CrawlJobs Logo

Pki Security Engineer

schwab.com Logo

Charles Schwab

Location Icon

Location:
United States , Southlake

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

145000.00 - 190000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

At Schwab, you are empowered to make an impact on your career. Here, innovative thought meets creative problem solving, helping us “challenge the status quo” and transform the finance industry together. Schwab’s Cybersecurity organization is the first line of defense for the Firm. The Senior Security Engineer of the Public Key Infrastructure (PKI) team will play a key role on a team of cyber security data protection subject matter experts and engineers to create, implement, and maintain PKI controls using on-prem, SaaS, and IaaS cloud-based solutions to reduce risk and enforce Schwab’s security policies and standards for data protection. You are a driven senior engineer with a deep passion to be an accelerator and change agent with the ability to build a security community and progressive Dev/SEC/Op’s culture. You will be responsible for innovating, developing, and implementing groundbreaking PKI capabilities to secure data in on-prem, SaaS, and IaaS workloads. You have in-depth experience in managing and deploy Public Key Infrastructure environments, Certificate Authorities (CA), and in maintaining the lifecycle of X.509 certificates across large corporate enterprise environments. This role requires expertise in the cybersecurity industry.

Job Responsibility:

  • Perform senior engineering responsibilities as part of a team and work with partners to architect and deploy PKI infrastructure, including Certificate Authorities (CAs), Registration Authorities (RAs), and Hardware Security Modules (HSMs)
  • Implement and maintain the issuance and management of digital certificates for users, servers, and devices across the organization
  • Define certificate lifecycle management policies (issuance, renewal, revocation)
  • Integrate PKI with other security systems like authentication and access control mechanisms
  • Conduct regular security assessments and audits of PKI systems to identify vulnerabilities and potential risks
  • Work with other IT teams to integrate PKI solutions into existing systems and applications
  • Maintain close ties to various stakeholders, developers, and engineers across the company, ensuring the services we create meet their needs as products evolve
  • Communicate extensively with Data Protection Product and engineering teams across the organization
  • Drive complex technical initiatives to full delivery leveraging knowledge of Cyber security practices, software engineering principles, agile frameworks, and customer engagement
  • Design, build, and maintain infrastructure to meet the organization’s requirements and ensure high availability
  • Applying adept understanding and experience with systems automation platforms and technologies

Requirements:

  • 5+ years of hands-on experience in network security, data security, and/or other cybersecurity-related controls and technologies
  • Automation via Certificate Lifecycle Management tools using scripting and coding (Venafi, PowerShell, and Python knowledge required
  • GitHub and .Net knowledge highly desired)
  • Bachelor’s Degree in computer science or related field highly preferred
  • Ability to foster collaborative, open, working relationships with technology groups and other stakeholders, including vendor relationships
  • Clear communication skills and ability to interact effectively at multiple levels of an organization, and to influence leadership (Including translating technical information based on specific audiences)
  • Experience implementing multiple high-visibility and high-impact enterprise cybersecurity projects with cross-functional teams while maintaining superior results including planning, development and management of technical requirements, design, testing and deployment of security solutions
  • Strong understanding of Public Key Infrastructure (PKI) principles
  • Expertise in PKI technologies like Microsoft Active Directory Certificate Services (AD CS), Entrust, Venafi, or other commercial PKI solutions
  • Experience with managing Hardware Security Modules (HSMs)

Nice to have:

Multiple certifications in cybersecurity and data protection cybersecurity highly preferred (CISSP, GIAC, CISM, CCSP, CISA, or Security+, or other related certifications)

What we offer:
  • 401(k) with company match and Employee stock purchase plan
  • Paid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positions
  • Paid parental leave and family building benefits
  • Tuition reimbursement
  • Health, dental, and vision insurance
  • Bonus or incentive opportunities

Additional Information:

Job Posted:
March 21, 2026

Expiration:
March 27, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Charles Schwab - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Pki Security Engineer

