×
Register Here to Apply for Jobs or Post Jobs. X

Cybersecurity Engineer - PKI​/Secrets Management

Job in Louisville, Jefferson County, Kentucky, 40201, USA
Listing for: Dormont Manufacturing Co
Full Time position
Listed on 2026-07-03
Job specializations:
  • IT/Tech
    Systems Engineer, Cybersecurity
Salary/Wage Range or Industry Benchmark: 95000 - 130000 USD Yearly USD 95000.00 130000.00 YEAR
Job Description & How to Apply Below
Position: Staff Cybersecurity Engineer - PKI/Secrets Management

Role Overview

We’re looking for a senior, self-driven Cyber Security Engineer to own the strategy, design, implementation, and operation of our enterprise PKI and secrets management capabilities. This role is accountable for how trust, identity, and secure access are established and enforced across the enterprise, and for ensuring these foundations scale with the business. You will operate as a technical leader and subject‑matter expert, partnering with senior engineering and security leaders to define long‑term direction, set standards, and drive adoption.

You should thrive in a fast‑paced, agile environment—comfortable making high‑impact decisions, navigating ambiguity, and rapidly adapting as technologies and requirements evolve.

What You’ll Do
  • Setting the technical vision and architecting, implementing, and operating scalable, highly available PKI and secrets management services for the enterprise.
  • Owning design decisions that shape internal trust models, cryptographic architectures, and access patterns for the most sensitive data and systems.
  • Defining, implementing, and continuously improving policies, processes, and controls for the full lifecycle of keys, certificates, and secrets across diverse platforms.
  • Influencing and aligning engineering, infrastructure, and leadership teams to deliver robust, observable, and compliant cryptographic systems.
  • Mentoring and developing engineers, raising the bar for technical excellence, and driving consistent best practices for cryptographic and secrets management across the organization.
  • Advising senior leadership on long‑term security architecture strategy, trade‑offs, and investment priorities related to identity, PKI, and secrets management.
  • Providing operational leadership, including participation in on‑call rotations for global, mission‑critical services and driving post‑incident improvements.
  • Leading HSM strategy, including architecture, platform selection, appliance consolidation, and multi‑year roadmap planning in alignment with enterprise security and compliance goals.
Required Qualifications
  • Bachelor’s degree in Computer Science, Mathematics, Physics, or equivalent senior‑level industry experience.
  • 7+ years experience in enterprise security engineering or Site Reliability Engineering (SRE), with direct responsibility for high‑availability security or cryptographic services.
  • 7+ years experience with enterprise secrets management platforms (e.g., Hashi Corp Vault, AWS Secrets Manager, Azure Key Vault, Beyond Trust), including architecture, operations, and integration at scale.
  • Strong understanding of public‑key cryptography, PKI, and modern cryptographic protocols, with the ability to make pragmatic, risk‑informed design decisions.
  • Demonstrated experience designing, operating, and evolving production PKI systems (root and issuing CAs, CRL/OCSP, certificate lifecycle, and policy governance).
  • Proficiency with infrastructure‑as‑code (e.g., Terraform) and engineering practices that enable repeatable, auditable, and secure deployments.
  • Working knowledge of major cloud platforms (AWS, GCP, Azure) and how to integrate PKI and secrets management with cloud‑native services.
  • Experience with containerization, orchestration (e.g., Kubernetes), and CI/CD workflows, including secure delivery patterns and secrets handling.
  • Excellent communication skills, with a track record of presenting complex technical concepts, trade‑offs, and recommendations to engineering and executive audiences.
  • Strong threat modeling and security architecture skills, with the ability to anticipate abuse cases and design for resilience.
  • Hands‑on management, integration, and configuration experience with HSM platforms (Entrust, Thales, etc.), including key ceremonies, partitioning, and role design.
  • Experience working with and implementing security standards and frameworks (e.g., FIPS 140‑2/3, PCI‑DSS, and related controls), and translating them into actionable technical requirements.
Preferred Qualifications
  • Hashi Corp Vault certification or clearly demonstrable expert‑level proficiency with Vault in complex, production environments.
  • Deep expertise in Hashi Corp Vault and Terraform, including…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary