girl looking into her desktop
Back to search results

Systems Engineer - Credential Administrator

Addison, Texas;

Job Description:

Come join an exciting team within Global Information Security (GIS)!

Cyber Security Technology (CST) is a globally distributed team responsible for cyber security innovation and architecture, engineering, solutions and capabilities development, cyber resiliency, access management engineering, data strategy, deployment maintenance, technical project management and information technology security control support.

The CST IAE Credential Administrator is responsible for managing, administering and supporting certificates and tokens enterprise wide. The role requires collaboration and cooperation with the PKI Engineering team, most importantly, PKI Governance.

Key Responsibilities:

TLS Certificate Administration (iCA, DigiCert and Entrust)    
•    Review and Process external Certificate requests
•    Revoke Internal and external TLS Certificates; if there is a security event
•    Screen Certificate renewals (verify attestations and approvals) - via Remedy
•    Process bulk revocation requests - via Nexus
•    Domain management - registering in Bank's owned domains w/external CAs
•    Audit remediation in partnership with PKI Governance
•    Validate user experience and process impacts of Venafi updates 
•    24x7 On-call support for production issues


Client Certificate Administration (iCA, DigiCert and Entrust)    
•    Review and process S/MIME, Corporate Customer CA  certificate requests 
•    VPN assistance with cert lock outs or basic troubleshooting via Remedy
•    Revoke Certificates; if there is a security event
•    Monthly and on demand reporting
PKI Collaboration and Code Signing: (CSAS Portal)    
•    Signing ceremony (auditor and/or key holder for PKI CA changes (Addison Only)
•    Perform offline signing w/Corporate Code Signing Certificate for file types
•    Provide support for safe access for PKI team (Addison Only)
•    Alert PKI engineers of system issues encountered by Admin team or customers


Governance and Control 
•    Liaise with PKI Governance on process, policy and documentation
•    Collaborate with PKI Governance on policy application and execution
•    Monitor and enforce proper certificate management w/owners and delegates  
•    Co-author, w/PKI Governance, training materials and documentation
•    Review of PKI audit records to ensure sustainability and compliance
•    Follow PKI business continuity procedures to include disaster recovery
•    Manage vendor routines and contracts (PKI, certificates and tokens) 
•    Manage process risk and controls (PCR) and associated metrics


MFA Administration     
•    Security Code Management Portal (User Guide, requirements, TAR list, testing)
•    SafePass MFA Admin Portal (User Admin., requirements, TAR list, testing)
•    Token inventory management and reporting 
•    Token Admin support with Service Desks (knowledge articles and escalations)
•    Fulfillment of orders; domestic and international
•    Manage bulk order requests (Provisioning, AD updates)
•    Training and support documentation (Users, SPOCs, InfoSafe, Service desks)
•    Maintain documentation repositories (Flagscape, SharePoint and Wiki)

Professional Competencies:
•    Problem solver with strong work ethic
•    Demonstrates high business and technical acumen technical
•    Written/oral communications skills
•    Analytical thinker that understands service and technical support
•    Ability to document, perform and manage operational procedures
•    Understanding of the underlying technology processes and systems 
•    Collaboration and teamwork 
•    Risk Management

Technical Expertise:
•    Knowledge of PKI, Certificates, HSMs, Tokens and associated technologies
•    3-5 years experience with  certificate administration and management 
•    2 years working with Venafi or comparable certificate management system
•    2-5 years of technical support and troubleshooting
•    2-5 years of application support 


 

Job Band:

H5

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

Come join an exciting team within Global Information Security (GIS)!

Cyber Security Technology (CST) is a globally distributed team responsible for cyber security innovation and architecture, engineering, solutions and capabilities development, cyber resiliency, access management engineering, data strategy, deployment maintenance, technical project management and information technology security control support.

The CST IAE Credential Administrator is responsible for managing, administering and supporting certificates and tokens enterprise wide. The role requires collaboration and cooperation with the PKI Engineering team, most importantly, PKI Governance.

Key Responsibilities:

TLS Certificate Administration (iCA, DigiCert and Entrust)    
•    Review and Process external Certificate requests
•    Revoke Internal and external TLS Certificates; if there is a security event
•    Screen Certificate renewals (verify attestations and approvals) - via Remedy
•    Process bulk revocation requests - via Nexus
•    Domain management - registering in Bank's owned domains w/external CAs
•    Audit remediation in partnership with PKI Governance
•    Validate user experience and process impacts of Venafi updates 
•    24x7 On-call support for production issues


Client Certificate Administration (iCA, DigiCert and Entrust)    
•    Review and process S/MIME, Corporate Customer CA  certificate requests 
•    VPN assistance with cert lock outs or basic troubleshooting via Remedy
•    Revoke Certificates; if there is a security event
•    Monthly and on demand reporting
PKI Collaboration and Code Signing: (CSAS Portal)    
•    Signing ceremony (auditor and/or key holder for PKI CA changes (Addison Only)
•    Perform offline signing w/Corporate Code Signing Certificate for file types
•    Provide support for safe access for PKI team (Addison Only)
•    Alert PKI engineers of system issues encountered by Admin team or customers


Governance and Control 
•    Liaise with PKI Governance on process, policy and documentation
•    Collaborate with PKI Governance on policy application and execution
•    Monitor and enforce proper certificate management w/owners and delegates  
•    Co-author, w/PKI Governance, training materials and documentation
•    Review of PKI audit records to ensure sustainability and compliance
•    Follow PKI business continuity procedures to include disaster recovery
•    Manage vendor routines and contracts (PKI, certificates and tokens) 
•    Manage process risk and controls (PCR) and associated metrics


MFA Administration     
•    Security Code Management Portal (User Guide, requirements, TAR list, testing)
•    SafePass MFA Admin Portal (User Admin., requirements, TAR list, testing)
•    Token inventory management and reporting 
•    Token Admin support with Service Desks (knowledge articles and escalations)
•    Fulfillment of orders; domestic and international
•    Manage bulk order requests (Provisioning, AD updates)
•    Training and support documentation (Users, SPOCs, InfoSafe, Service desks)
•    Maintain documentation repositories (Flagscape, SharePoint and Wiki)

Professional Competencies:
•    Problem solver with strong work ethic
•    Demonstrates high business and technical acumen technical
•    Written/oral communications skills
•    Analytical thinker that understands service and technical support
•    Ability to document, perform and manage operational procedures
•    Understanding of the underlying technology processes and systems 
•    Collaboration and teamwork 
•    Risk Management

Technical Expertise:
•    Knowledge of PKI, Certificates, HSMs, Tokens and associated technologies
•    3-5 years experience with  certificate administration and management 
•    2 years working with Venafi or comparable certificate management system
•    2-5 years of technical support and troubleshooting
•    2-5 years of application support 


 

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-21069794

Band: H5

Manages People: No

Travel: Yes, 5% of the time

Manager:

Talent Acquisition Contact:

Adam Waller

Referral Bonus:

0