Senior Security Operations Engineer II

As a Senior Security Operations Engineer, you’ll play a key role in ensuring the...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in operations, site reliability, or infrastructure engineering roles
  • Strong experience securing and managing cloud environments (e.g., AWS, Azure) and containerized workloads
  • Deep understanding of Linux systems, networking, distributed systems, and their associated security controls
  • Proficiency in automation, scripting, and security tooling integration to streamline operations and enforcement
  • Experience with security monitoring, alerting, SIEM platforms, and observability tools
  • Solid grasp of CI/CD practices with integrated security testing and compliance checks
  • Experience managing Kubernetes clusters and running containerized workloads in production
  • Experience with deploying and administrating any of the following: scalable cloud native secrets solutions such as AWS KMS, Azure KeyVault
  • PKI solutions such as EJBCA, Smallstep, Venafi
  • or vaulting solutions such as Hashicorp Vault
Job Responsibility
Job Responsibility
  • Implementing and improving automated security checks in CI/CD pipelines to prevent vulnerabilities from reaching production
  • Writing, reviewing, and maintaining security-focused infrastructure-as-code for scalable and compliant deployments
  • Investigating security incidents, performing root cause analysis, and implementing long-term mitigation strategies
  • Collaborating with developers to develop new features, services, and infrastructure requirements
  • Enhancing security observability through improved log collection, metrics, and alerting configurations
  • Maintaining and improving security runbooks, incident response playbooks, and internal security tooling for operational efficiency
  • Resolve security/infrastructure incidents by participating in high impact/high visibility incidents as a participant and ideally as an incident commander
  • Maintain and secure critical infrastructure components such as PKI (Public Key Infrastructure) and IAM ( Identity & Access Management) systems, ensuring reliability, scalability, and compliance with organizational and industry security standards
  • Build and maintain secure, reliable, and scalable infrastructure that protects core services and sensitive data
  • Troubleshoot and resolve complex operational and system-level issues across environments
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right

Product Security Engineer

As a Product Security Engineer specializing in cryptography and PKI, you will de...
Location
Location
United States , Palo Alto
Salary
Salary:
Not provided
1x.tech Logo
1X Technologies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong experience with cryptography, PKI design, and key management
  • Experience working with hardware security modules (HSMs), including vendor selection, integration, and root‑of‑trust establishment
  • Familiarity with remote device attestation frameworks (such as fTPM, OP‑TEE, or similar)
  • Demonstrated ability to design and scale secure firmware signing and code signing pipelines
  • Proven track record in defining and enforcing trust policies (key generation, rotation, destruction) and provisioning mechanisms
  • Experience securing build/artifact pipelines and developing secure communication protocols
  • Ability to work cross‑functionally with hardware, software, security operations, and infrastructure teams
  • High attention to detail, strong problem solving, with a mindset of anticipating vulnerabilities and designing defendable systems
Job Responsibility
Job Responsibility
  • Design and manage end‑to‑end cryptographic services, including public key infrastructure (PKI) and key lifecycle management
  • Establish HSM infrastructure as the root‑of‑trust for firmware signing and IoT endpoint authentication
  • Lead evaluation, procurement, installation, configuration, and integration of HSM vendor solutions
  • Architect key management systems that scale from hundreds of devices today to millions over time
  • Design remote device attestation mechanisms (e.g. fTPM, OP‑TEE, or equivalent) tied to the HSM root‑of‑trust
  • Build and automate secure firmware/bootloader signing pipelines
  • Define trust infrastructure and policies for author key generation, provisioning, rotation, and destruction
  • Secure build/artifact pipelines and code‑signing workflows
  • Develop factory provisioning architecture for mass key/certificate distribution
  • Support the development of secure communication protocols
  • Fulltime
Read More
Arrow Right

Senior Security Operations Engineer II

As a Senior Security Operations Engineer, you’ll play a key role in ensuring the...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in operations, site reliability, or infrastructure engineering roles
  • Strong experience securing and managing cloud environments (e.g., AWS, Azure) and containerized workloads
  • Deep understanding of Linux systems, networking, distributed systems, and their associated security controls
  • Proficiency in automation, scripting, and security tooling integration to streamline operations and enforcement
  • Experience with security monitoring, alerting, SIEM platforms, and observability tools
  • Solid grasp of CI/CD practices with integrated security testing and compliance checks
  • Experience managing Kubernetes clusters and running containerized workloads in production
  • Experience with deploying and administrating any of the following: scalable cloud native secrets solutions such as AWS KMS, Azure KeyVault
  • PKI solutions such as EJBCA, Smallstep, Venafi
  • or vaulting solutions such as Hashicorp Vault
Job Responsibility
Job Responsibility
  • Implementing and improving automated security checks in CI/CD pipelines to prevent vulnerabilities from reaching production
  • Writing, reviewing, and maintaining security-focused infrastructure-as-code for scalable and compliant deployments
  • Investigating security incidents, performing root cause analysis, and implementing long-term mitigation strategies
  • Collaborating with developers to develop new features, services, and infrastructure requirements
  • Enhancing security observability through improved log collection, metrics, and alerting configurations
  • Maintaining and improving security runbooks, incident response playbooks, and internal security tooling for operational efficiency
  • Resolve security/infrastructure incidents by participating in high impact/high visibility incidents as a participant and ideally as an incident commander
  • Maintain and secure critical infrastructure components such as PKI (Public Key Infrastructure) and IAM ( Identity & Access Management) systems, ensuring reliability, scalability, and compliance with organizational and industry security standards
  • Build and maintain secure, reliable, and scalable infrastructure that protects core services and sensitive data
  • Troubleshoot and resolve complex operational and system-level issues across environments
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right

