×
Register Here to Apply for Jobs or Post Jobs. X

Systems Engineer; Active Directory​/PKI

Job in Tampa, Hillsborough County, Florida, 33646, USA
Listing for: Strategic Staffing Solutions
Full Time position
Listed on 2026-02-16
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
  • Engineering
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 55 - 65 USD Hourly USD 55.00 65.00 HOUR
Job Description & How to Apply Below
Position: Systems Engineer (Active Directory/PKI)

1 day ago Be among the first 25 applicants

Senior PKI Engineer / AD CS Architect (On-Prem Utility Environment)

Location
- Tampa, Fl (Midtown)

Duration: 1 year

Electric Utility will require to obtain NERC Clearance once joins

Pay $55-$65/hr

Alternate Titles (if needed):

  • Senior Identity & PKI Engineer
  • PKI Infrastructure Architect (Microsoft AD CS)
  • Senior IT Security Engineer – PKI & Certificates

Job Description

Position Summary

We are seeking a Senior PKI Engineer / AD CS Architect to design, build, and operate enterprise Public Key Infrastructure (PKI) within a regulated Electric Utility environment
. This role requires deep, hands-on experience with Microsoft Active Directory Certificate Services (AD CS), including standing up PKI solutions from scratch
, implementing two-tier CA architectures
, and automating certificate lifecycle management
.

This is a technical leadership role
, not a general system administrator position, and is critical to ensuring the security, reliability, and compliance of the organization’s digital identity and certificate infrastructure in a fully on-prem environment
.

Key Responsibilities
  • Own the end-to-end lifecycle management of enterprise digital certificates
    , including issuance, renewal, revocation, auditing, backup, and recovery across critical systems.
  • Design, deploy, and maintain Microsoft Active Directory Certificate Services (AD CS) using two-tier PKI architectures
    , ensuring high availability, security, and regulatory compliance.
  • Integrate PKI with Active Directory, Group Policy, and automated enrollment mechanisms
    , including Certificate Web Enrollment, NDES, and Online Responder services.
  • Develop, enforce, and document PKI policies, standards, and procedures
    , aligning with security best practices and compliance frameworks such as NERC CIP and ISO 27001
    .
  • Implement automation for certificate lifecycle management using tools such as Power Shell
    , reducing manual intervention and operational risk.
  • Monitor certificate health and expiration
    , proactively mitigating risks of service disruption to enterprise and operational systems.
  • Collaborate closely with security, infrastructure, network, and application teams to support secure authentication, encryption, and trusted communications.
  • Troubleshoot complex certificate and PKI-related issues across servers, applications, devices, and network services.
  • Maintain PKI monitoring, backups, and disaster recovery processes
    , ensuring resilience and audit readiness.
  • Participate in internal and external audits
    , providing documentation and evidence of compliance with utility and security regulations.
  • Provide technical guidance and knowledge transfer
    , serving as the PKI subject-matter expert across the organization.
Required Qualifications
  • Hands-on, production experience with Microsoft AD CS (Active Directory Certificate Services) —
    designing, building, and operating PKI
    , not just administering it.
  • Strong PKI expertise
    , including certificate authorities, CRLs, OCSP, certificate templates, and trust chains.
  • Advanced Active Directory knowledge
    , including Group Policy, domain architecture, and integration with PKI.
  • Experience implementing certificate-based authentication (TLS/SSL, smart cards, S/MIME, device certificates).
  • Strong troubleshooting and analytical skills in complex, regulated enterprise environments.
  • Excellent technical documentation and communication skills
    .
  • Experience working in on-prem infrastructure environments
    .
Preferred Qualifications
  • Electric Utility or regulated infrastructure experience (highly preferred).
  • Proven experience standing up PKI solutions from scratch in enterprise environments.
  • AD CS automation experience using Power Shell or similar scripting tools.
  • Familiarity with Azure Key Vault, Intune, or hybrid certificate models (nice to have).
  • Knowledge of NERC CIP compliance requirements
    .
  • Relevant certifications such as:
    • Microsoft Certified:
      Identity and Access Administrator
    • CISSP
    • MCSE (preferred but not required)
Key Differentiators for This Role
  • Hands-on PKI ownership required — not advisory or oversight only
  • On-prem, regulated utility environment
  • Critical security infrastructure supporting enterprise and operational systems
Seniority level
  • Mid-Senior level
Employment type
  • Contract
Job function
  • Information Technology
  • IT Services and IT Consulting
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary