CrawlJobs Logo

PKI Engineer

https://www.citi.com/ Logo

Citi

Location Icon

Location:
Hungary , Budapest

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

12211560.00 - 20474640.00 HUF / Month
Save Job
Save Icon
Apply Position

Job Description:

The purpose of this role is to design, develop and engineer Cryptographic, PKI and Certificate management Systems alongside existing engineering team members fulfilling corporate requirements, policies and standards. The candidate will take part in defining cryptographic standards, architectures, and governance, and help develop Citi’s next generation crypto ecosystem, a large scale enterprise security solutions using the latest advancements in cryptography and information security and advanced algorithms.Certificate management engineering, focused on automated certificate management, deployment, renewal in various clients, applications operating systems; cryptographic protocols and controls, including but not limited to, post-quantum cryptography, PKI solutions, and strategic vendor interaction. The candidate’s responsibilities will also include working with advanced mathematical algorithms within PKI.The engineer will participant in device and user certificate management focusing on certificate lifecycle automation projects in Citi, including certificate automation for microservices, desktops, servers, Windows/Unix hosts, network security devices and other appliances.

Job Responsibility:

  • Design and introduce enterprise level certificate automation processes and solutions, which will include working on PKI architectures
  • Work with all disciplines, engineers, and operational product owners to integrate PKI and certificate management related technologies with Citi platforms to protect and manage the cryptography of mission critical systems
  • Perform product evaluation, testing and certification of PKI and Crypto technologies
  • Ensure that all security products meet or exceed Citi internal and regulatory requirements
  • Provide occasional 4th level support for the product toolset
  • Produce documentation of processes and procedures for the usage of the product
  • Follow the Technology Development Life Cycle in the development of all security tools

Requirements:

  • 5-8 years of relevant experience in an Engineering role
  • Strong solid experience in cryptography, crypto protocols/algorithms and peripheral technologies
  • Must be familiar with information security concepts, best practices and solutions
  • Must have a strong engineer background
  • Database knowledge, preferably MSSQL and scripting background, preferably Powershell
  • Must have experience with PKI and a good understanding of cryptography, including the principles related to PKI, private keys, encryption methods, CRL, and advanced key usages
  • Understanding of Microsoft Windows and Unix operating systems
  • Sound security engineering principles as background to understanding the inner workings of the systems and controls that form an enterprise security ecosystem
  • Understanding of symmetric key encryption and asymmetric encryption
  • Bachelor’s degree/University degree or equivalent experience
  • Information Security Certification(s)

Nice to have:

  • Experience with commercial Certificate Authority (CA) products and/or certificate management systems
  • Experience with a variety of HSM platforms
  • Working with Trust Providers
  • Master’s degree
What we offer:
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Socially active employee communities with diverse networking opportunities

Additional Information:

Job Posted:
March 19, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Citi - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for PKI Engineer

PKI Engineering Group Manager

Within Citi, the PKI Engineering Team is focusing on cryptographic protocols, ma...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years experience in cryptography, PKI, and strong understanding of cryptography and mathematical algorithms
  • Understanding the principles related to PKI, private keys, encryption methods, CRL, advanced key usages and post quantum cryptography
  • Deep Understanding of Microsoft Windows and Linux operating systems and cryptographic protocols
  • Knowledge of Crypto Libraries (bouncy castle)
  • Symmetric Key Encryption and Asymmetric Encryption
  • Experience with a variety of HSM platforms, Certificate Authority systems and Cloud Providers
  • Working with Trust Providers is a plus
  • Comprehensive knowledge of design metrics, analytics tools, benchmarking activities and related reporting to identify best practices
  • Demonstrated analytic/diagnostic skills
  • Ability to work in a matrix environment and partner with virtual teams
Job Responsibility
Job Responsibility
  • Manage a team of Public key Infrastructure(PKI) engineers, supporting certificate solutions for internal and external stakeholders, drive projects within the group and creating a technology domain roadmap
  • Ensure that all integration of functions meet business goals
  • Define necessary system enhancements to deploy new products and process enhancements
  • Recommend suitable products or product customization for system integration
  • Identify problem causality, business impact and root causes
  • Create PKI solutions for a large company
  • Improve engineering capabilities for timely delivery of projects
  • Collaborate with partners in Engineering, Operations and Business
  • Perform product evaluation, testing and certification of PKI and Crypto technologies. Ensure that all security products meet or exceed Citi internal and regulatory requirements
  • Provide occasional 4th level engineering support for the product toolset
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Systems Engineer