Information Security Engineer

Cogoport is on a mission to bridge the $3.4 trillion Trade Knowledge and Executi...
Location
Location
India , Mumbai; Bangalore
Salary
Salary:
Not provided
https://cogoport.com/ Logo
Cogoport
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience in information security, cybersecurity, or security engineering
  • Strong knowledge of application security, cloud security (AWS/GCP/Azure), and network security
  • Experience with SIEM solutions, log analysis, and intrusion detection/prevention systems
  • Hands-on experience with secure coding practices in programming languages like Java, Python, or Go
  • Proficiency in security testing tools such as Burp Suite, Metasploit, OWASP ZAP, Nessus, and Wireshark
  • Understanding of encryption, authentication protocols, and PKI
  • Experience in DevSecOps and securing CI/CD pipelines
  • Strong knowledge of firewalls, VPNs, IDS/IPS, and endpoint security solutions
  • Hands-on experience with security automation and scripting
  • Excellent problem-solving skills and the ability to work in a fast-paced environment
Job Responsibility
Job Responsibility
  • Design, implement, and maintain robust security controls for applications, networks, and cloud infrastructure
  • Conduct vulnerability assessments, penetration testing, and risk analysis to identify security gaps
  • Develop and enforce secure coding practices for software development teams
  • Implement IAM (Identity & Access Management) policies and security monitoring solutions
  • Ensure compliance with security frameworks such as ISO 27001, SOC 2, GDPR, and NIST
  • Work closely with DevOps teams to integrate security into CI/CD pipelines
  • Monitor, analyze, and respond to security incidents and threats
  • Conduct threat modeling and security awareness training for engineering teams
  • Automate security processes using scripting (Python, Bash, etc.)
  • Collaborate with cross-functional teams to ensure secure architecture design
What we offer
What we offer
  • Entrepreneurial culture
  • Working with brightest minds in the industry
  • Driving digital transformation in logistics
  • Career growth
  • Fulltime
Read More
Arrow Right

Information Systems Security Engineer

Hoplite Solutions is seeking Information Systems Security Engineers (ISSE) to jo...
Location
Location
United States , Fort Meade
Salary
Salary:
185000.00 - 225000.00 USD / Year
hoplitesolutions.com Logo
Hoplite Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active TS/SCI with Polygraph
  • Bachelor’s degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university is required
  • 12 years' experience as an ISSE on programs and contracts of similar scope, type, and complexity to include recent experience within the 5 years with Cybersecurity principles and technology, including access/control, authorization, identification and authentication, PKI, network and enterprise security architecture
  • DoD 8570 compliance
  • Both Information Systems Security Engineering Professional (ISSEP) and CISSP Certifications are required
Job Responsibility
Job Responsibility
  • Perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Cybersecurity standards and regulations, and recommend mitigation strategies
  • Validate and verifies system security requirements definitions and analysis and establishes system security designs
  • Design, develop, implement and/or integrate Cybersecurity and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements
  • Review certification and accreditation (C&A) documentation, provide feedback on completeness and compliance of its content
  • Support security authorization activities in compliance with CSS Information System Certification and Accreditation Process (NISCAP) and DoD Risk Management Framework (RMF), the NIST Risk Management Framework (RMF) process, and prescribed CSS business processes for security engineering
  • Participate as the primary security engineering representative on engineering teams for the design, development, implementation, evaluation, and/or integration of secure networking, computing, and enclave environments
  • Apply knowledge of Cybersecurity policy, procedures, and workforce structure to design, develop, and implement secure networking, computing, and enclave environments
  • Interact with the customer and other project team members
  • Participate as the primary security engineering representative on engineering teams for the design, development, implementation, evaluation, and/or integration of Cybersecurity architectures, systems, or system components
  • Support the Government in the enforcement of the design and implementation of trusted relationships among external systems and architectures
What we offer
What we offer
  • 7% employer 401k contribution
  • fully paid healthcare for our employees
  • outstanding training benefits
  • company funded life insurance and short-term disability insurance
  • Fulltime
Read More
Arrow Right

