PKI Engineer/Architect

Req Id: 107974

City: Chennai

State/Province: Tamil Nadu

Posting Start Date: 10/31/25

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients' most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com.

Job Description:

Job Description

Role Purpose

The purpose of this role is to design the organisation's computer and network security infrastructure and protect its systems and sensitive information from cyber threats

Key Responsibilities

• Lead the infrastructure protection strategy to create, evolve, and secure internal PKI and credential management security strategy.
• Design, implement, and operate enterprise-grade PKI solutions, including internal and external Certificate Authorities (CAs), Hardware Security Modules (HSMs), and certificate lifecycle management platforms.
• Create design components, develop code, and test changes using test-driven development methodologies.
• Provide subject matter expertise in resolving complex problems related to PKI environment.
• Manage, secure, engineer and provide governance for key and certificate management services, including robust, enterprise-grade PKI, certificate lifecycle management (CLCM), infrastructure automation and credential management (CMS) systems.
• Implement and maintain automated certificate renewal programs; capture use-cases for certificate revocation, enrollment & renewal processes.
• Monitor creation of encryption keys to ensure protection against modification and unauthorized disclosure.
• Define Trust Strategies and understand security and governance requirements for Certification Authorities.
• Architect and manage internal PKI infrastructure including CA, RA, CRL, OCSP, and HSM integrations.
• Design and implement certificate lifecycle automation using ACME protocols, scripting (e.g., PowerShell, Python), and enterprise CLM tools.
• Install and manage certificates across platforms: Windows, Linux/Unix, Apache, Tomcat, Java Keystore, F5, Azure Key Vault.
• Implement digital certificate policies aligned with X.509 standards and CA/Browser Forum baseline requirements.
• Develop and maintain Certificate Policy and Certificate Practice Statements (CP/CPS).
• Provide PKI support for application integrations, including TLS/SSL, S/MIME, 802.1x, Smartcards, and Code Signing.
• Collaborate with IAM, Infrastructure, Security, and Application teams to integrate PKI into broader identity solutions.
• Contribute to change management and documentation using ITSM tools (ServiceNow, Remedy).
• Maintain high availability and disaster recovery readiness for PKI infrastructure.
• Track and report on PKI service metrics, SLAs, KPIs, and KRIs to ensure operational excellence.
• Develop and maintain SOPs, technical documentation, and training materials.

Preferred Skills

• Strong technical knowledge of enterprise PKI operations, cryptographic algorithms (symmetric/asymmetric), digital signatures, with strong understanding of compliance, auditing, and key management.
• Microsoft certifications (e.g., Azure Security Engineer, MCSA).
• Knowledge of CA/B Forum, RFC 5280, RFC 6960 (OCSP).
• Familiarity with containerized environments and Kubernetes certificate management.
• Experience with Active Directory Certificate Services, GlobalSign, Sectigo, DigiCert, Keyfactor, OpenSSL, or other certificate management platforms. Understanding of OCSP, CA, RA, CRL, and BYOK configurations.
• Comprehensive understanding of the PKI/HSM ecosystem, including technology, standards, implementations, and migration strategies.

i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives

ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture

iii. Depending on the client's need with particular standards and technology stacks create complete RFPs

iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology

v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions

vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps

vii. Evaluate and recommend solutions to integrate with overall technology ecosystem

viii. Tracks industry and application trends and relates these to planning current and future IT needs

2. Stakeholder coordination & audit assistance

a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations

b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security

c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements

d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers

e. Provide training to employees on issues such as spam and unwanted or malicious emails

Deliver
No Performance Parameter Measure 1 Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience, CSAT, educating and suggesting right control to the customers. 2 Support sales team to create wins % of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), no. of proposals led

Mandatory Skills: PKI - Certificate Management .

Experience: 8-10 Years .

Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention.

Client-provided location(s): Chennai, India

Job ID: Wipro-107974

Employment Type: OTHER

Posted: 2025-11-08T18:39:47