Engineer (IdM/PKI Services)
- Working Location: Mons, Belgium
- Security Clearance: NATO Cosmic Top Secret
- Language: High proficiency level in English language
EXPERIENCE AND EDUCATION:
Essential Qualifications/Experience:
A university degree in a relevant discipline and 3 years of specific experience
Extensive knowledge of modern communication and Internet Protocol (IP) based networking technologies and systems including security aspects
3 years extensive experience with PKI System development, design, management
Extensive knowledge of Information security and Cryptography (symmetric and asymmetric encryption, public key infrastructure (PKI) encryption, public key encryption, hash functions, digital signatures, digital certificates)
Experience in Windows Servers and RHEL OS
Knowledge of the principles of computer and communications security, networking, and vulnerabilities of modern operating systems and applications
Experience in scripting (Python, PowerShell)
Practical experience in SSL, TLS, and OpenSSL
Desirable Qualifications/Experience:
Experience in development and implementation of computer security policies
DUTIES/ROLE:
Manage the NATO wide NPKI Registration Authorities
Maintain the day-to-day NATO wide PKI systems and components
Manage and control of the lifecycle of end users and devices certificates
Manage NPKI hardware infrastructure
Manage and responsible for the NPKI LDAP directory service configuration and support HTTP service
Responsible for the NCIA ITSM ticketing system
Responsible for user/device certificate creation and Smart Cards enrolment
Responsible for WNES- auto enrolment service, CSR SCEP; Enrolment over Secure Transport (EST); Entrust Administration Services components especially in context of ITM and NPKI Mitigation projects new services development and deployment
Responsible for Enterprise Mobile Mobility configuration, integration, maintenance
Responsible for Online Certificate Status Protocol (OCSP) and Time Stamp management
Responsible for Database maintenance, dedicated for NPKI
Responsible for Card Management System deployment, integration and day-to-day management
Responsible for Hardware Security Module (HSM) firmware upgrade and management in different Date Centre location
Responsible for the creation of PKI related guidance
Certificate Authority Log analysis, (Troubleshoot the system ALARM/ERRORS and monitor user activity)
Support Smart Card enrolment and certificate creation process
Maintain the day-to-day operations /management /backup/restore of the PKI systems
Provide technical support and assistance to ITM Operating Authorities and NPKI-Mitigation project team
Provide 2nd and 3rd level technical support of CIS services to the NPKI customers
Designing of new PKI components
Responsible for the creation and maintenance of Standard Operating Procedures within the NPKI as part of modifications or additions to current capabilities
Documenting of all new PKI services
Installation and maintenance of NPKI components
Be flexible to work outside normal office hours in response to crises, operational requirements
Performs other duties as may be required related to Polaris