Professional Services Principal PKI Consultant

ÜBER UTIMACO

Utimaco ist ein international tätiger Anbieter von professionellen IT-Sicherheitslösungen mit Sitz in Aachen. Seit 1983 entwickelt Utimaco Hardware Security Module und Compliance-Lösungen für Telekommunikationsanbieter im Bereich der Regulierung. In beiden Segmenten ist Utimaco ein weltweiter Marktführer. Dem Unternehmensziel, Menschen und Ideen zu schützen, haben sich über 200 Mitarbeiterinnen und Mitarbeiter verschrieben. Kunden und Partner von Utimaco schätzen die Zuverlässigkeit und die langfristige Investitionssicherheit der Utimaco-Sicherheitslösungen. Utimaco steht für anerkannte Produktqualität, Bedienerfreundlichkeit, exzellenten Support und ein marktgerechtes Angebot, hergestellt in Deutschland.

Zur Verstärkung unserer Corporate Unit suchen wir ab sofort am Standort US remote einen:   

Professional Services Principal PKI Consultant

Deine Aufgaben:

The Principal PKI Consultant is a senior technical and customer-facing leadership role responsible for designing, advising, and delivering enterprise-grade Public Key Infrastructure (PKI) and cryptographic solutions.

This role acts as the subject matter expert (SME) for PKI architecture, certificate lifecycle management, cryptographic governance, hardware security module (HSM) implementation, and emerging technologies such as Post-Quantum Cryptography (PQC).

Principal PKI Consultant provides technical leadership in complex customer engagements from advisory and architecture design through PKI system deployment and operational transition.  This role requires deep technical expertise in enterprise security architecture, regulatory compliance, cryptographic standards and multi-vendor integration.

In addition to project delivery responsibilities, the Principal PKI Consultant contributes to pre-sales strategy by working closely with Account Mangers and executive stakeholders to ensure successful project outcomes and long-term customer success.

The ideal candidate for this role must combine deep cryptographic knowledge with strong consulting skills, with the ability to translate complex technical requirements into scalable, secure enterprise PKI architectures.

  • Lead enterprise PKI architecture design (offline root CA, subordinate CA hierarchy, policy CAs, OCSP, CRL, key management systems)
  • Design and review Certificate Policies (CP) and Certification Practice Statements (CPS)
  • Provide governance frameworks for certificate lifecycle management and crypto-agility
  • Architect secure integrations with IAM, MDM, DevOps, cloud, IoT, and application environments
  • Lead HSM integration, key ceremony planning, and secure key management processes
  • Advise customers on regulatory compliance (eIDAS, WebTrust, NIST, ISO 27001, etc.)
  • Provide technical leadership during customer workshops and executive briefings
  • Mentor Professional Services Engineers and Consultants
  • Conduct technical design reviews and quality assurance for PKI projects
  • Support post-deployment optimization and operational maturity
  • Drive standardization and documentation best practices. 

Dein Profil:

Customer Engagements & Solution Architecture

  • Lead discovery sessions to gather and document detailed customer requirements
  • Develop comprehensive requirements documents, architecture designs, and solution specifications
  • Design secure PKI hierarchies (offline root, subordinate CAs, OCSP responders, CRL distribution, key management)
  • Architect high-availability, disaster recovery, and crypto-agile PKI environments
  • Develop Certificate Policies (CP) and Certification Practice Statements (CPS) when required

Provide executive-level and technical workshops to stakeholders

Project Delivery

  • Manage and maintain complete project documentation, including design documents, configuration guides, and operational runbooks
  • Lead product installation, configuration, integration, and testing activities
  • Oversee key ceremonies and secure key management processes
  • Ensure alignment between scope, timeline, deliverables, and customer expectations
  • Deliver customer training and structured knowledge transfer

Technical Leadership & Subject Matter Expertise

  • Develop deep expertise in enterprise PKI platforms, cryptographic modules, and HSM technologies
  • Serve as subject matter expert on cryptographic standards and interfaces (e.g., X.509, PKCS#11, CAPI/CNG, TLS, OCSP)
  • Provide guidance on crypto-agility strategies and emerging standards, including Post-Quantum Cryptography (PQC) readiness
  • Develop reusable code modules, scripts, integration templates, and best-practice documentation
  • Support sales teams in scoping engagements and translating opportunities into well-defined projects

Integration & Implementation

  • Integrate PKI solutions with:
    • Active Directory & Identity platforms
    • Web/application servers
    • DevOps pipelines
    • Cloud environments (Azure, AWS, GCP)
    • Network security infrastructure
  • Support certificate lifecycle automation and enrollment solutions
  • Troubleshoot complex cryptographic, networking, and interoperability issues

Continuous Improvement

  • Mentor junior consultants and engineers.
  • Stay current with regulatory requirements, cryptographic standards, and market trends.

Participate in internal knowledge sharing and technical innovation initiatives.

