Senior IT Security Consultant (PKI / TLS Certificates)

DCG Sp. z o.o is a recruitment company focused on providing experienced professionals and continuous support to meet business needs. The company is currently growing and undertaking numerous recruitment projects for its partners.

• 5+ years of experience in the IT industry, including hands-on experience in Public Key Infrastructure (PKI) and certificate lifecycle management
• Strong knowledge of Public Key Infrastructure concepts, including certificate lifecycle management and certificate trust models
• Understanding of public and private Certificate Authorities (CA), including trust chains, root certificates, and issuance policies
• Solid understanding of TLS protocol, including TLS handshake and mutual TLS (mTLS) authentication mechanisms
• Good understanding of operating systems and infrastructure components, including networks, certificates, domains, and related security mechanisms
• Strong analytical and problem-solving skills, with the ability to navigate complex technical environments and regulatory requirements
• Ability to assess technical solutions, analyze data files, and identify potential security risks or non-compliances
• Strong planning and organizational skills, with the ability to coordinate activities in order to prevent service disruptions
• Experience in risk assessment and proposing mitigation strategies related to security and infrastructure changes
• Strong communication and presentation skills, with the ability to clearly explain technical concepts to both technical teams and management
• Ability to work independently and collaboratively, with a proactive and solution-oriented mindset
• Very good command of English (oral and written)

Nice to have:

• Knowledge of cryptographic algorithms, key types, and key management systems

• Drive and support the implementation of the global industry mandate regarding Client Authentication EKU removal from TLS public certificates
• Implement solutions ensuring proper trust configuration for both inward- and outward-facing services
• Provide communication, support, and training for application teams and other organizational units regarding required certificate changes and best practices
• Conduct discovery of digital certificates used across the organization
• Evaluate both existing internal tools and potential external solutions for certificate discovery
• Analyze discovered certificates to identify types, non-compliances, and potential risks
• Propose remediation actions and improvements to certificate management practices
• Analyze technical environments and assess risks related to certificate lifecycle management
• Plan and coordinate activities to minimize service disruptions
• Review technical solutions and analyze relevant technical data and documentation
• Clearly communicate objectives, technical findings, and recommendations to a wide audience including application teams, technical specialists, and management
• Prepare documentation, presentations, and guidance materials for internal stakeholders
• Collaborate with cross-functional teams to ensure successful implementation of security initiatives