Dig in with your teams to effectively perform requirements analysis, refinement,...
Location
Location
United States , Annapolis Junction
Salary
Salary:
136000.00 - 250000.00 USD / Year
lufburrow.com Logo
LufCo
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelors degree in a Technical or related discipline is required
  • 5 years of additional experience may be substituted for a bachelors degree
  • 7 years of experience in Systems Engineering in programs and contracts of similar scope, type, and complexity
  • Experience with Atlassian suite of products
  • Strong communication
  • Ability to manage customer and development team expectations
  • Proven ability to problem solve with sometimes limited resources
  • Exposure to Agile methodologies
  • Active TS/SCI with Polygraph clearance
Job Responsibility
Job Responsibility
  • Drive next generation PKI architecture forward utilizing commercial and government best practices for ensuring secure key solutions
  • Planning, implementation, and evolution of PKI solution sets for evaluation and analysis as part of existing system modernization efforts
  • Ability to see impacts of system changes at scale, minimizing technical debt and critical thinking related to strategic moves regarding Identity, Credentialing, and Access Management Solutions
  • Provide fundamental knowledge on applying technologies like containerization to legacy physical workloads, the ability to identify automation improvements, and the ability to communicate pros/cons as part of the technical decision making process
  • Documenting, maintaining and representing stakeholder priorities in regards to Certificate products and services impacting thousands of users and systems worldwide
  • Advocate for automation in all aspects of the system (build, deployment, test, updating, and monitoring)
What we offer
What we offer
  • Paid Time Off
  • 401K Contribution and Employer Match Contributions
  • Medical, Dental, and Vision Coverage
  • Tuition reimbursement
  • Fulltime
Read More
Arrow Right

Product Security Engineer

As a Product Security Engineer specializing in cryptography and PKI, you will de...
Location
Location
United States , Palo Alto
Salary
Salary:
Not provided
1x.tech Logo
1X Technologies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong experience with cryptography, PKI design, and key management
  • Experience working with hardware security modules (HSMs), including vendor selection, integration, and root‑of‑trust establishment
  • Familiarity with remote device attestation frameworks (such as fTPM, OP‑TEE, or similar)
  • Demonstrated ability to design and scale secure firmware signing and code signing pipelines
  • Proven track record in defining and enforcing trust policies (key generation, rotation, destruction) and provisioning mechanisms
  • Experience securing build/artifact pipelines and developing secure communication protocols
  • Ability to work cross‑functionally with hardware, software, security operations, and infrastructure teams
  • High attention to detail, strong problem solving, with a mindset of anticipating vulnerabilities and designing defendable systems
Job Responsibility
Job Responsibility
  • Design and manage end‑to‑end cryptographic services, including public key infrastructure (PKI) and key lifecycle management
  • Establish HSM infrastructure as the root‑of‑trust for firmware signing and IoT endpoint authentication
  • Lead evaluation, procurement, installation, configuration, and integration of HSM vendor solutions
  • Architect key management systems that scale from hundreds of devices today to millions over time
  • Design remote device attestation mechanisms (e.g. fTPM, OP‑TEE, or equivalent) tied to the HSM root‑of‑trust
  • Build and automate secure firmware/bootloader signing pipelines
  • Define trust infrastructure and policies for author key generation, provisioning, rotation, and destruction
  • Secure build/artifact pipelines and code‑signing workflows
  • Develop factory provisioning architecture for mass key/certificate distribution
  • Support the development of secure communication protocols
  • Fulltime
Read More
Arrow Right

Senior Security Operations Engineer II

As a Senior Security Operations Engineer, you’ll play a key role in ensuring the...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in operations, site reliability, or infrastructure engineering roles
  • Strong experience securing and managing cloud environments (e.g., AWS, Azure) and containerized workloads
  • Deep understanding of Linux systems, networking, distributed systems, and their associated security controls
  • Proficiency in automation, scripting, and security tooling integration to streamline operations and enforcement
  • Experience with security monitoring, alerting, SIEM platforms, and observability tools
  • Solid grasp of CI/CD practices with integrated security testing and compliance checks
  • Experience managing Kubernetes clusters and running containerized workloads in production
  • Experience with deploying and administrating any of the following: scalable cloud native secrets solutions such as AWS KMS, Azure KeyVault
  • PKI solutions such as EJBCA, Smallstep, Venafi
  • or vaulting solutions such as Hashicorp Vault
Job Responsibility
Job Responsibility
  • Implementing and improving automated security checks in CI/CD pipelines to prevent vulnerabilities from reaching production
  • Writing, reviewing, and maintaining security-focused infrastructure-as-code for scalable and compliant deployments
  • Investigating security incidents, performing root cause analysis, and implementing long-term mitigation strategies
  • Collaborating with developers to develop new features, services, and infrastructure requirements
  • Enhancing security observability through improved log collection, metrics, and alerting configurations
  • Maintaining and improving security runbooks, incident response playbooks, and internal security tooling for operational efficiency
  • Resolve security/infrastructure incidents by participating in high impact/high visibility incidents as a participant and ideally as an incident commander
  • Maintain and secure critical infrastructure components such as PKI (Public Key Infrastructure) and IAM ( Identity & Access Management) systems, ensuring reliability, scalability, and compliance with organizational and industry security standards
  • Build and maintain secure, reliable, and scalable infrastructure that protects core services and sensitive data
  • Troubleshoot and resolve complex operational and system-level issues across environments
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right

