LSEG Lead PKI Engineer in St. Louis, Missouri
Lead PKI Engineer, Public Key Cryptographic Infrastructure
The Information Security & Risk Management team seeks a high-energy, motivated individual who combines solid technical credentials with a high degree of business acumen for the position of Lead Identity Engineer, Public Key Cryptographic Infrastructure (PKI) within our Identity and Access Management team. In this role, you will design and engineer PKI solutions in collaboration with executive leadership, technology peers and business partners to solve some of our greatest challenges.
Developing a mature PKI capability has been defined as a strategic direction for the London Stock Exchange and a cornerstone of our security posture. You will provide your expertise on the PKI engineering team to architect, engineer, and implement an advanced PKI capability. You will drive the complete development of a modern PKI capability including design, engineering, implementation, and automation of PKI lifecycle. A secure PKI platform is the bedrock of our security posture that will drive both user experience and security advancements across all technologies and services.
Drive the development of PKI solutions to meet security and business requirements.
Develop automation approaches to solve PKI lifecycle management challenges.
Analyze legacy PKI solutions for security gaps and develop new approaches/capability to mitigate.
Lead and guide the company with industry best practices related to all aspects of PKI.
Develop standards and approaches to enable seamless integration across technical stacks.
Partner with architecture teams to understand security and business implications of PKI strategy.
Act as a technical owner on initiatives involving PKI technologies.
Champion PKI capability and integration across core security and IT capability.
Proven track record of engineering PKI solutions in a large global enterprise.
Strong understanding of X.509, RSA, SSL/TLS, NIST, audit frameworks, and certificate management processes.
10+ years’ experience in architecting, engineering, and implementing enterprise solutions.
2+ years technical experience integrating, developing, and automating IAM systems like MFA, Azure AD and Authentication protocols/technologies. used in networking (zScaler, VPN, Wireless Authentication, etc)
Hands-on experience with designing certificate authorities, registration authorities, and certificate policies.
Familiarity with certificate enrollment and renewal protocols.
Strong understanding of certificate lifecycle challenges and the understanding of how to mitigate.
Understanding of HSM capability.
Experience with standard encryption protocols such as IPSec, TLS, SSH.
Strong understanding S/MIME, Wild Cards, SAN certificates.
Strong understanding of hashing standards like SHA-1/SHA-2.
Ability to articulate problems concisely and drive to resolution across organization functions.
Experience designing deployments of certificates in an enterprise environment.
Familiarity of cloud technologies and PKI requirements.
Familiarity with PKI vendors like Symantec, Venafi, Sectigo, Digicert.
- Bachelor’s degree preferred
At LSEG, we believe that creating a diverse and inclusive organisation is fundamental to the way we deliver on our promise – and our purpose. You’ll be part of an organisation of over 25,000 people, spanning 70 countries. We recognise the individual perspectives each of our colleagues brings, and our diverse workforce is one of our greatest strengths. In supporting collaboration and creativity and encouraging new ideas across a diverse and inclusive workforce, we can improve how we are driving financial stability, empowering economies and enabling customers to create sustainable growth.
LSEG offers a range of tailored benefits and support from healthcare and retirement planning to paid volunteering days and wellbeing initiatives.
We are an equal opportunities employer. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.
Please take a moment to read this privacy notice carefully, as it describes what personal information the London Stock Exchange Group (LSEG) (“We”) may hold about you, what it’s used for, and how it’s obtained, your rights and how to contact us as a data subject .
If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.