ICA Security Engineer/ PKI Security Engineer
Charlotte, NC (Hybrid)
Job Description:
ICA Security Engineer/ PKI Security Engineer
W2 Candidates with 12-month validity
Charlotte North Carolina
Skills:
- 8+ years in Security Engineering/Identity Infrastructure, including 5+ years hands-on with Microsoft AD CS and enterprise Active Directory with managing CA infra
- Proven experience designing, deploying, and operating multi-tier Microsoft PKI (offline root, issuing CAs) in large/complex environments.
- Deep knowledge of X.509, CRL/OCSP, EKU/KU, SANs, key algorithms and sizes (RSA/ECC), hashing (SHA-2), and certificate validation paths.
- Strong PowerShell and Windows Server administration; GPOs, autoenrollment, templates, AIA/CDP configuration.
- Experience with 802.1X/EAP-TLS, TLS/mTLS, VPN auth, and device/user certificate issuance at scale.
- HSM experience (e.g., nCipher/Entrust/Thales) for CA key management.
Key Skills:
- Microsoft AD CS and enterprise Active Directory with managing CA infra