×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Sr​/Lead Software Engineer, Enterprise PKI

Job in San Francisco, San Francisco County, California, 94199, USA
Listing for: Centaur Labs
Full Time position
Listed on 2026-06-24
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 150000 - 200000 USD Yearly USD 150000.00 200000.00 YEAR
Job Description & How to Apply Below
Position: Sr./Lead Software Engineer, Enterprise PKI

Job Category:
Software Engineering

About Salesforce

Salesforce is the #1 AI CRM, where humans with agents drive customer success together. Here, ambition meets action. Tech meets trust. And innovation isn’t a buzzword — it’s a way of life. The world of work as we know it is changing and we’re looking for Trailblazers who are passionate about bettering business and the world through AI, driving innovation, and keeping Salesforce's core values at the heart of it all.

About

the team

The Enterprise Security Technology team builds and operates highly scalable, fault-tolerant, distributed systems to deliver cloud‑scale security software across multiple public cloud platforms and Salesforce’s internal infrastructure.

Our key investments are in the area of Identity & Access and Public Key Infrastructure where we design and implement consistent and scalable services for Salesforce Enterprise, integrating our IT network, public cloud infrastructure and our own data centers, and empowering all our engineers to operate these environments in a secure manner.

About the position

We are seeking a Senior Software Engineer with hands‑on experience in Enterprise grade Public Key Infrastructure (PKI) technologies. In this role, you will contribute to the design/architecture, development, automation, and support of PKI and certificate lifecycle management capabilities across the enterprise environment. The role involves strong collaboration with security, infrastructure, and application teams to ensure secure authentication, encryption, and digital trust within our systems.

Responsibilities
  • Contribute to the design, implementation, development, deployment, configuration, and enhancement of EJBCA‑based PKI infrastructure, including CA hierarchies, RA functions, OCSP responders, and CRL distribution.
  • Define the technical roadmap for certificate lifecycle automation, secure key management, and high‑assurance identity use cases.
  • Develop and maintain certificate lifecycle automation, including provisioning, renewal, revocation, monitoring, and audit logging.
  • Support internal stakeholders with certificate enrollment workflows (SCEP, EST, ACME, CMP) and usage patterns.
  • Help integrate certificate‑based authentication into enterprise platforms, services, and workloads.
  • Support certificate lifecycle management processes for internal clients, applications, and devices.
  • Collaborate with security architects, infrastructure, and application teams to align PKI solutions with organizational policies and compliance requirements.
  • Participate in incident response and troubleshooting for PKI‑related issues such as certificate validation failures or service outages.
  • Develop and contribute to documentation, operational runbooks, and standards for PKI operations.
Required Skills/Experience
  • 5+ years of hands‑on experience in PKI systems, including EJBCA or similar CA/RA platforms.
  • 8+ years of experience with scripting or programming languages (Python, Golang, Java).
  • Strong understanding of X.509 certificates, CRLs, OCSP, certificate templates, trust chains and key usage extensions.
  • Experience with enrollment protocols such as SCEP, EST, ACME, or CMP.
  • Familiarity with certificate lifecycle automation, workflows or CLM platforms and APIs.
  • Familiarity with HSM integration, key escrow, and secure enclaves.
  • Understanding of PKI use cases for TLS/mTLS, device identity, Wi‑Fi/EAP, VPN, code signing, workload identity, etc.
  • Proficiency with Linux environments and version control systems (Git).
  • Familiarity with cloud environments (AWS) and how PKI integrates with cloud services.
  • Solid understanding of Dev Ops practices, CI/CD, monitoring, and ownership of production systems.
  • Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or equivalent experience.
Desired Skills
  • Experience with hardware‑backed security mechanisms such as TPM, HSM, or secure enclaves.
  • Experience with PKI in Kubernetes or service mesh environments (Istio, SPIRE, cert‑manager).
  • Exposure to device attestation, platform security, or Secure Boot concepts.
  • Familiarity with relevant security frameworks or compliance standards (NIST, ISO, SOC
    2).
  • Awareness of common security weaknesses (OWASP Top…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search