Principal Engineer Public Key Infrastructure

When you join Verizon

You want more out of a career. A place to share your ideas freely - even if they're daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love - driving innovation, creativity, and impact in the world.

Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together - lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife.

You will be a critical member of the Customer Router Security team, specifically tasked with the strategic initiative to build and run our Public Key Infrastructure (PKI) infrastructure. This project is critical to fulfilling Verizon's Network Security priorities and fundamentals at scale.

We are seeking a highly experienced and technically profound Principal Engineer specializing in Public Key Infrastructure (PKI) to join our security team. This role is crucial for designing, building, and maintaining the global PKI ecosystem that underpins our security, cryptographic services, and identity management across the entire enterprise. The ideal candidate will be a recognized subject matter expert, capable of setting technical strategy, mentoring junior engineers, and driving the implementation of cutting-edge, secure, and highly available PKI solutions.

The Principal Engineer will bring hands‑on experience in applying best practices, managing stakeholder expectations, collaboration of solution approaches, and positioning implementations for ongoing success. He/She would also be comfortable pitching solutions and gaining the buy‑in from the various teams including senior leaders.

Additionally, this position will require a rich understanding of routing, tunneling, and DDoS mitigation. This position will be included in the on‑call rotation.

• Define the long‑term technical vision and architectural roadmap for our global PKI environment, including Certificate Authorities (CAs), Hardware Security Modules (HSMs), and certificate lifecycle management (CLM) platforms.

• Lead the design and implementation of next‑generation cryptographic services, focusing on automation, scalability, and compliance with industry standards (e.g., NIST, CA/Browser Forum).

• Evaluate, recommend, and integrate new PKI‑related technologies and services, such as post‑quantum cryptography readiness, cloud PKI services, and advanced HSM deployments.

• Serve as the highest escalation point for complex PKI, certificate, and cryptographic service issues, providing expert troubleshooting and resolution.

• Lead the deployment, configuration, and maintenance of high‑assurance CAs, OCSP/CRL responders, and HSM infrastructure across diverse environments (on‑premises and cloud).

• Develop and maintain robust, self‑service automation tools (using scripting and orchestration platforms) to streamline certificate provisioning, renewal, and revocation enabling automation and orchestration.

• Ensure the operational health, performance, and compliance of all PKI systems through continuous monitoring, auditing, and patching.

• Provide technical leadership and mentorship to PKI and security engineering teams, fostering a culture of excellence, security‑first design, and continuous learning.

• Document technical standards, procedures, and architectural decisions clearly for both technical and non‑technical audiences.

• Collaborate with audit, compliance, legal, and other security teams to ensure PKI systems meet strict regulatory and internal policy requirements.

• Drive cross‑functional initiatives to integrate PKI and cryptographic solutions to secure applications and manage certificate life cycles.

• Bachelor’s degree or four or more years of work experience.

• Six or more years of relevant experience required, demonstrated through one or a combination of work and/or military experience, or specialized training.

• 8+ years of progressive experience in Information Security, with a minimum of 7 years…