PKI Compliance Analyst

Our client, a leading financial services company is hiring a PKI Compliance Analyst on a long-term contract basis.

• Key Management Team is responsible for all forms of cryptographic keys including internal and external certificates, symmetric keys, asymmetric keys, and internal secure email. Current efforts focus on key and certificate management improvements. This includes enhancing Certificate Management governance, enhancing the centralized key and cert inventory, Generating non-compliant reports and taking corrective action on non-compliant components.
• Collaborate with Splunk and Ops Team to build a certificate inventory.
• Analyze and identify all the data feeds that are needed for the certificate inventory.
• Collaborate with different teams to automate the certificate feed on a monthly basis.
• Analyze monthly Qualys Scan with different cert feeds like (Venifi and MSPKI) and find out the why all the certs are not in Qualys scan. Work with Qualys Team to include these scans. Ideally all company issued certs should be found by Qualys scan.
• Identify other data source like (NetInfo and CSI) to feed into Splunk and work with Splunk Team to get these feeds automated.
• Partner with Splunk to build out different reports needs for certificate management.
• Generate reports for all certificate cross referencing with CSI and NetInfo: Full Inventory, Expired Certificates, Non-Compliant Algs, Self-Signed Certs, Wildcard Certs, Ownerless Certs, Certificate Over 2 Years, Certificate Mismatch.
• Work with application owner to clean up non-compliant certificates.
• Help key management team in coming with training material for App managers and developers on certificate management
• This job roles provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

• Solid fundamental knowledge regarding the principles related to PKI, including certificates, private keys, encryption methods, and key usages.
• Strong analytical and quantitative skills.
• Data driven and results oriented.
• Knowledge of Splunk Tool preferred.
• Knowledge of company process, and tools like CSI, NetInfo and key and certificate procurement is preferred.

• Apply Now