Core Technical Competencies

  • Expert-level understanding of:
    • Public Key Infrastructure (PKI) architecture
    • Digital signatures and certificate lifecycle management
    • Cryptographic algorithms and key management principles
    • Secure communications (TLS/SSL)
  • Practical experience with:
    • Microsoft Active Directory Certificate Services (ADCS)
    • Enterprise Certificate Authorities
    • HSM integration
    • Web/application servers (Apache, IIS)
    • Linux, Unix variants, and Windows environments
  • Strong networking background (TCP/IP, DNS, load balancing concepts).
  • Working knowledge of cryptographic APIs and interfaces (PKCS#11, CAPI/CNG).
  • Basic to intermediate programming skills (e.g., Java, C++, C#, PowerShell, Python).
  • Ability to troubleshoot hardware, software, and network-related security issues.

Project & Consulting Skills

  • Working knowledge of structured project management methodologies.
  • Ability to translate business requirements into technical architecture.
  • Strong documentation and technical writing skills.
  • Comfortable delivering presentations to both technical and executive audiences.

General education and experience

  • University degree in engineering, business, computer science, or similar related fields
  • Experience in IT support, R&D, or other relevant roles within IT 

  • Experience in working independently, receiving minimal guidance, preferably experience from the consulting industry

  • Experience from installation, configuration, troubleshooting, integration of software solutions

  • Preferably experience of working across different cultures and industries

    Additional education and experience

  • A minimum of 10 years of experience within the IT, and/or Information Security industry. Preferably a deep interest and passion for cybersecurity-related topics within one or several industries

  • Broad understanding and experience of one or several verticals and industries such as Automotive, Banking, Telco, FinTech, etc.

  • Understanding of product and “aaS” integrations/programming

  • Strong commercial experience with a good understanding of project management tools and techniques

  • Preferably CISSP / CSSP certification

General knowledge and skills

  • Expert-level understanding of Public Key Infrastructure and certificate lifecycle management
  • Deep knowledge of cryptographic algorithms and key management practices
  • Strong understanding of zero-trust and identity-centric security models
  • Experience integrating PKI with IAM, DevOps pipelines, container platforms, and IoT
  • Experience in Cloud-based implementation, configuration and management of “aaS” offerings.
  • Excellent knowledge of Utimaco product, service, and solution portfolio value proposition
  • Keeping up to date with market development, competition, trends
  • Strong customer and service orientation
  • Ability to effectively manage time and resources during professional services projects
  • Understanding of real-world Cryptographic use cases and data security
  • Patience and maturity to take advantage of the resources of a global information leader, as well as the passion and drive of an early-stage startup
  • Skilled in identifying and solving problems
  • Out of the box thinker
  • Consultative approach with the ability identification of needs and problems
  • Accustomed to working with short deadlines in customer engagements
  • Entrepreneurial spirit and drive
  • Strong interpersonal skills and a likable personality
  • Strong verbal and written communications skills, listening and teamwork skills, and effective presentation skills
  • Fluent written and spoken English

Wir bieten Dir:

Utimaco, Inc. is an Equal Opportunity Employer. We are committed to fostering a diverse and inclusive workplace where all individuals are treated with respect and dignity. Employment decisions are made without regard to race, color, religion, gender, sexual orientation, gender identity or expression, age, national origin, disability status, veteran status, genetic information, or any other protected characteristic as defined by applicable laws.

We welcome applicants from all backgrounds and strive to ensure that our hiring practices are fair, transparent, and free from discrimination. If you require accommodations during the application process, please contact HR-US@utimaco.com.

Utimaco is an international provider of IT security solutions and cybersecurity technologies with headquarters in Aachen (Germany) and Campbell (USA). For over 40 years, we have been developing innovative solutions for the protection of people, data and communications that meet the highest standards. We are the world's leading manufacturer of hardware security modules and compliance solutions in a wide range of industries such as automotive, banking, telecommunications and many more.

With our global network of partners and customers, we contribute to making digital information and infrastructures secure worldwide. Become part of our team and help us make the digital world more secure - together we are shaping the future of IT security.

We Offer:

  • 99% Employer paid premium for Medical, Dental and Vision benefits
  • 401k Match
  • FSA and Dependent Care
  • Short-Term Disability, Long-Term Disability, Life Insurance and AD&D
  • Employee Assistance Program
  • Generous PTO and Holiday Policy
  • An open and friendly corporate culture characterized by constructive and collaborative interaction
  • A flexible working hours model that can be adapted to individual needs
  • Professional and personal development through targeted training opportunities

Our Core Values:

  • Deliver Secure and reliable cybersecurity solutions
  • Acquire Excellence through customer focus
  • Innovate with passion
  • Collaborate and be professional
  • Be open and honest

FÜHLST DU DICH ANGESPROCHEN?

Dann freuen wir uns auf Deine aussagekräftige Bewerbung unter Angabe des frühestmöglichen Eintrittstermins und Deiner Gehaltsvorstellung.

Bewerben