PKI Architect/Specialist @ Zetes
AMLA03865
Functie
Purpose of the position
A reliable electronic signature is essential for many transactions, whether between governments and citizens, lawyers and clients, or in the world of business. Zetes provides a vast array of services for a secure and legal electronic signature to build confidence in the digital world. PKI is at the heart of operations. Customers put Zetes' solutions into their mission critical applications. The importance of these solutions cannot be overestimated. The PKI Architect/Specialist is responsible for both the intellectual and the hands-on aspect of PKI management.
Tasks and responsibilities
As PKI Architect, you will not only design the PKI architecture and define the roadmap for the PKI components, but also will define the key management policy and certificate management policy. Moreover, you will co-author certification practice statements, certificate policies, timestamp policies, etc. Last but not least, you will organize and execute activities like:
- Key ceremonies
- Configuration and initialization of new PKI components or systems
- Audits, remediation and follow-up of recommendations
- Update and improve existing procedures
More concrete, your responsibilities for PKI management include:
- Day to day administration of the PKI infrastructure including CA and VA, HSM, backup media, timestamping infrastructure, etc.
- Perform exceptional tasks such as manual Certificate Enrolment, Certificate Revocation, etc.
- Define and describe the CA hierarchy, PKI architecture, configurations, etc.
- Define and describe the lifecycles for all managed objects such as certificates, keys, CRLs, etc.
- Provide support of certificate services projects and operation support
- Prepare and document configuration scripts
- Install, configure and maintain the operational environment
- Configuration of the PKI application software
- Maintain a test environment and test all critical procedures on this test environment
- Select smartcards and HSMs (e.g. smartcards for digital signature, HSM for server side signing)
Your responsibilities for system maintenance and documentation:
- Troubleshooting and problem solving
- Maintain the integrity and security of servers and HSMs
- Maintain system documentation
- Define and (for specific purposes) implement or assist with the implementation of monitoring tools, specifically related to monitoring performance and availability for SLA for public services (CRL publication, web site, OCSP responder, certificate & revocation request handling, etc.)
- For the PKI equipment you do preventive maintenance and tests; following manufacturer's instructions; troubleshooting malfunctions; calling for repairs; maintaining equipment inventories; evaluating new equipment and techniques.
- Monitoring of PKI related Key Performance Indicators, analysis and reporting of incidents, follow technology trends
- Make recommendations to purchase hardware and software, coordinates installation and provides backup recovery
Your responsibilities for integration and deployment:
- Deploy the core PKI software components and the HSMs in close collaboration with the system administration team
- Define and describe the interfaces and protocols for integration of the core PKI components with external systems for card personalisation , card management and certificate management
- Create customized tools / software / scripts for highly specialised PKI-specific tasks
- Coordinate the installation and maintenance of the PKI systems
Profiel
Background and experience
- You can handle complex information and are able to describe ICT environments, write functional descriptions, procedures, reports, etc.
- Several years of experience with PKI
- Experience in Security Management is a plus
- Experience with a combination of the following:
- Public Key Infrastructure (Internal and Internet)
- X.509 Digital Certificate Management
- Hardware Security Modules
- Key Management
- Cryptography Algorithms
- TLS, XADES, PADES
Competences
- Assertive approach and critical thinking ability, backed by a history of confidently advocating for positions and driving consensus.
- Extensive experience working independently, proactively, and autonomously, with a demonstrated ability to take initiative and drive projects forward.
- Proven adaptability and comfort in various contexts and interpersonal situations, drawing from diverse experiences.
- Documented attention to detail and commitment to delivering high-quality work, evidenced by past project successes.
- Strong time management and prioritization skills, honed through experience in meeting deadlines and managing workload efficiently.
- Proactive approach to risk management, supported by a history of anticipating and mitigating potential issues before they escalate.
- Well-documented negotiation and persuasion skills, demonstrated through successful management of expectations and achievement of project objectives.
Languages
The working language at Zetes is English.
Aanbod
Zetes offers a competitive remuneration package including meal vouchers, health insurance and an annual performance bonus. A flexible working environment and excellent fringe benefits, such as daily meals paid by Zetes etc. are part of the competitive salary package.
Zetes offers you a challenging position in a high-tech setting. You work in a team that brings together various state-of-the art technologies in soft- and hardware. Because of the international growth in demand for solid solutions, related to all domains of identity, Zetes is a successful and financially stable organization.
Moreover, a lot of variation, autonomy and interaction with a wide variety of internal and external stakeholders is guaranteed. Zetes refers to the possibility for a personalized development program (management, leadership, interpersonal skills, technical skills, …) and the opportunity to specialize in a field that is quite exceptional in Belgium.
Interested? Contact edl@amon.be