SonicJobs Logo
Left arrow iconBack to search

PKI Project Manager - Insurance

Lorien
Posted 18 days ago, valid for 4 days
Location

London, Greater London EC1R 0WX

Salary

£48,000 - £57,600 per annum

info
Contract type

Full Time

In order to submit this application, a Reed account will be created for you. As such, in addition to applying for this job, you will be signed up to all Reed’s services as part of the process. By submitting this application, you agree to Reed’s Terms and Conditions and acknowledge that your personal data will be transferred to Reed and processed by them in accordance with their Privacy Policy.

Sonic Summary

info
  • We are seeking a PKI Project Manager with experience in PKI projects for a 6-month contract position with a global insurance client, starting in January 2025.
  • The role is hybrid, requiring 2 days in London, and is classified as Inside IR35.
  • Candidates should have experience in integrating PKI certificate authorities and lifecycle management services with cloud providers such as Azure, AWS, and OCI.
  • The position requires a minimum of 5 years of relevant experience in modern PKI CAs and CLM operating practices.
  • Salary for this role is competitive and commensurate with experience.

PKI Project Manager - Insurance

We are currently recruiting for a Project Manager with PKI Project experience to join one of our Global Insurance Clients on a 6 month contract.

Please note this role is Inside IR35.

January 2025 start and Hybrid working with 2 days in London.

Responsibilities:

Work with the PKIaaS Vendor professional services and colleagues to: -

  • Develop a RACI, detailing the shared responsibility between the SaaS vendor and areas of responsibility.
  • Aid in determining the need for an owned Certificate policy (CP) and Certificate Practice Statement (CPS), or whether leveraging the SaaS providers' will suffice. If the former, aid in its development.
  • Provide best-practice advice in determining the CA infrastructure hierarchy, taking account of multiple tenants in Azure, as well as multi-cloud services in AWS and OCI.
  • Work with colleagues and the PKIaaS vendors', to write the remote Root key generation (RKG) ceremony scripts, using a shared/split key model, and test the RKG at the DR site.
  • Develop a set of controls and standard operational procedures for the secure implementation, integration, and management of the PKI certificate authorities and certificate lifecycle management services, to meet Standards and Control Objectives.
  • The development of an appropriate RBAC model, ensuring implementation of a least-privilege access model, and the appropriate Separation of Duties and dual control for key CA and CLM operations. Working with IAM teams to define and ensure creation of the appropriate groups and entitlement access packages within Entra ID.
  • Documented integration for key infrastructure for certificate issuance/lifecycle management.
  • Produce technical design of the PKIaaS, CLM and licensed features such as SSH certificates
  • Define and create IaC templates, that can be used by technology teams to facilitate the integration of the PKI and certificate lifecycle management with cloud deployed resources (Azure, AWS, OCI).
  • Work with Security Defense team to identify security relevant alerts. Additional infrastructure elements (e.g. discovery scanners, CRL/OCSP) that need to be logged and alerted should be identified, including relevant events, to ensure critical components are monitored.

Skills and Experience Requirements

  • Work with management to agree priorities, detailed deliverables, and ensure successful delivery.
  • Provide a lead architecture/engineer resource, to manage backlog of partner deliverables and deliver to requirements.
  • Provide skilled resourced, as appropriate, to ensure success of deliverables.
  • For the delivery of operating procedures and controls resources will have experience of modern PKI CAs and CLM operating practices, processes and compliance requirements.
  • Alongside the experience/skills listed below, the partners' resources will have experience of working with development teams, IaC, using modern agile ways of working and a wide range of DevOps tooling.
  • At least, but not limited to, the following experience/skills to integrating PKI CA and CLM services and protocols with:
    • Cloud Service Providers resources - Azure (majority of cloud workload), AWS and OCI. This includes integration with cloud native vaults in Azure, AWS, and OCI, as well as HashiCorp Vault.
    • Services and protocols: SCEP, ACME, EST, OCSP and CRL, KMIP, CMPv2,
    • Certificate file formats: PEM, DER, PFX/PKCS#12, PKCS#7, PKCS#10, PKCS#11

If this role is of interest to you or you would like to learn more, please apply now!

Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.

Apply now in a few quick clicks

In order to submit this application, a Reed account will be created for you. As such, in addition to applying for this job, you will be signed up to all Reed’s services as part of the process. By submitting this application, you agree to Reed’s Terms and Conditions and acknowledge that your personal data will be transferred to Reed and processed by them in accordance with their Privacy Policy.