Would you like to join the leading international intergovernmental organization?

The Engineer (IdM/PKI) 2 is responsible for the comprehensive management, operation, and support of the NATO-wide NPKI (NATO Public Key Infrastructure) environment. This includes oversight of registration authorities, PKI infrastructure (virtualized and hardware), lifecycle management of user and device certificates, and the administration of all associated systems and components. The role ensures the security, reliability, and continuous availability of NPKI services, supports NATO missions and exercises, and provides high-level technical support to NPKI customers.

Responsibilities:

• Manage the NATO wide NPKI Registration Authorities;

• Manage PKI virtualize and hardware infrastructure;

• Manage and control of the lifecycle of end users and devices certificates for all NPKI CA's;

• Manage all NPKI Windows Servers, RHEL and VMware environment including systems error log verification;

• Manage NPKI Hardware Security Module (HSMs);

• Manage Card Management System;

• Responsible for Entrust sub components connected to the NPKI CA especially in context of potential new services testing and integration;

• Responsible for the creation of NPKI related guidance and procedures (SOP);

• Responsible for the delivery of 2nd and 3rd level technical support of CIS services to the NPKI customers;

• Responsible for the NCIA ITSM ticketing system;

• Responsible for certificate creation and Smart Cards enrolment;

• Responsible for supporting all NATO exercises and missions;

• Supervises the day-to-day operations /management /backup/restore of the PKI systems.

• Installation and maintenance of NPKI components;

• Certificate Authority components Log analysis, (Trouble shoot the system ALARM/ERRORS and monitor users and interfaces activity);

• Responsible for NPKI system documentation, hardware inventory, software configuration and inventory and regular systems and applications patching;

• Be flexible to work outside normal office hours in response to crises, operational requirements;

• Performs other duties as may be required.

Essential Qualifications & Experience:

• A university degree in a relevant discipline and 3 years of specific experience

• Extensive knowledge of modern communication and Internet Protocol (IP) based networking technologies and systems including security aspects.

• 3 years extensive experience with PKI System development, design, management.

• Extensive knowledge of Information security and Cryptography (symmetric and asymmetric encryption, public key infrastructure (PKI) encryption, public key encryption, hash functions, digital signatures, digital certificates).

• Practical experience in Windows Servers, RHEL and VMware system administration.

• Knowledge of the principles of computer and communications security, networking, and vulnerabilities of modern operating systems and applications.

• Experience with SQL database administration.

• Extensive experience in operating systems backup and restore.

• Practical experience in scripting (Python, Powershell).

• Practical experience in SSL, TLS, and OpenSSL.

• Extensive knowledge with Microsoft Excel.

Desirable Experience:

• VMware (VCA, VCP) and Linux RHEL system administration

• CISCO CCNA

• Microsoft Certified Solution Associate (MCSA).

• Microsoft Certified Solutions Expert (MCSE).

• Experience in development and implementation of computer security policies.

If you've read the description and feel this role is a great match, we'd love to hear from you! Click "Apply for this job" to be directed to a brief questionnaire. It should only take a few moments to complete, and we'll be in touch promptly if your experience aligns with our needs.