Senior IT Security Consultant (PKI / TLS Certificates)

As a recruitment company, DCG understands that every business is powered by experienced professionals. Our management style and partnership approach enable us to meet your needs and provide continuous support. Due to our ongoing growth and the large number of recruitment projects we undertake for our partners, we are currently looking for:

Senior IT Security Consultant (PKI / TLS Certificates)

Hybrid work model - 3x per week work from office - Gdynia

Responsibilities:

• Drive and support the implementation of the global industry mandate regarding Client Authentication EKU removal from TLS public certificates

• Implement solutions ensuring proper trust configuration for both inward- and outward-facing services

• Provide communication, support, and training for application teams and other organizational units regarding required certificate changes and best practices

• Conduct discovery of digital certificates used across the organization

• Evaluate both existing internal tools and potential external solutions for certificate discovery

• Analyze discovered certificates to identify types, non-compliances, and potential risks

• Propose remediation actions and improvements to certificate management practices

• Analyze technical environments and assess risks related to certificate lifecycle management

• Plan and coordinate activities to minimize service disruptions

• Review technical solutions and analyze relevant technical data and documentation

• Clearly communicate objectives, technical findings, and recommendations to a wide audience including application teams, technical specialists, and management

• Prepare documentation, presentations, and guidance materials for internal stakeholders

• Collaborate with cross-functional teams to ensure successful implementation of security initiatives

Requirements:

• 5+ years of experience in the IT industry, including hands-on experience in Public Key Infrastructure (PKI) and certificate lifecycle management

• Strong knowledge of Public Key Infrastructure concepts, including certificate lifecycle management and certificate trust models

• Understanding of public and private Certificate Authorities (CA), including trust chains, root certificates, and issuance policies

• Solid understanding of TLS protocol, including TLS handshake and mutual TLS (mTLS) authentication mechanisms

• Good understanding of operating systems and infrastructure components, including networks, certificates, domains, and related security mechanisms

• Strong analytical and problem-solving skills, with the ability to navigate complex technical environments and regulatory requirements

• Ability to assess technical solutions, analyze data files, and identify potential security risks or non-compliances

• Strong planning and organizational skills, with the ability to coordinate activities in order to prevent service disruptions

• Experience in risk assessment and proposing mitigation strategies related to security and infrastructure changes

• Strong communication and presentation skills, with the ability to clearly explain technical concepts to both technical teams and management

• Ability to work independently and collaboratively, with a proactive and solution-oriented mindset

• Very good command of English (oral and written)

Nice to have:

• Knowledge of cryptographic algorithms, key types, and key management systems

Offer:

• Private medical care

• Co-financing for the sports card

• Constant support of dedicated consultant

• Employee referral program