Public Key Infrastructure Engineer Job
Yoh
(San Diego, California)Yoh covers the diverse talent and workforce management needs in the Aviation, Engineering, Health Care, IT, Life Sciences, Media & Entertainment and Telecom industries. You can be confident that we have the right talent and managed solution for you. You need it. Yoh has it!
PKI (Public Key Infrastructure) Engineer needed for a Contract opportunity with Yoh's client located in San Diego, CA.
- Architect, design, document, and support Public Key Infrastructure (PKI) systems and Public Key Enabled (PKE) solutions that provide the capability for smart card use on a multi-forest/multi-domain large enterprise network.
Top Skills You Should Possess:
- Microsoft PKI
- Public Key and Private Key
- Active Directory expertise
- PowerShell Scripting
What You Need to Bring to the Table:
Microsoft Active Directory Certificate Services (ADCS)
- Certification Authority (CA) offline root and online issuing CAs
- Online Certificate Status Protocol (OCSP) Responder
- ADCS auto-enrollment
- CA backup and restore
How the Microsoft Cryptographic Application Programming Interface (MSCAPI) behaves when validating certificates
- How certificate validation works
- Certificate trust chains (to include MS trust stores)
- Certificate Revocation Lists (CRLs)
- OCSP responses
- 509 certificate types, constructs, and attributes
- Certificate Policy (CP) and Certificate Practice Statements (CPS) documentation (RFC 3647)
How asymmetric, symmetric, and key hashing works and their related cipher suites
- DoD PKI architecture and requirements (FIPS-140/201, PIV)
- Use of Hardware Security Modules (HSMs) to protect private keys
How certificates are manually obtained from a third party issuing CA
- Creation of the private key
- Certificate signing request
- Import of the CA issued public key
- Smart card readers and reader middleware
- 90Meter
- ActivClient
- Microsoft mini-driver (native MS middleware)
How Active Directory (AD) smart card logon works
- UPN Mapping (one to one)
- ALTSECID Mapping (one to many, many to one)
- PKI containers in AD
- Certificate use with email messages
- Outlook configuration
- Email sign and encrypt
- Outlook Web Access
Certificate use for:
- 11i (Wireless)
- 1x (Network Access Control)
- SSL VPN
Creation of detailed architecture and design documents to include detailed diagramming
- Windows PowerShell scripting
Operating systems as they relate to PKI/PK:
- Windows 7
- Windows server 2008/2012
- Microsoft Group Policy Objects (GPOs)
Bonus Points! Otherwise Known As Preferred Qualifications:
- OpenSSL (PKI capabilities)
- Java Keystores (keytool)
- Axway Validation Authority and Desktop Validator
- RedHat PKI
- DoD DIACAP and STIG PKI requirements
- MS PKI tools (certutil, certreq)
- Microsoft IIS 7/8
Benefits | Benefits not included |
---|
Questions
There are no answered questions, sign up or login to ask a question
- Architecture
- Design
- Documentation
- Infrastructure
- Java
- Operating
- Operating System
- Programming
- Systems
- Windows
- Active Directory
- Application Programming
- Microsoft Active Directory
- Scripting
- SSL
- VPN
- Windows PowerShell
- Public Key Infrastructure
- Windows Server 2008

Want to see jobs that are matched to you?
DreamHire recommends you jobs that fit your
skills, experiences, career goals, and more.