Steel Perlot is hiring a

Web3 PKI / HSM Engineer

Overview

Knox Networks is an open source software platform that supports white label programmable money and digital identity solutions for financial institutions.

The Knox software platform can be used for issuing, authorizing, verifying, executing, transacting, distributing and reporting programmable money between financial institutions and/or consumers as non-account based financial instruments including, but not limited to: digital cash, treasury securities, repurchase agreements, central bank digital currencies and any other cash analogue. Our technology focuses on balancing privacy, scalability and interoperability with various financial standards and payment networks.

Description

As a PKI / HSM Engineer, you will design and implement PKI/Certificates solutions along with maintaining, documenting and supporting our Public Key Infrastructure (PKI) and implemented key management systems and Hardware Security Modules (HSM).

The position is based in New York, NY or Los Angeles, CA (also open to 100% remote) with full-time salary and benefits.

Key Responsibilities, Prioritized:*

1. Maintenance and support all Enterprise Public Key Infrastructure (PKI) technology, including PrimeKey, EJBCA, AWS ACM, and Microsoft Certificate Services.
2. Administer the PKI certificate lifecycle for various applications and solutions.
3. Work with senior members to evaluate upgrades and new products & technologies for the enterprise PKI infrastructure.
4. Provide End user certificate support for certificates. Maintain a key service of PKI systems.
5. Participate in projects to deploy new PKI applications and services.
6. Propose and implement changes to the PKI infrastructure in accordance with standard procedures and change control policies and procedures.
7. Document design, installations and operations & maintenance guides.
8. Support HSM management support requests as per pre-defined sets of procedure and within agreed Service Level Agreements (SLA), resolve problem tickets and assist other staff members as needed.
9. Complete certificate requests as per pre-defined sets of procedure and within agreed Service Level Agreements (SLA), resolve problem tickets and assist other staff members as needed.
10. Maintain security and technical certifications.

Knowledge, Skills, and Abilities

• Experience working on Level 1-2 support of PKI systems and services.
• Good understanding of protocols like TLS, TCP/IP, OCSP, SCEP, LDAP, ACME.
• Good analytical and troubleshooting skills on all platforms and tools supported.
• Have a global mindset and collaborate effectively within and across teams in different part of the global landscape.
• Security + and other comparative information security certifications are preferred, that show an understanding of information security principles.
• IT infrastructure knowledge including operating systems, applications, communications, and network protocols.
• Have a familiarization with Industry standards as applied to asymmetric and symmetric key usage. Familiarity with PKCS#11 standards for interoperability with HSM providers.
• Familiarity with regulatory and compliance requirements for security and key management, such as Federal Information Processing Standards (FIPS).
• Good knowledge in a technical skill set that supports one of the Applied Cryptography's core services data encryption, PKI, HSM and Key management.
• Verbal and written communication skills, problem solving skills, attention to detail and interpersonal skills along with the ability to present complex security subjects to internal work groups and projects.
• Strong ability to work independently and manage one's time with minimal direction from supervisor.
• The ability to work effectively with other functional areas and understand the operational and cultural issues relevant to achieving superior results.
• Must be flexible and able to manage multiple tasks and priorities on very tight deadlines.
• Be a self-motivated and results oriented individual with an attention to driving aggressive project timelines and schedules.
• Ability to work independently and in collaboration with others to achieve a high level of success.
• Sound interpersonal and collaboration skills with the ability to develop, maintain and foster constructive relationships with others.
• Preferred Crypto and FinTech Awareness: Understanding and experience working in the financial industry, Familiarity with any of the following: payments, digital wallets, clearing and settlement, privacy, security etc. Understanding and strong interest in cryptocurrencies and the blockchain industry.
• Comfort in ambiguous unstructured environments: Building something new comes with significant ambiguity, and we want people that can thrive in that ambiguity. ****The environment is highly dynamic, and there are no precedents.

Requirements

• Received a bachelor's degree in CS, EE, or a related technical field, and proven excellence in previous roles.
• 3+ years of work experience and familiarity with Public Key Infrastructure (PKI) practices, policies and procedures.
• Understanding of Public Key Infrastructure (PKI) core elements such as Certificate Authorities, Registration Authority, CRLs, OCSP, and Certificate elements.
• Be based at the office in New York or LA and be able to travel within the U.S. and internationally on a regular basis as needed.
• Attention to detail
• Excellent communication skills
• Deep understanding of technology
• Proven record of shipping features on time and on budget
• Flexible and focussed on solutions
• Organized and self-sufficient

Apply Now: