PKI Architect Basingstoke Exciting opportunity for a skilled technician with excellent interpersonal skills who is able to learn and adapt to work across both legacy and new technologies as part of a live system transitioned programme. + Design and architect enterprise-grade PKI solutions (including internal/external CA, OCSP, CRL, HSM integration). + Develop and enforce policies, standards, and procedures for digital certificate lifecycle management. + Implement and maintain Certificate Authorities (CAs), Registration Authorities (RAs), and associated infrastructure. + Ensure secure deployment and configuration of PKI across enterprise systems, endpoints, applications, and devices (including IoT and mobile). + Collaborate with IDAM, DevOps, and cloud security teams to integrate PKI with broader identity and security architectures. + Provide technical leadership in incident response and troubleshooting related to certificates and encryption. + Stay current with industry standards, compliance requirements (e.g., NIST, FIPS, ISO 27001), and emerging cryptographic technologies (e.g., quantum-safe cryptography) + Document when required all architectures, policies, procedures, and system configurations related to PKI. + Provide mentoring and knowledge transfer to junior members of the team and other stakeholders. **Required Qualifications:** + Degree in computer science, Information Security, or a related field. + Significant years of experience in IT Security or Infrastructure with at least 3 years in PKI architecture and management. + Deep knowledge of PKI components: CAs, HSMs, OCSP, CRLs, SCEP, etc. + Hands-on experience with tools such as Microsoft ADCS, Thales HSM’s (Luna etc ), DigiCert, OpenSSL. + Familiarity with certificate usage in TLS, S/MIME, code signing, document signing, VPN, smart cards, and secure email. + Understanding of encryption algorithms (RSA, ECC, AES), hash functions (SHA-2, SHA-3), and key management practices. + Experience in designing secure architectures in hybrid or cloud environments (e.g., AWS, Azure). + Knowledge of compliance and regulatory standards such as PCI DSS, HIPAA, SOX, GDPR, NIST 800-53. **Preferred Qualifications:** + Certifications: CISSP, CISM, CEH, GIAC, Microsoft Certified: Identity and Access, or other IDAM equivalent Technologies. + Experience with Zero Trust Architecture and Identity Federation. + Exposure to quantum-safe cryptography principles and roadmaps (Not Essential) **Soft Skills:** + Strong analytical, problem-solving and communication skills. + Ability to manage competing priorities in a fast-paced environment. + Team player with the ability to lead cross-functional teams. **Please note:** It’s still worth applying even if you do not meet all the requirements above. We are passionate about investing in you and your career and if you have the transferable skills/ background with PKI and the ability to obtain a high level of UK Security clearance this could be the next opportunity for you. **Achieve together** **We are recognised as a responsible and inclusive employer:** Not only are we a certified Disability Confident Leader, a Times Top 50 employer for Gender Equality, a Top 75 employer for Social Mobility, accredited with the Living Wage Foundation and a signatory for the Race at Work Charter, but we are also committed to the United Nations standards for LGBTI+ and a Stonewall Top 100 Employer. **We are people centric:** Our work environments enable you to **Be Completely You.** Our active people-led Inclusive Community networks are representative of all aspects of diversity and are instrumental in enabling and supporting our innovative approach to inclusion. **\#LifeAtFujitsu** \#DNS \#Purple **Requisition ID** : 30186