Understanding of Microsoft Windows operating systems
  • Understanding of Linux
  • Understanding of cryptographic protocols
  • Programming Experience in JAVA or C
  • Programming in Python
  • Knowledge of Crypto Libraries (Bouncy Castle)
  • Sound security engineering principles as background to understanding the inner workings of the systems and controls that form an enterprise security ecosystem
Job Responsibility
Job Responsibility
  • Research cryptographic protocols, develop crypto solutions at the enterprise level, which will include working on PKI architectures with main focus on certificate management automation
  • Work with all disciplines, engineers, and operational product owners to integrate PKI and certificate management related technologies with Citi platforms to protect and manage the cryptography of mission critical systems
  • Perform product evaluation, testing and certification of PKI and Crypto technologies
  • Ensure that all security products meet or exceed Citi internal and regulatory requirements
  • Provide occasional 4th level support for the product toolset
  • Produce documentation of processes and procedures for the usage of the product
  • Follow the Technology Development Life Cycle in the development of all security tools
What we offer
What we offer
  • 27 days annual leave (plus bank holidays)
  • A discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Access to an array of learning and development resources
  • Fulltime
Read More
Arrow Right

Cybersecurity PKI Engineer, Mid

When our country’s cybersecurity is on the line, simply reacting is not enough, ...
Location
Location
United States , Fort Meade
Salary
Salary:
69400.00 - 158000.00 USD / Year
boozallen.com Logo
Booz Allen Hamilton
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience as an ISSO
  • Experience with the NIST Risk Management Framework
  • Experience with Security Technical Implementation Guides (STIGs) and documentation
  • Secret clearance
  • HS diploma or GED
Job Responsibility
Job Responsibility
  • Assess DoD PKI's current cyber policies, the coverage of those policies, and areas of risks
  • Evaluate and audit how our policies stack up to regulations, best practices, and industry standards, and adjust them
  • Guide your client through understanding acceptable risk and availability
  • Work on the development of a strategic cyber roadmap
  • Work with the client to help them operate securely as they navigate an evolving IT environment
  • Protect the DoD Information Network through strategic cyber policy analysis
What we offer
What we offer
  • Health, life, disability, financial, and retirement benefits
  • Paid leave
  • Professional development
  • Tuition assistance
  • Work-life programs
  • Dependent care
  • Recognition awards program
Read More
Arrow Right

PKI Operation Sr. Engineer

Location
Location
Egypt , Nasr City
Salary
Salary:
Not provided
el-delta.com Logo
El Delta Electronic Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in managing and operating PKI infrastructures (eMudhra, Entrust, etc.)
  • Hands-on experience with HSMs and Hardware Tokens (e.g., Thales, epass)
  • Strong understanding of X.509 certificates, certificate lifecycle, key management, and revocation mechanisms
  • Familiarity with cryptographic standards and protocols (OCSP, CRL, TSA, ... etc)
  • Experience in scripting and automation (PowerShell, Bash, Python, etc.)
  • Solid understanding of Linux environments
  • Strong troubleshooting and analytical skills
  • Excellent documentation and communication skills
Job Responsibility
Job Responsibility
  • Operate and support enterprise PKI and Certificate Issuance systems
  • Manage and troubleshoot issues related to CA servers, RA components, OCSP responders, CRLs, and associated services
  • Perform secure operations and lifecycle management on HSMs (e.g., key generation, backup, rotation, decommissioning)
  • Monitor system health, audit logs, and certificate expiration alerts
  • Perform root and subordinate CA certificate management (issuance, renewal, and revocation)
  • Provide technical support for internal teams and end-users regarding certificate usage and enrollment
  • Coordinate with Information Security and Infrastructure teams to ensure compliance with internal and external policies
  • Document configurations, procedures, incident handling, and system changes
  • Participate in periodic audits, key ceremonies, and disaster recovery drills
  • Maintain knowledge of industry best practices and emerging threats in PKI and cryptographic systems
  • Fulltime
Read More
Arrow Right
New

Security Managed Services Engineer (L4)

As a Security Managed Services Engineer (L4) at NTT DATA, your day will be fille...
Location
Location
Luxembourg , Capellen
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • Relevant certifications are a plus
  • Proven experience in network and application security, with expertise in Palo Alto, Bluecoat, F5 (LTM, ASM, APM), ASA VPN or Splunk
  • Knowledge of firewall management, intrusion detection, content filtering, web application security, and VPN technologies
  • Proficiency in PKI design and management, digital certificate issuance, and secure key management
  • Excellent problem-solving and troubleshooting skills, with the ability to work well under pressure
  • Strong communication skills and the ability to collaborate with diverse teams
  • A proactive approach to identifying and mitigating security vulnerabilities and risks
  • Demonstrated ability to work in a fast-paced and dynamic environment
  • Fluent in English
Job Responsibility
Job Responsibility
  • Being responsible to implement projects to replace / upgrade the current infrastructure with new versions or solutions, and you will analyze, recommend, and implement new cyber security technologies and solutions
  • Monitor operational infrastructure – you will leverage standard tools and processes to respond and resolve incidents and requests in a timely manner meeting agreed SLA
  • Incident Response – Monitor security events, investigate and respond to security incidents, and assist in post-incident analysis and remediation
  • Documentation: Create and maintain comprehensive documentation related to security configurations, policies, procedures, and incidents
  • Collaboration: Work closely with cross-functional teams, including IT, Network, and Application Development, to ensure the integration of security measures across the organization
  • Research and Innovation: Stay up-to-date with emerging security threats, technologies, and best practices, and provide recommendations for security improvements
  • Fulltime
Read More
Arrow Right
New