Senior Security Operations Engineer II

As a Senior Security Operations Engineer, you’ll play a key role in ensuring the...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in operations, site reliability, or infrastructure engineering roles
  • Strong experience securing and managing cloud environments (e.g., AWS, Azure) and containerized workloads
  • Deep understanding of Linux systems, networking, distributed systems, and their associated security controls
  • Proficiency in automation, scripting, and security tooling integration to streamline operations and enforcement
  • Experience with security monitoring, alerting, SIEM platforms, and observability tools
  • Solid grasp of CI/CD practices with integrated security testing and compliance checks
  • Experience managing Kubernetes clusters and running containerized workloads in production
  • Experience with deploying and administrating any of the following: scalable cloud native secrets solutions such as AWS KMS, Azure KeyVault
  • PKI solutions such as EJBCA, Smallstep, Venafi
  • or vaulting solutions such as Hashicorp Vault
Job Responsibility
Job Responsibility
  • Implementing and improving automated security checks in CI/CD pipelines to prevent vulnerabilities from reaching production
  • Writing, reviewing, and maintaining security-focused infrastructure-as-code for scalable and compliant deployments
  • Investigating security incidents, performing root cause analysis, and implementing long-term mitigation strategies
  • Collaborating with developers to develop new features, services, and infrastructure requirements
  • Enhancing security observability through improved log collection, metrics, and alerting configurations
  • Maintaining and improving security runbooks, incident response playbooks, and internal security tooling for operational efficiency
  • Resolve security/infrastructure incidents by participating in high impact/high visibility incidents as a participant and ideally as an incident commander
  • Maintain and secure critical infrastructure components such as PKI (Public Key Infrastructure) and IAM ( Identity & Access Management) systems, ensuring reliability, scalability, and compliance with organizational and industry security standards
  • Build and maintain secure, reliable, and scalable infrastructure that protects core services and sensitive data
  • Troubleshoot and resolve complex operational and system-level issues across environments
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right

PKI Engineer

About the Role: Infrastructure engineer. Certificate Management experience & PKI...
Location
Location
United States , Chicago, IL / Denver, CO
Salary
Salary:
65.00 - 68.00 USD / Hour
collabera.com Logo
Collabera
Expiration Date
March 19, 2026
Flip Icon
Requirements
Requirements
  • Infrastructure engineer
  • Certificate Management experience & PKI in the cloud
  • Powershell
  • Middleware experience
  • Windows/IIS knowledge
  • 3-5 years of info security technology
  • Cloud Security
What we offer
What we offer
  • medical insurance
  • dental insurance
  • vision insurance
  • 401(k) retirement plan
  • life insurance
  • long-term disability insurance
  • short-term disability insurance
  • paid parking/public transportation
  • (paid time, paid sick and safe time, hours of paid vacation time, weeks of paid parental leave, paid holidays annually - AS Applicable)
Read More
Arrow Right
New

PKI Engineer

At Collabera, we don’t just offer jobs—we build careers. As a global leader in t...
Location
Location
United States , Charlotte, NC / Denver, CO
Salary
Salary:
65.00 - 70.00 USD / Hour
collabera.com Logo
Collabera
Expiration Date
April 15, 2026
Flip Icon
Requirements
Requirements
  • Enterprise PKI design/operations: AD CS, CRLs/OCSP, certificate lifecycle, key archival/recovery, CA hierarchy
  • Automation: PowerShell (advanced), desired: Python/Go
  • API-first mindset
  • Windows: AD/ADCS, GPOs for auto-enrollment, Schannel/TLS hardening, Windows server cert deployment
  • Middleware: IIS, Nginx/Apache reverse proxy TLS, Java Keystores (JKS/PKCS12), HSM basics (Thales/SafeNet/etc.)
  • Security controls: mTLS patterns, cipher suites, cert pinning pros/cons, rotation policies, compliance basics
What we offer
What we offer
  • medical insurance
  • dental insurance
  • vision insurance
  • 401(k) retirement plan
  • life insurance
  • long-term disability insurance
  • short-term disability insurance
  • paid parking/public transportation
  • (paid time, paid sick and safe time, hours of paid vacation time, weeks of paid parental leave, paid holidays annually - AS Applicable)
Read More
Arrow Right

Pki engineer

Infrastructure engineer Powershell scripting Experience with Active Directory AD...
Location
Location
United States , Charlotte, NC / Denver, CO
Salary
Salary:
75.00 - 80.00 USD / Hour
collabera.com Logo
Collabera
Expiration Date
March 19, 2026
Flip Icon
Requirements
Requirements
  • Infrastructure engineer
  • Powershell scripting
  • Experience with Active Directory
  • ADCS or Active Directory Certificate Services
  • Middleware experience
  • Windows/IIS knowledge
  • 3-5 years of info security technology
  • Cloud Security
  • Key life cycle management, understand and implement enterprise cryptography standards per industry standards
What we offer
What we offer
  • medical insurance
  • dental insurance
  • vision insurance
  • 401(k) retirement plan
  • life insurance
  • long-term disability insurance
  • short-term disability insurance
  • paid parking/public transportation
  • (paid time, paid sick and safe time, hours of paid vacation time, weeks of paid parental leave, paid holidays annually - AS Applicable)
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy