×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Cloud Computing

Sr. PKI Machine Identity Engineer

Job in Aurora, Kane County, Illinois, 60505, USA
Listing for: Brunswick
Full Time position
Listed on 2026-05-31
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Cloud Computing
Salary/Wage Range or Industry Benchmark: 103200 - 144000 USD Yearly USD 103200.00 144000.00 YEAR
Job Description & How to Apply Below
## Sr. PKI Machine Identity Engineer Apply locations:
Mettawa, ILtime type:
Full time posted on:
Posted 8 Days Agojob requisition :
JR-049996
*** Are you ready for what’s next?
**** Come explore opportunities within Brunswick, a global marine leader committed to challenging conventions and innovating next-generation technologies that transform experiences on the water and beyond.  Brunswick believes “Next Never Rests

TM,” and we offer a variety of exciting careers and growth opportunities within united teams defining the future of marine recreation.
**
* Location:

** Mettawa, IL
** Workplace Category:
** Hybrid
*
* Travel Required:

** None
* * Direct Reports:
** None
* * Pay Range:** $103,200 - $144,000
** Visa Sponsorship:
*** Applicants must be currently authorized to work in the United States.  This position is not eligible for employment visa sponsorship now or in the future.
* ** Relocation:
** Not offered at this time
** Innovation is the heart of Brunswick.  See how your contributions will help transform vision into reality:
**** Position Overview****:
** As part of the talented Brunswick team, you will get to transform Public Key Infrastructure (PKI) into a core identity and trust control plane for the enterprise. The position leads the modernization of PKI to establish strong device trust and machine identity across hybrid environments, spanning on‐premises and cloud platforms. This role owns the PKI platform strategy, tooling, and full lifecycle management, while driving adoption across identity and access management (IAM), endpoint, network, and application teams.

It supports a broad set of use cases, including device trust for VPN, Wi‐Fi, and endpoints; workload identity for mTLS and APIs; web and application enablement; and emerging non‐human and AI identities. This is a hands‐on leadership role that combines deep technical execution with cross‐functional delivery to embed identity and trust as foundational enterprise capabilities.
** At Brunswick, we have passion for our work and a distinct ability to deliver.
***
* Essential Functions:

**** PKI Architecture & Platform Ownership*
* * Design, implement, and operate enterprise PKI (ADCS and hybrid/cloud models).
* Define CA hierarchy (offline root, issuing CAs), trust models, templates, and issuance policies.
* Establish key protection strategies including HSM integration and secure key lifecycle.
* Integrate external certificate providers (e.g., Cloudflare, public CAs) into a unified architecture.
* Define and enforce enterprise PKI standards.
** Certificate Lifecycle & Automation*
* * Implement automated discovery, issuance, renewal, and revocation across infrastructure, endpoints, apps, and web.
* Address certificate sprawl and shadow PKI with scalable discovery.
* Build monitoring and controls to eliminate certificate-related outages.
* Develop API-driven and scripted automation (Power Shell, Python, CI/CD).
** Revocation, Resilience & Security*
* * Design and operate CRL/OCSP with high availability and performance.
* Manage CA lifecycle (rotation, recovery, compromise response).
* Support audit/compliance (NIST, ISO) and cryptographic standards.
* Lead threat modeling for PKI risks (key compromise, mis-issuance).
** Device Trust & Access Integration*
* * Enable certificate-based authentication for VPN, Wi‐Fi (EAP‐TLS), endpoint/device trust, and web/app access.
* Integrate PKI signals into IAM decisioning (Conditional Access, identity policies).
* Drive enterprise-wide adoption of certificate-based controls.
** Machine Identity & mTLS*
* * Design and implement mTLS for services, APIs, and internal platforms.
* Establish identity models for non-human identities (service accounts, APIs, automation).
* Support cloud-native/workload identity patterns (Kubernetes, service mesh).
* Build capabilities for AI-driven and autonomous systems.
** Diversity of thought and experiences is fundamental when imagining the unimaginable. Certain skillsets/experiences are necessary; however, others can be developed along the way.
***
* Required Qualifications:

*** Bachelor’s degree in Computer Science, Information Systems, or a related field (or equivalent work experience).
* 8+ years in PKI,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search