Senior PKI / Credential Lifecycle Management (CLM) Engineer
United States of America
Full Time
3 weeks ago
$124,000 - $143,000 USD
H1B Sponsor Likely
Key skills
PowerShellREST APIRESTfulLeadershipCommunication
About this role
General Dynamics Information Technology is a global technology and professional services company that delivers consulting, technology, and mission services to every major agency across the U.S. government. They are seeking an experienced Senior PKI/CLM Engineer to lead the deployment of Credential Lifecycle Management solutions, focusing on PKI modernization and automation while supporting enterprise-scale identity transformation initiatives.
Responsibilities:
- Lead end‑to‑end CLM deployment activities with very limited oversight
- Contribute to and help drive modernization strategies, best practices, and emerging identity concepts within the team
- Provide expert‑level guidance and troubleshooting for complex PKI architecture and operational issues
- Support deployment and integration of derived credentials, including mobile credentialing and Certificate‑Based Authentication (CBA) token solutions
- Apply deep knowledge of YubiKey and FIDO authentication standards and implementation patterns
- Design, develop, or enhance scripting and automation workflows using PowerShell, REST APIs, and SOAP interfaces
- Partner with security, engineering, and application teams to ensure certificate services align with enterprise security and compliance standards
Requirements:
- Entrust PKI (Inactive)
- PKI Certificate Management
- Public Key Infrastructure (PKI) Operations
- RESTful APIs
- Windows Public Key Infrastructure (PKI)
- 7 + years of related experience
- Strong hands-on experience deploying and operating CLM platforms (any enterprise CLM is acceptable)
- Solid understanding of PKI concepts including certificate authorities, OCSP, CRLs, trust chains, key management, and token lifecycle operations
- Expertise with YubiKey, FIDO2/WebAuthn principles, and hardware-based authentication workflows
- Experience with derived credential solutions, mobile authentication, and CBA token deployments
- Proficiency with automation and scripting, including PowerShell, REST API integrations, and SOAP-based solutions
- Ability to troubleshoot and resolve complex PKI and credentialing issues with minimal direction
- Strong communication skills and ability to provide strong leadership on modernization efforts
- Experience in federal identity ecosystems or ICAM environments
- Familiarity with enterprise CLM platforms such as Venafi, Entrust, HID, Intercede, etc
- Experience with mobile device management (MDM/UEM) integrations