INFINITE RANGES OVERVIEW
Infinite Ranges is Secure. Digital. Transformation. We build strategic consulting solutions combined with bleeding edge technical tools in AppDev, Modern (Digital) IT, and Security. Our proprietary RangeX recruiting technology allows us to deliver the right talent at the right time to our clients and partners.
OPEN CLIENT OPPORTUNITY
To conduct a design assessment for a public key infrastructure (PKI) for internal machine, user, x.509, SSH, and other HTTPS/TLS certificates and keystores. The assessment will include considerations for automation, fault-tolerance, architecture and security best practices, issuance, revocation, and downstream security use cases
TITLE
CONTRACT LENGTH OR FTE
ONSITE, OFFSITE, OR HYBRID
THE JOB FUNCTIONS
Develop conceptual level designs for PKI and certificate architecture.
Maintain and advocate application security architecture based on standards, best practices and in accordance with various regulatory requirements.
Lead consultative client engagements to define application security strategy, architecture and roadmaps.
Review application and system architectures, processes, and impact analysis from a security perspective.
Development of resource staffing recommendations, organization structure and plans for project execution, governance and security of the PKI Infrastructure solution designs.
Increase capability maturity of the security program as applies to PKI.
Clearly and concisely develop tactical and strategic action plans to be reviewed, discussed and executed by the delivery and client team.
Develop and interpret security policies, standards, and procedures to design requirements.
Provide client education and guidance to client teams based on designed PKI architectures.
Lead projects to drive the assessment, operationalization and adoption of new technologies, platforms and tools.
Facilitate and help mature IT service management and cybersecurity processes including change management, incident management, configuration management, threat and vulnerability management.
THE SIZZLE (THE RIGHT CANDIDATE WILL FIT THE POINTS BELOW)
Determine functional, architectural, and design requirements for PKI architecture IAW (in accordance with) applicable regulatory requirements and standards.
Develop enterprise PKI designs, conceptual through detailed design, IAW customer requirements, regulatory and operational constraints.
Strategic thinker, with experience planning and executing multiyear infrastructure and cloud security roadmaps.
Ability to define program KPIs and metrics.
Knowledge of IT and Cybersecurity frameworks, such as NIST, FIPS, CSF, CIS, ISO 27001/2.
Working knowledge of Cloud provider security architecture design patterns, and key control methods - Bring your own key, Hold your own key, partitioned HSMs.
Knowledge of API security architecture and technologies.
Knowledge of OWASP Web/API vulnerabilities and compensating controls (CSRF, XSS, SQLI, etc.).
TECHNOLOGIES USED IN THIS ROLE
EXPERIENCE REQUESTED FOR THIS ROLE
Curiosity to learn combined with a builder-attitude will be critical in our mission to address evolving threats and protect company information and resources.
Knowledge of encryption fundamentals: PKI, keystores, certificate management, certificate orchestration, platforms, and key management best practices.
5+ Years of experience with enterprise PKI architectures.
5+ years of experience with Cloud technologies (AWS or Azure, KMS, Keyvault).
Experience developing CP and CPS documents.
Strong analytical and problem-solving skills and demonstrated experience coordinating strategic efforts in an effective and efficient manner.
CERTIFICATIONS REQUESTED
Microsoft Certificate Authority
A certificate management platform
Hardware Security Module (HSM)
AWS Architect
Azure Architect