Capital Technology Group Logo

Capital Technology Group

Public Key Infrastructure (PKI) Architect

Posted 19 Days Ago
Be an Early Applicant
Remote
Hiring Remotely in US
110K-150K Annually
Mid level
Remote
Hiring Remotely in US
110K-150K Annually
Mid level
Design, implement, and modernize enterprise PKI and identity trust services for federal systems. Build cloud-native solutions (AWS/Azure), automate certificate lifecycle and deployments, support DevSecOps, ensure compliance with FIPS/NIST/FISMA and Zero Trust, and monitor and optimize platform security and performance.
The summary above was generated by AI

Capital Technology Group provides expert consulting services software development, digital transformation, human-centered design, data analytics and visualization, and cybersecurity. 

Our multidisciplinary teams use agile methodologies to rapidly and incrementally deliver value in close collaboration with our clients. For over a decade, we have been trusted by both federal and commercial clients to solve complex, mission-critical business challenges. The quality of our work has been recognized by our partners and peers through our inclusion in the Digital Services Coalition, a group of forward- thinking firms recognized for excellence in delivering IT services.

Client Requirements: applicants MUST BE US Citizens and be able to obtain Public Trust clearance

The CTG Experience

At Capital Technology Group (CTG), our teams are passionate about modernizing how the federal government delivers software. We partner with federal agencies to build secure, scalable, and mission-driven solutions that make a meaningful impact on millions of people. Recognized as a 2025 Top Workplace by The Washington Post, CTG fosters a culture rooted in our core values. Our values guide how we work together and support one another, creating an environment where employees feel trusted, empowered, and encouraged to grow both personally and professionally.

About the Role

CTG is seeking a PKI Architect to design, implement, and modernize enterprise Public Key Infrastructure (PKI) and identity trust services supporting mission-critical federal systems. This role is ideal for a senior technical architect with deep expertise in cryptographic systems, identity security, and scalable infrastructure design across complex, highly secure environments.

You Will Get To
  • Design, implement, and evolve PKI architectures that enable secure authentication and Zero Trust initiatives
  • Build and support cloud-native solutions across AWS and Azure environments.
  • Automate infrastructure, deployments, and operational processes using Ansible and CI/CD pipelines.
  • Partner with security and engineering teams to implement DevSecOps practices and secure software delivery.
  • Support compliance initiatives aligned with FIPS, NIST 800-53, FISMA, and Zero Trust Architecture principles.
  • Monitor, troubleshoot, and optimize application and platform performance using security and observability tools.
Who You Are
  • A collaborative engineer who enjoys solving complex technical and security challenges.
  • Passionate about building scalable, secure, and reliable cloud-based solutions.
  • Comfortable working across application development, cloud infrastructure, identity, and security domains.
  • Skilled at balancing technical innovation with operational excellence and compliance requirements.
  • An effective communicator who can work with cross-functional teams and stakeholders.
Qualifications
  • Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, Engineering, Mathematics, or a related technical field (or equivalent experience)
  • 4+ years of professional experience in PKI architecting, cybersecurity engineering, identity and access management (IAM), infrastructure/security architecture, or enterprise platform engineering (not limited to application development)
  • Experience designing and supporting PKI solutions in FICAM and Federal PKI (FPKI) environments.
  • Experience with X.509 certificate lifecycle management, automation, and policy development.
  • Knowledge of X.509 certificate policies and CA/Browser Forum standards.
  • Experience implementing certificate automation using ACME.
  • Experience with Hardware Security Modules (HSMs) and cryptographic key management.
  • Familiarity with Post-Quantum Cryptography (PQC) concepts and migration strategies.
  • Experience with PKI platforms including DigiCert, Entrust, Microsoft AD CS, and Let's Encrypt.
  • Experience supporting CAC/PIV smart cards, server, code-signing, and S/MIME certificates, including certificate trust chains and validation.
  • Experience with cloud platforms such as AWS and/or Azure.
  • Familiarity with DevSecOps practices, CI/CD pipelines, and source control platforms such as GitHub Enterprise.
  • Understanding of security frameworks and standards including NIST, FISMA, FIPS, and Zero Trust principles.
Nice to Have
  • Experience using Docker and Kubernetes.
  • Experience with Shibboleth, CyberArk, or HashiCorp Vault.
  • Experience with Splunk, Tenable, Checkmarx, SonarQube, or related security tooling.
  • Experience with STIG hardening, vulnerability management, or compliance programs.
  • Familiarity with PIV authentication and identity governance solutions.
  • Experience supporting highly regulated environments, including federal or public sector organizations.
  • Relevant cloud, security, or architecture certifications.
Client Requirements
  • Applicants must be U.S. Citizens
  • Ability to obtain a Public Trust clearance
Salary

