Listing Description

Our Engineering team built the world’s largest cloud security platform from the ground up, and we keep building. With more than 100 patents and big plans for enhancing services and increasing our global footprint, the team has made us and our multitenant architecture today's cloud security leader, with more than 15 million users in 185 countries. Bring your vision and passion to our team of cloud architects, software engineers, security experts, and more who are enabling organizations worldwide to harness speed and agility with a cloud-first strategy.

We’re looking for a Principal Security Researcher to join our Engineering team.

Reporting to the Senior Director of Information Security, you will be responsible for:

• Overseeing the full lifecycle of the PKI environment, including Certificate Authorities (CAs), Intermediate CAs, CRLs, OCSP services, and HSMs


• Managing certificate lifecycle operations such as issuance, renewal, expiration monitoring, and revocation to avoid service disruptions


• Ensuring PKI operations comply with security policies, regulatory requirements, and cryptographic standards (e.g., TLS, RSA, ECC, HMAC)


• Developing automation solutions to streamline certificate management at scale


• Collaborating with engineering, product, IT, DevOps, and security teams to integrate cryptographic best practices into systems and products

What We’re Looking for (Minimum Qualifications)

• 8+ years of experience managing PKI operations, certificates, or cryptographic security in production environments


• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience


• Proficiency in Public Key Infrastructure (PKI) concepts, cryptographic protocols (e.g., TLS/SSL, RSA, ECC), and certificate lifecycle management


• Hands-on experience managing Certificate Authorities (CA), HSMs, and PKI tools (e.g., Microsoft CA, EJBCA, or equivalent)


• Scripting knowledge (Python, Bash, or PowerShell) for automation and integration

What Will Make You Stand Out (Preferred Qualifications)

• Expertise securing PKI operations in cloud-native environments (e.g., AWS Certificate Manager, Azure Key Vault, Google Cloud KMS)


• Advanced understanding of emerging cryptographic algorithms (e.g., post-quantum cryptography)


• Experience integrating PKI systems into CI/CD pipelines and modern product lifecycles

#LI-Remote
#LI-CM3