← Back to Security Engineering
R
Recorded Future
www.recordedfuture.com

PKI Security Engineer, Product Security

Security EngineeringOn-site

What You’ll Do:

This is a key, hands-on engineering role with a strong emphasis on automation and operational excellence. Your primary responsibilities will include:

  • PKI Architecture and Governance: You will actively contribute to the architectural evolution of our internal Certificate Authorities (CAs) and related trust stores. You will ensure the PKI design and its operational practices strictly adhere to both Recorded Future's rigorous internal security policies and industry best practices and regulatory requirements (e.g., NIST, ISO 27001).
  • Subject Matter Expertise and Consultation: You will serve as the primary Subject Matter Expert (SME) for all things PKI and cryptography across the organization. This involves providing high-level consultation and technical guidance to engineering, platform, and development teams on secure key management, certificate usage, transport layer security (TLS/SSL), and digital signing.
  • Operational Support and Troubleshooting: You will troubleshoot and resolve complex, high-impact certificate-related issues across our production and development environments, often requiring deep-dive analysis into network traffic, application logs, and CA infrastructure.
  • Security Tooling and Integration: Research, evaluate, and integrate modern security tooling related to PKI, hardware security modules (HSMs), and secrets management to enhance the security and efficiency of our operations.
  • Platform Security Team Participation: In addition to core PKI duties, this role involves active participation in the Platform Security team's daily operations, including participating in on-call rotations, security incident response activities, and broader platform-related security projects. This collaboration ensures a cohesive and secure platform foundation.

What You’ll Bring:

  • 3+ years of proven relevant professional experience
  • Strong foundational knowledge of computer security principles
  • In-depth knowledge in PKI concepts, protocols (e.g., OCSP, CRL, SCEP, EST), and certificate management
  • Demonstrated experience with cloud-based PKI services, such as AWS Certificate Manager (ACM)
  • Experience working with HashiCorp Vault is a plus
  • A proactive and enthusiastic approach to learning new technologies
  • Strong communication skills
  • A background in coding/scripting is a plus

Why should you join Recorded Future? Recorded Future employees (or “Futurists”), represent over 40 nationalities and embody our core values of having high standards, practicing inclusion, and acting ethically. Our dedication to empowering clients with intelligence to disrupt adversaries has earned us a 4.6-star user rating on G2 and more than 50% of Fortune 100 companies as customers. Want more info?

Blog & Podcast: Learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligence