img
Contract TypeFull-time
Workplace typeOn-site
LocationRiyadh

Job Description

About the PKI Engineer Role

Acuative Middle East is seeking an experienced PKI Engineer for a full-time position in Riyadh, Saudi Arabia. This role involves designing, implementing, administering, and supporting the organization's Public Key Infrastructure (PKI) and digital signing platforms. The successful candidate will manage enterprise certificate services, digital signature solutions, and cryptographic infrastructure, ensuring security, compliance, and high availability across both Windows and Linux environments. The position requires 5-10 years of relevant experience.

Core Responsibilities

  • Design, implement, and maintain enterprise Public Key Infrastructure (PKI) solutions, including Certificate Authority (CA) infrastructure and certificate lifecycle processes (issuance, renewal, revocation, auditing).
  • Configure, maintain, and troubleshoot PKI services across Windows Server and Linux platforms, ensuring high availability, disaster recovery, and resilience.
  • Manage OCSP responders, CRLs, certificate templates, and enrollment services within the PKI environment.
  • Deploy, configure, administer, and maintain digital signing platforms such as SigningHub, ADSS Server for digital signatures, timestamping, validation, and verification, and Entrust Certificate Authority.
  • Integrate digital signing platforms with enterprise applications, identity management systems, and document management workflows, supporting standards like PAdES, XAdES, CAdES, and eIDAS.
  • Monitor, secure, and harden PKI and digital signing infrastructure against vulnerabilities, conducting security assessments, audits, and compliance reviews.
  • Install, configure, patch, and maintain Windows Server and Linux systems supporting PKI and digital signing services, implementing monitoring, backup, disaster recovery, and capacity planning.
  • Automate operational and administrative tasks using scripting languages such as PowerShell, Bash, or Python.
  • Provide technical expertise and troubleshooting for complex certificate, authentication, encryption, and digital signing issues, supporting integrations involving TLS/SSL, APIs, and identity platforms.
  • Produce technical documentation, operational runbooks, and knowledge base articles for PKI architecture and procedures.

Required Qualifications and Experience

  • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent practical experience.
  • Proven experience designing, implementing, and administering enterprise PKI environments.
  • Strong administration experience with Windows Server and Linux.
  • Hands-on experience with SigningHub, ADSS Server, and Entrust Certificate Authority.
  • Strong knowledge of Public Key Infrastructure (PKI), digital certificates, Certificate Authorities, TLS/SSL, OCSP, CRLs, Hardware Security Modules (HSMs), and cryptographic concepts and best practices.
  • Experience integrating PKI and digital signing solutions with enterprise applications and identity platforms.
  • Experience with automation using PowerShell, Bash, or Python.

Preferred Skills and Certifications

  • Experience with Microsoft Active Directory Certificate Services (AD CS).
  • Knowledge of Microsoft Entra ID (Azure AD), Active Directory, LDAP, and SSO technologies.
  • Experience with cloud-based PKI services (Azure, AWS, or OCI).
  • Familiarity with REST APIs and enterprise application integration.
  • Experience working in regulated industries such as finance, healthcare, or government.
  • Relevant certifications such as Entrust PKI Certifications, Microsoft Certified: Windows Server, CompTIA Security+, CISSP, or Certified Information Security Manager (CISM).

Key Technical Competencies

  • Enterprise PKI Design & Administration
  • SigningHub Administration
  • ADSS Server Administration
  • Entrust Certificate Authority
  • Certificate Lifecycle Management
  • TLS/SSL, OCSP, CRL
  • Hardware Security Modules (HSM)
  • Windows Server Administration
  • Linux Administration
  • PowerShell, Bash, Python
  • Active Directory & LDAP
  • Digital Signature Standards (PAdES, XAdES, CAdES, eIDAS)
  • Security Hardening & Compliance
  • Backup, Monitoring & Disaster Recovery

Professional Attributes

  • Strong analytical and troubleshooting abilities.
  • Excellent communication and documentation skills.
  • Ability to work independently and collaboratively across technical teams.
  • Strong attention to detail and commitment to security best practices.
  • Effective time management and problem-solving skills.

Requirements

  • Requires 5-10 Years experience

Similar Jobs