PKI/PKE Engineer

Capgemini Government Solutions (CGS) LLC is seeking a PKI/PKE Engineer to support mission‑critical government clients. The ideal candidate will collaborate with a high‑performing team, engage with a broad range of stakeholders, and play a key role in expanding CGS capabilities while continuing to grow their technical and consulting expertise.

PKI/PKE Engineer will be tasked to design, implement, and operate systems that enable secure digital identity and data confidentiality. This role serves as the technical lead for Certificate Authorities (CAs), Hardware Security Modules (HSMs), and the integration of encryption services across enterprise workflows.

Responsibilities

• Architect and maintain multi-tier Certificate Authority hierarchies (Root, Subordinate, and Issuing CAs) using Microsoft ADCS, Entrust, or DigiCert.
• "Enable" applications (Web, Mobile, IoT) to use certificates for S/MIME email encryption, TLS/SSL, and 802.1X network authentication.
• Implement and manage Certificate Lifecycle Management (CLM) tools like Venafi, Keyfactor, or AppViewX to automate renewals and prevent outages
• Manage the physical and logical lifecycle of Hardware Security Modules (HSMs) such as Thales/nCipher or Utimaco.
• Draft and enforce the Certificate Policy (CP) and Certification Practice Statement (CPS) to ensure legal and regulatory compliance (e.g., FIPS 140-2/3).
• Lead the transition to Post-Quantum Cryptography (PQC) algorithms to protect against "harvest now, decrypt later" threats.
• Act as the SME for certificate-related outages, compromised keys, or emergency revocation (CRL/OCSP) procedures.

Requirements

• Minimum of six years of progressive experience in PKI/PKE administration

• Bachelor’s degree in computer science, or a related field.
• Deep understanding of asymmetric/symmetric encryption, hashing algorithms (SHA-256/384), and protocols (OCSP, SCEP, EST, CMP).
• Proficiency in PowerShell, Python, or OpenSSL for automating certificate requests and inventorying.
• Familiarity with X.509, NIST SP 800-53/175, and RFC 5280.

• Ability to obtain Secret level government security clearance / Active clearance preferred
• Ability to obtain CompTIA Security+ / Active certification preferred

About Capgemini

Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem. The Group reported 2024 global revenues of €22.1 billion.

Get The Future You Want | www.capgemini.com

Disclaimer

All qualified applicants will be considered for employment based on their skills, and merit.

Please be aware that Capgemini may capture your image (video or screenshot) during the interview process and that image may be used for verification, including during the hiring and onboarding process.

Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.

Capgemini discloses salary range information in compliance with state and local pay transparency obligations. The disclosed range represents the lowest to highest salary we, in good faith, believe we would pay for this role at the time of this posting, although we may ultimately pay more or less than the disclosed range, and the range may be modified in the future. The disclosed range takes into account the wide range of factors that are considered in making compensation decisions including, but not limited to, geographic location, relevant education, qualifications, certifications, experience, skills, seniority, performance, sales or revenue-based metrics, and business or organizational needs. At Capgemini, it is not typical for an individual to be hired at or near the top of the range for their role. The base salary range for the tagged location is $110k-$135k.

This role may be eligible for other compensation including variable compensation, bonus, or commission. Full time regular employees are eligible for paid time off, medical/dental/vision insurance, 401(k), and any other benefits to eligible employees.

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, or any other form of compensation that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company’s sole discretion, consistent with the law.