Technical Specialist, Public Key Infrastructure (PKI)
Top Benefits
About the role
WHAT IS THE OPPORTUNITY?
The Certificate Services team is seeking a skilled and experienced Public Key Infrastructure (PKI) Professional with a strong focus on Certificate Lifecycle Management to join our Global Security team in Vancouver, BC. This role is critical to maintaining the security and integrity of our digital landscape by ensuring the reliable operation and robust security of our internal and external PKI services. The successful candidate will be responsible for the day-to-day management, maintenance, and enhancement of our PKI environment including Venafi TPP CLM platform, Microsoft CA, NDES and CEP/CES systems. This role will have a development and application support focus, experience in application and system development required.
WHAT WILL YOU DO?
- Manage the full Certificate Lifecycle: Oversee and execute all phases of certificate management, including request processing, generation, issuance, distribution, renewal, replacement, and timely revocation of various certificate types (SSL/TLS, S/MIME, code signing, client authentication, etc.).
- Enforce PKI Policies and Procedures: Ensure strict adherence to established PKI policies, Certificate Practice Statements (CPS), and Certificate Policy (CP) documents.
- Operate and Maintain PKI Infrastructure: Administer and maintain internal Certificate Authorities (CAs), Registration Authorities (RAs), and related components, including hardware and software.
- Troubleshoot and Resolve PKI Issues: Identify, diagnose, and resolve issues related to certificate validity, trust chains, revocation status (CRL, OCSP), key usage, and connectivity problems impacting PKI services.
- Contribute to PKI Design and Implementation: Participate in the design, planning, and implementation of new PKI solutions and enhancements based on evolving business needs and security requirements.
- Ensure PKI Security: Implement and monitor security controls to protect the PKI infrastructure, including securing CA private keys, managing access controls, and monitoring for suspicious activity.
- Maintain Compliance: Ensure the PKI environment meets internal security standards, industry best practices, and relevant regulatory requirements (e.g., privacy laws, industry-specific regulations).
- Key Management: Assist in the secure generation, storage, and management of cryptographic keys involving Hardware Security Modules (HSMs).
- Automate PKI Operations: Develop and implement scripts and tools to automate repetitive PKI tasks, such as certificate issuance, monitoring, and reporting, improving efficiency and reducing manual errors.
- Document PKI Processes: Create and maintain comprehensive documentation for PKI configuration, procedures, policies, and troubleshooting guides.
- Stay Current with PKI Trends: Keep abreast of the latest developments, vulnerabilities, and best practices in the PKI and cryptographic space.
WHAT DO YOU NEED TO SUCCEED?
Must have
- 5 years of experience in Information Technology, with a minimum of 3 years focused specifically on Public Key Infrastructure (PKI) administration and support.
- Deep expertise and hands-on experience with in Microsoft CA, NDES,OCSP and Venafi.
- Excellent troubleshooting skills and the ability to diagnose and resolve complex PKI issues.
- Strong communication skills, both written and verbal, with the ability to explain technical concepts clearly.
- Deep understanding of PKI concepts, including X.509 certificates, certificate chains, trust anchors
- Proficiency with SSL/TLS protocols and their application in securing web and network communications.
- Familiarity with relevant security standards and frameworks (e.g., NIST, ISO 27001) and compliance requirements.
- Experience with scripting languages (e.g., PowerShell, Python) for automating PKI-related tasks.
Nice-to-have :
- Certifications in Cyber Security (CISSP, CCSP etc.)
- Understanding of industry standards (IST 27001/2, NIST etc.)
- Venafi Certified Administrator (VSA) or Venafi Security Professional (VSP)
What’s in it for you?
We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.
- A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
- Leaders who support your development through coaching and managing opportunities
- Ability to make a difference and lasting impact
- Work in a dynamic, collaborative, progressive, and high-performing team
- A world-class training program in financial services
- Flexible work/life balance options
- Opportunities to do challenging work
About RBC
Royal Bank of Canada is a global financial institution with a purpose-driven, principles-led approach to delivering leading performance. Our success comes from the 94,000+ employees who leverage their imaginations and insights to bring our vision, values and strategy to life so we can help our clients thrive and communities prosper. As Canada's biggest bank and one of the largest in the world, based on market capitalization, we have a diversified business model with a focus on innovation and providing exceptional experiences to our more than 17 million clients in Canada, the U.S. and 27 other countries. Learn more at rbc.com. We are proud to support a broad range of community initiatives through donations, community investments and employee volunteer activities. See how at www.rbc.com/community-social-impact.
La Banque Royale du Canada est une institution financière mondiale définie par sa raison d'être, guidée par des principes et orientée vers l'excellence en matière de rendement. Notre succès est attribuable aux quelque 94 000+ employés qui mettent à profit leur créativité et leur savoir faire pour concrétiser notre vision, nos valeurs et notre stratégie afin que nous puissions contribuer à la prospérité de nos clients et au dynamisme des collectivités. Selon la capitalisation boursière, nous sommes la plus importante banque du Canada et l'une des plus grandes banques du monde. Nous avons adopté un modèle d'affaires diversifié axé sur l'innovation et l'offre d'expériences exceptionnelles à nos plus de 17 millions de clients au Canada, aux États Unis et dans 27 autres pays. Pour en savoir plus, visitez le site rbc.com/francais
Nous sommes fiers d'appuyer une grande diversité d'initiatives communautaires par des dons, des investissements dans la collectivité et le travail bénévole de nos employés. Pour de plus amples renseignements, visitez le site www.rbc.com/collectivite-impact-social.
Technical Specialist, Public Key Infrastructure (PKI)
Top Benefits
About the role
WHAT IS THE OPPORTUNITY?
The Certificate Services team is seeking a skilled and experienced Public Key Infrastructure (PKI) Professional with a strong focus on Certificate Lifecycle Management to join our Global Security team in Vancouver, BC. This role is critical to maintaining the security and integrity of our digital landscape by ensuring the reliable operation and robust security of our internal and external PKI services. The successful candidate will be responsible for the day-to-day management, maintenance, and enhancement of our PKI environment including Venafi TPP CLM platform, Microsoft CA, NDES and CEP/CES systems. This role will have a development and application support focus, experience in application and system development required.
WHAT WILL YOU DO?
- Manage the full Certificate Lifecycle: Oversee and execute all phases of certificate management, including request processing, generation, issuance, distribution, renewal, replacement, and timely revocation of various certificate types (SSL/TLS, S/MIME, code signing, client authentication, etc.).
- Enforce PKI Policies and Procedures: Ensure strict adherence to established PKI policies, Certificate Practice Statements (CPS), and Certificate Policy (CP) documents.
- Operate and Maintain PKI Infrastructure: Administer and maintain internal Certificate Authorities (CAs), Registration Authorities (RAs), and related components, including hardware and software.
- Troubleshoot and Resolve PKI Issues: Identify, diagnose, and resolve issues related to certificate validity, trust chains, revocation status (CRL, OCSP), key usage, and connectivity problems impacting PKI services.
- Contribute to PKI Design and Implementation: Participate in the design, planning, and implementation of new PKI solutions and enhancements based on evolving business needs and security requirements.
- Ensure PKI Security: Implement and monitor security controls to protect the PKI infrastructure, including securing CA private keys, managing access controls, and monitoring for suspicious activity.
- Maintain Compliance: Ensure the PKI environment meets internal security standards, industry best practices, and relevant regulatory requirements (e.g., privacy laws, industry-specific regulations).
- Key Management: Assist in the secure generation, storage, and management of cryptographic keys involving Hardware Security Modules (HSMs).
- Automate PKI Operations: Develop and implement scripts and tools to automate repetitive PKI tasks, such as certificate issuance, monitoring, and reporting, improving efficiency and reducing manual errors.
- Document PKI Processes: Create and maintain comprehensive documentation for PKI configuration, procedures, policies, and troubleshooting guides.
- Stay Current with PKI Trends: Keep abreast of the latest developments, vulnerabilities, and best practices in the PKI and cryptographic space.
WHAT DO YOU NEED TO SUCCEED?
Must have
- 5 years of experience in Information Technology, with a minimum of 3 years focused specifically on Public Key Infrastructure (PKI) administration and support.
- Deep expertise and hands-on experience with in Microsoft CA, NDES,OCSP and Venafi.
- Excellent troubleshooting skills and the ability to diagnose and resolve complex PKI issues.
- Strong communication skills, both written and verbal, with the ability to explain technical concepts clearly.
- Deep understanding of PKI concepts, including X.509 certificates, certificate chains, trust anchors
- Proficiency with SSL/TLS protocols and their application in securing web and network communications.
- Familiarity with relevant security standards and frameworks (e.g., NIST, ISO 27001) and compliance requirements.
- Experience with scripting languages (e.g., PowerShell, Python) for automating PKI-related tasks.
Nice-to-have :
- Certifications in Cyber Security (CISSP, CCSP etc.)
- Understanding of industry standards (IST 27001/2, NIST etc.)
- Venafi Certified Administrator (VSA) or Venafi Security Professional (VSP)
What’s in it for you?
We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.
- A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
- Leaders who support your development through coaching and managing opportunities
- Ability to make a difference and lasting impact
- Work in a dynamic, collaborative, progressive, and high-performing team
- A world-class training program in financial services
- Flexible work/life balance options
- Opportunities to do challenging work
About RBC
Royal Bank of Canada is a global financial institution with a purpose-driven, principles-led approach to delivering leading performance. Our success comes from the 94,000+ employees who leverage their imaginations and insights to bring our vision, values and strategy to life so we can help our clients thrive and communities prosper. As Canada's biggest bank and one of the largest in the world, based on market capitalization, we have a diversified business model with a focus on innovation and providing exceptional experiences to our more than 17 million clients in Canada, the U.S. and 27 other countries. Learn more at rbc.com. We are proud to support a broad range of community initiatives through donations, community investments and employee volunteer activities. See how at www.rbc.com/community-social-impact.
La Banque Royale du Canada est une institution financière mondiale définie par sa raison d'être, guidée par des principes et orientée vers l'excellence en matière de rendement. Notre succès est attribuable aux quelque 94 000+ employés qui mettent à profit leur créativité et leur savoir faire pour concrétiser notre vision, nos valeurs et notre stratégie afin que nous puissions contribuer à la prospérité de nos clients et au dynamisme des collectivités. Selon la capitalisation boursière, nous sommes la plus importante banque du Canada et l'une des plus grandes banques du monde. Nous avons adopté un modèle d'affaires diversifié axé sur l'innovation et l'offre d'expériences exceptionnelles à nos plus de 17 millions de clients au Canada, aux États Unis et dans 27 autres pays. Pour en savoir plus, visitez le site rbc.com/francais
Nous sommes fiers d'appuyer une grande diversité d'initiatives communautaires par des dons, des investissements dans la collectivité et le travail bénévole de nos employés. Pour de plus amples renseignements, visitez le site www.rbc.com/collectivite-impact-social.