Job Description

Roles & Responsibilities

• Manage and maintain Hardware Security Modules (HSMs), ensuring their operational integrity and security posture, including firmware updates and key lifecycle management.

• Administer Public Key Infrastructure (PKI) components, such as Certificate Authorities (CAs) and Registration Authorities (RAs), to issue, renew, and revoke digital certificates.

• Implement and enforce PKI policies, procedures, and best practices to maintain a robust and compliant certificate management system.

• Monitor HSM and PKI infrastructure for performance, security incidents, and operational anomalies, proactively addressing identified issues.

• Hands-on experience with Entrust nShield HSMs

  • nShield Connect

  • nShield Solo

  • nShield Edge

  • Strong understanding of cryptography concepts:

  • Symmetric & asymmetric encryption

  • RSA, ECC, AES

  • Hashing (SHA-256, SHA-512)

  • Digital signatures

  • Key management lifecycle:

  • Key generation, storage, rotation, backup, recovery, destruction

  • HSM security world management:

  • Security World creation

  • Administrator & operator cards

  • Module initialization and recovery

  PKI & Integration Skills

  • Experience with PKI infrastructure

  • Integration of HSMs with:

  • Certificate Authorities (CA)

Desired Candidate Profile

• Bachelor's degree in Computer Science, Information Security, or a related field; a Master's degree is a plus.
• Possess certifications such as CISSP, CISM, or relevant PKI/HSM vendor certifications (e.g., Thales, Entrust).
• Minimum of 5+ years of experience in information security, with a focus on PKI and HSM administration.
• Demonstrated experience working within the financial services, government or healthcare industries.