PKI Engineering Group Manager

Within Citi, the PKI Engineering Team is focusing on cryptographic protocols, ma...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years experience in cryptography, PKI, and strong understanding of cryptography and mathematical algorithms
  • Understanding the principles related to PKI, private keys, encryption methods, CRL, advanced key usages and post quantum cryptography
  • Deep Understanding of Microsoft Windows and Linux operating systems and cryptographic protocols
  • Knowledge of Crypto Libraries (bouncy castle)
  • Symmetric Key Encryption and Asymmetric Encryption
  • Experience with a variety of HSM platforms, Certificate Authority systems and Cloud Providers
  • Working with Trust Providers is a plus
  • Comprehensive knowledge of design metrics, analytics tools, benchmarking activities and related reporting to identify best practices
  • Demonstrated analytic/diagnostic skills
  • Ability to work in a matrix environment and partner with virtual teams
Job Responsibility
Job Responsibility
  • Manage a team of Public key Infrastructure(PKI) engineers, supporting certificate solutions for internal and external stakeholders, drive projects within the group and creating a technology domain roadmap
  • Ensure that all integration of functions meet business goals
  • Define necessary system enhancements to deploy new products and process enhancements
  • Recommend suitable products or product customization for system integration
  • Identify problem causality, business impact and root causes
  • Create PKI solutions for a large company
  • Improve engineering capabilities for timely delivery of projects
  • Collaborate with partners in Engineering, Operations and Business
  • Perform product evaluation, testing and certification of PKI and Crypto technologies. Ensure that all security products meet or exceed Citi internal and regulatory requirements
  • Provide occasional 4th level engineering support for the product toolset
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Technical Support Engineer - Security

The Technical Support Engineer reports into the Global Services (GS) division, s...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or master’s degree in electrical engineering, computer science or equivalent
  • At least 5 years of working experience in the networking domain
  • Solid working experience in IP Networking basics: TCP/IP, Subnetting, IP Packet flow, OSI layers
  • Security Technologies: VPNs, IPSec, GRE, SSL/SSH, QoS, DES, 3DES, MD5, SHA, PKI, Various Denial of Service attacks, SYN flood, Replay attacks
  • Other protocols: NAT, OSPF, BGP, Ethernet, 802.1q/p VLAN, BFD, STP, RSTP, ARP, LACP, High availability (Clustering) and Gateway redundancy protocols (VRRP)
  • Working experience with traffic generators and network protocols analysis tools
  • Strong problem-solving and troubleshooting skills
  • Strong customer management and customer service skills
  • Excellent communication and presentation skills
  • English (fluent – verbal and written)
Job Responsibility
Job Responsibility
  • Become the dedicated focal technical support contact and handle high-priority issues for a limited number of Advanced Services customers
  • Gain in-depth knowledge of the Juniper infrastructure and technologies present in the assigned customer’s network profile
  • Take ownership of high priority or sensitive customer issues
  • Isolate Juniper product issues at network/hardware/software level
  • Replicate customer environments and issues in lab and work closely with Juniper Engineering team
  • Work closely with other Global Services(GS) teams
  • Provide necessary support to the Service Managers for high profile technical escalations
  • Develop and maintain skills in core products and technologies
  • Contribute to technical documentation (White Papers, FAQs, Solutions)
  • Develop a 'Can-Do' attitude and suggest ways to improve the team performance and increase customer satisfaction
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

System Information Assurance and Security Engineer

Barbaricum is seeking a highly skilled System Information Assurance and Security...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD TS/SCI Clearance
  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (Master’s preferred)
  • 5+ years of experience in enterprise identity and access management architecture
  • Demonstrated expertise with Zero Trust frameworks and DoD ICAM standards
  • Hands-on experience with SAML, OAuth2.0, OpenID Connect, PKI, and certificate management
  • Experience with DoD enterprise solutions such as Radiant Logic, Okta, Ping Identity, SailPoint, ForgeRock, Microsoft Entra ID (Azure AD), or equivalent
  • Deep knowledge of Privileged Access Management and Identity Governance & Administration solutions
  • Strong understanding of DoD cybersecurity compliance frameworks (RMF, NIST SP 800-53, 800-207, 8140/8570)
  • IAM / DoD Certification IAT Level II (e.g., Security+ CE, SSCP, GSEC)
Job Responsibility
Job Responsibility
  • Execute engineering solutions for identity credential and access management for Zero Trust implementation across enterprise systems
  • Design and maintain an enterprise-wide identity and access management strategy aligned with DoD Zero Trust principles, NIST 800-207, and DoD ICAM Reference Design
  • Lead integration of federated identity, single sign-on (SSO), and multi-factor authentication (MFA) across cloud and on-prem environments
  • Develop and maintain policies, standards, and reference architectures to enforce least-privilege and attribute-based access control (ABAC)
  • Conduct the implementation of Privileged Access Management (PAM) and Identity Governance and Administration (IGA) solutions
  • Collaborate with cybersecurity, network, and cloud teams to align ICAM solutions with Zero Trust pillars (identity, device, network, application, and data)
  • Ensure compliance with DoD 8140/8570, RMF, FedRAMP, and other applicable frameworks
  • Lead proof-of-concepts (POCs) and technology evaluations for emerging identity
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy