Skip to main content
Back to jobs

Information Security Engineer (PKI/Systems)

External
Endava logoEndava · Remote
Full-timeRemoteToday
AWSAzureCI/CDEncryptionLeadershipLinear
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role


Responsibilities

  • Lead the design, modernization, and optimization of enterprise PKI and certificate management platforms.
  • Provide technical leadership for certificate lifecycle management, secrets management, and cryptographic services across hybrid and cloud environments.
  • Design and implement automated, scalable certificate provisioning and renewal processes using modern engineering practices.
  • Develop self-service capabilities that enable development and infrastructure teams to securely request and provision certificates with minimal manual intervention.
  • Design and implement API-driven integrations that enable CI/CD pipelines and DevOps platforms to securely interact with enterprise secrets management solutions.
  • Maximize the value of existing security platforms by standardizing enterprise workflows, eliminating siloed solutions, and driving adoption of centralized services.
  • Define engineering standards, best practices, and architectural patterns for PKI, certificate management, and secrets management.
  • Serve as the senior technical escalation point for complex cryptographic platform issues and mentor engineering teams on automation and operational excellence.
  • Contribute to platform hardening through secure configuration, delegation models, monitoring, patch management, and continuous optimization.
  • Develop engineering roadmaps and implementation strategies aligned with client business objectives and evolving security requirements.
  • Partner with cross-functional engineering, infrastructure, DevOps, security, and application teams to deliver scalable enterprise identity and encryption solutions.
  • Evaluate emerging technologies and industry trends to ensure long-term platform sustainability and future readiness.
  • 7-10+ years of experience designing, implementing, and managing enterprise PKI, certificate lifecycle management, or cryptographic platforms.
  • Deep expertise in PKI architecture, certificate management strategies, cryptographic services, and enterprise security best practices.
  • 5+ years of engineering experience building automation solutions within Identity, Directory Services, or DevOps environments.
  • Strong PowerShell scripting and automation experience.
  • Experience designing and supporting Infrastructure as Code (IaC) and CI/CD pipelines.
  • Experience integrating enterprise platforms through REST APIs and automation frameworks.
  • Hands-on experience deploying, managing, and troubleshooting Hardware Security Modules (HSMs).
  • Experience with cloud platforms including Azure, AWS, or Google Cloud, with strong knowledge of Azure Key Vault or equivalent cloud secrets management services.
  • Demonstrated experience collaborating with cross-functional technical teams to deliver enterprise infrastructure and security solutions.
  • Strong understanding of incident, problem, request, and change management processes.
  • Excellent communication skills with the ability to engage technical teams, architects, project managers, and business stakeholders.

Requirements

  • Experience administering and engineering Keyfactor Certificate Management Platform.
  • Experience with HashiCorp Vault and CyberArk.
  • Experience integrating enterprise secrets management platforms into DevOps and CI/CD workflows.
  • Knowledge of modern zero-touch certificate lifecycle management and certificate-as-a-service architectures.
  • Experience developing self-service platforms for identity, certificate, or secrets management.
  • Consulting experience delivering enterprise security transformation initiatives across multiple clients or industries.
  • Discover some of the global benefits that empower our people to become the best version of themselves:
  • Finance: Competitive salary package, share plan, company performance bonuses, value-based recognition awards, referral bonus;
  • Career Development: Career coaching, global career opportunities, non-linear career paths, internal development programmes for management and technical leadership;
  • Learning Opportunities: Complex projects, rotations, internal tech communities, training, certifications, coaching, online learning platforms subscriptions, pass-it-on sessions, workshops, conferences;
  • Work-Life Balance: Hybrid work and flexible working hours, emplo

Benefits

Vision insurancePaid time offFlexible schedulePerformance bonus

Additional Information

Endava is seeking a Senior Identity & Encryption Engineer with deep expertise in Public Key Infrastructure (PKI), certificate lifecycle management, and enterprise secrets management . This is a senior engineering and advisory role for an experienced professional who has successfully designed, modernized, and automated enterprise cryptographic services across complex environments. The ideal candidate brings industry best practices gained from multiple enterprise implementations and can help clients evolve beyond traditional certificate management into modern, automated, API-driven security platforms. This individual will provide technical leadership, influence architecture decisions, and help establish scalable solutions that support long-term business and security objectives.


Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Endava? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect