Deadline Date: Monday 5 June 2023
Requirement: PKI/Key Management Design/Implementation Engineer
Location: The Hague, NL
Full time on-site: Yes
Time On-Site: 100%
NATO Grade: A/115
Total Scope of the request (hours): 760
Required Start Date: 17 July 2023
End Contract Date: 30 December 2023
Required Security Clearance: NATO COSMIC TOP SECRET
Duties and Role:
- Responsible for design of PKI components within an enterprise context
- The (technical) documentation of PKI services/components to support the design, implementation and transition phases of the project
- Installation and maintenance of PKI components
- Support the transition of the PKI capability into operations
- The design and implementation of the following:
- PKI system backups and restore
- PKI virtualized infrastructure
- PKI networking components
- PKI hardware infrastructure
- Auto enrolment services; Entrust Admin Services; Entrust REST API (CA Gateway, Certificate Enrolment Gateway)
- RHEL 389 LDAP directory service configuration and maintenance in part of user migration
Requirements
Skill, Knowledge amp; Experience:
- The candidate must have a currently active NATO COSMIC TOP SECRET security clearance
- 5 years extensive experience with PKI System development, design, management.
- Experience in data centre resilience / high availability for PKI systems
- Extensive knowledge of Information security and Cryptography (symmetric and asymmetric encryption, public key infrastructure (PKI) encryption, public key encryption, hash functions, digital signatures, digital certificates).
- Experience with writing, reviewing, and auditing of Certification Practices Statements.
- Knowledge of the principles of computer and communications security, networking, and vulnerabilities of modern operating systems and applications.
- Experience with SQL database administration.
- Experience with NATO Security Accreditation processes.
- Extensive knowledge of modern communication and Internet Protocol (IP) based networking technologies and systems including security aspects.
- Working knowledge of router and switches configuration.
- Practical experience in Windows Servers, RHEL and VMware system administration.
- Extensive experience in operating systems backup and restore.
- Practical experience in scripting (Python, Powershell).
- Practical experience in SSL and TLS.
Desirable Experience:
- NATO Security Policy, Directives, and Guidance (D/48 REV3, NPKI Certificate Policy)
- NATO Change Management processes (CR, ASI, A2SL)
- VMware (VCA, VCP)
- CISCO CCNA
- Microsoft Certified Solution Associate (MCSA).
- Microsoft Certified Solutions Expert (MCSE).
- Experience in development and implementation of computer security policies.