Overview
We are seeking an experienced Senior PKI/CLM Engineer who can independently lead the deployment of Credential Lifecycle Management (CLM) solutions with minimal technical guidance. This individual will bring strong expertise in PKI modernization, automation, authentication technologies, and mobile credentialing, supporting enterprisescale identity transformation initiatives.

Key Responsibilities
Support CLM deployment activities with guidance from senior team members.
Contribute to modernization efforts by implementing best practices and staying current on identity technologies.
Assist with troubleshooting PKI architecture and operational issues, escalating complex problems as needed.
Help deploy and integrate derived credential solutions, including mobile credentialing and Certificate-Based Authentication (CBA) workflows.
Apply working knowledge of YubiKey, FIDO2, and hardware-based authentication methods.
Develop or enhance automation scripts and interfaces using PowerShell, REST APIs, or SOAP under direction from senior engineers.
Collaborate with security, engineering, and application teams to support enterprise certificate services.

Required Skills & Experience
Hands-on experience with certificate lifecycle management (CLM) tools or PKI environments.
Understanding of PKI fundamentals: certificate authorities, OCSP/CRLs, trust chains, and key management.
Familiarity with YubiKey, WebAuthn/FIDO2 workflows, or similar authentication technologies.
Exposure to derived credentials, mobile authentication, or CBA deployments.
Ability to write and maintain scripts for automation and integrations using PowerShell or APIs.
Strong problem-solving skills and ability to work independently on well-defined tasks.
Clear communication skills and the ability to work effectively on cross-functional teams.

Nice to Have
Exposure to federal identity or ICAM environments.
Familiarity with enterprise CLM platforms (Venafi, Entrust, HID, Intercede, etc.).
Experience with MDM/UEM integrations.