We are committed to offering a competitive salary for this position, with an estimated range of $110,000 to $150,000 annually. Please note that this range is intended to provide a general idea of what to expect. The final offer may vary based on experience, skills, and other factors.

Full Time Employee Benefits
  • Remote Work (Hybrid roles will be specified in the job post)
  • Competitive Compensation Package
  • Medical, Dental, and Vision
  • Life Insurance, Short/Long Term Disability
  • Employee Assistance Program
  • 401(k) with 4% matching
  • Liberal PTO vacation policy
  • Generous Annual Continuing Education
  • Annual Wellness Budget
  • Bonus Incentive Programs (Employee referrals and performance-based rewards)

Thanks for your interest in Capital Technology Group!

Capital Technology Group is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.


Similar Jobs

38 Minutes Ago
In-Office or Remote
189K-260K Annually
Expert/Leader
189K-260K Annually
Expert/Leader
Aerospace • Hardware • Information Technology • Robotics • Defense • Utilities
Lead enterprise-level business development for National Security Space: set strategy, oversee major pursuits and partnerships, direct capture and proposal efforts, manage subordinate BD leaders, ensure financial performance and value creation, and engage executive government and industry stakeholders to grow revenue and market position.
Top Skills: CasCpafCpffDfarsFarFfpLevel-Of-EffortOta
41 Minutes Ago
Easy Apply
Remote or Hybrid
USA
Easy Apply
109K-155K Annually
Senior level
109K-155K Annually
Senior level
Cloud • Information Technology • Security • Software • Cybersecurity
Lead end-to-end ServiceNow HRSD and WSD projects: gather requirements, design scalable solutions, perform no-code/low-code configurations (Flow Designer, HR services, notifications), coordinate IT and business stakeholders, develop test plans, and use data analysis to identify, prioritize, and resolve system issues and enhancements.
Top Skills: Flow DesignerHrisNow AssistServicenow Hr Agent WorkspaceServicenow HrsdServicenow WsdWorkplace Suite
42 Minutes Ago
Easy Apply
Remote or Hybrid
Texas, USA
Easy Apply
97K-138K Annually
Mid level
97K-138K Annually
Mid level
Cloud • Information Technology • Security • Software • Cybersecurity
Sell Zscaler cloud security to State, Local, and Education (SLED) accounts in Texas. Build C-suite relationships, develop long-term account strategies, collaborate with internal teams, act as a trusted advisor, and drive new logo acquisition and revenue attainment.
Top Skills: AICloudZero TrustZscaler Zero Trust Exchange

What you need to know about the Colorado Tech Scene

With a business-friendly climate and research universities like CU Boulder and Colorado State, Colorado has made a name for itself as a startup ecosystem. The state boasts a skilled workforce and high quality of life thanks to its affordable housing, vibrant cultural scene and unparalleled opportunities for outdoor recreation. Colorado is also home to the National Renewable Energy Laboratory, helping cement its status as a hub for renewable energy innovation.

Key Facts About Colorado Tech

  • Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
  • Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
  • Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
  • Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
  • Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account