Senior OpenShift Platform Engineer

We are currently seeking a Senior OpenShift Platform Engineer to join our team i...
Location
Location
India , Noida
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong experience with OpenShift platform administration and Kubernetes operations
  • Hands-on experience with cluster installation, upgrades, patching, and platform maintenance
  • Knowledge of operator lifecycle management and multi-cluster management concepts, including RHACM
  • Strong Linux / RHEL system administration background
  • Experience with load balancers, DNS, and core infrastructure dependencies
  • Expertise in Infrastructure as Code, automation, and configuration management
  • Hands-on experience with Ansible, Ansible Automation Platform, Bash, YAML, Git, and Jenkins
  • Experience with GitOps tools and practices, including Argo CD and OpenShift GitOps
  • Strong understanding of OpenShift networking, software-defined networking, ingress, routes, and load balancing
  • Knowledge of firewall management, network policy controls, service mesh technologies, and traffic troubleshooting
Job Responsibility
Job Responsibility
  • Administer and support enterprise OpenShift platform environments, including cluster installation, upgrades, patching, and ongoing lifecycle management
  • Manage and optimize Kubernetes and OpenShift platform components to ensure reliability, scalability, and performance
  • Support operator lifecycle management and enterprise cluster governance using tools such as Red Hat Advanced Cluster Management (RHACM)
  • Perform Linux and RHEL system administration tasks that support platform infrastructure and service availability
  • Partner with infrastructure teams to manage load balancers, DNS, certificates, and other foundational platform dependencies
  • Develop and maintain Infrastructure as Code solutions and automation workflows using Ansible, Ansible Automation Platform, scripting, and related tools
  • Implement and support GitOps practices using technologies such as Argo CD and OpenShift GitOps to improve deployment consistency and operational efficiency
  • Contribute to CI/CD and platform automation efforts using tools such as Jenkins, Git, and HashiCorp-based workflows where applicable
  • Support OpenShift networking, including ingress, routes, load balancing, firewall rules, network policies, and service mesh related concepts
  • Troubleshoot east-west and north-south traffic issues across cluster and application networking layers
  • Fulltime
Read More
Arrow Right
New

Active Directory Engineer (Technology Specialist I)

This is a 100% remote position, which requires one day onsite yearly.
Location
Location
United States , New York
Salary
Salary:
109000.00 - 163695.00 USD / Year
mountsinai.org Logo
Mount Sinai Health System
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor degree in Computer Science or a related discipline, or an equivalent combination of education and work experience. Masters degree preferred.
  • Eight years of diverse work experience in IT with a minimum of six years experience in systems analysis and application program development, or an equivalent combination of education and work experience.
  • 8+ years of Active Directory experience in enterprise environments
  • 5+ years administering Microsoft Entra ID (Azure AD)
  • Strong knowledge of Azure conditional policies, App registrations and Enterprise applications
  • Strong proficiency in PowerShell, Microsoft Graph or equivalent Microsoft‑supported scripting and automation tooling used for Entra ID and Active Directory operations.
Job Responsibility
Job Responsibility
  • Serve as the hands-on technical lead and subject matter expert for Entra ID and Active Directory environments and related technologies
  • Establish and operate a centralized Entra ID and Active Directory support function, including support models, standards, and escalation processes
  • Lead incident response, root-cause analysis, and long-term remediation for directory-related issues
  • Partner with IAM, Security, Infrastructure, and Compliance teams while maintaining clear ownership boundaries
  • Acting as escalation point for directory/domain issues
  • Root Cause Analysis and Problem Management
  • SME advisory posture for directory and identity platforms
  • Analyzing the environment and driving continuous improvement plans
  • Managing stakeholder expectations through clear technical communication
  • Administer Microsoft Entra ID (Azure AD) tenants
  • Fulltime
Read More
Arrow Right
New

Principal Software Engineer

We are looking for a highly experienced, curious and driven software engineer to...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong software development background including design, architecture, implementation, and testing
  • Knowledge of software development in Golang
  • Advanced knowledge / experience in some/all of networking, security, cloud, Kubernetes, encryption, PKI, JWT, SPIFFE
  • Experience solving problems at enterprise scale, performance and quality standards
  • Experience leading a software development team and mentoring others (with our without line management experience)
  • Experience in product development and working with product managers and field teams
Job Responsibility
Job Responsibility
  • Design and develop software to solve Workload Identity challenges, from prototyping to production, and including client and server
  • Develop, shape, lead, mentor, and collaborate with a close-knit team
  • Work with stakeholders (internal and external) to discuss ideas, present work that has been done, discuss priorities and options
  • Act as the team’s technical lead, splitting up work for others and guiding them through implementation
  • Fulltime
Read More
Arrow Right
New

System Engineer

2HB Incorporated is seeking a Systems Engineer to support its government custome...
Location
Location
United States , Annapolis Junction
Salary
Salary:
Not provided
2hb.com Logo
2HB
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Containers/Cloud environments
  • Storage Management
  • Virtualization
  • Ip networking and Firewall exp.
  • ALL LINUX
  • Solid understanding of PKI/TLS/crypto including crypto policies
  • Exp w/ automation tools is a bonus
  • Application support and general troubleshooting
  • SSP compliance and STE/STN support on Linux systems.
Job Responsibility
Job Responsibility
  • Application support and general troubleshooting
  • SSP compliance and STE/STN support on Linux systems.
  • Fulltime
Read More
Arrow Right