Pki Engineer (eu Based, Remote Consulting)

About the Role We are seeking a PKI Engineer with specialized expertise in Sectigo to design and implement secure certificate automation and distribution workflows. This role focuses on API-level integration between Sectigo and Microsoft Intune, ensuring seamless certificate enrollment, signing, storage, and deployment across enterprise environments. Key Responsibilities Develop and implement an API-based workflow for certificate lifecycle automation: Generate certificate signing requests (CSR). Submit signing requests via Sectigo API. Retrieve signed certificates and securely handle private keys. Integrate Sectigo → Intune → Private Key Storage to automate distribution. Configure and optimize the Intune Connector on Windows VM for certificate export and deployment. Ensure one-certificate-per-user model with automated distribution across multiple use cases. Replace manual enrollment/renewal workflows (form-based and annual renewals) with automated provisioning. Document technical workflows, API integration steps, and operational processes. Collaborate with client teams to align PKI automation with enterprise policies and security requirements. Qualifications/Requirements Strong background in PKI engineering with demonstrated Sectigo Certificate Manager expertise. Proven experience with API development and integration (REST/JSON, secure authentication/authorization). Hands-on experience with Microsoft Intune for certificate provisioning and endpoint distribution. Knowledge of secure private key handling, storage, and export mechanisms. Experience troubleshooting certificate enrollment and distribution issues in enterprise environments. Strong documentation and communication skills for both technical and stakeholder audiences. Technologies Used in This Role Sectigo Certificate Manager APIs Microsoft Intune & Intune Connector (Windows VM) Private Key Storage solutions (HSM/KMS or equivalent) REST APIs, JSON, OAuth2/JWT Scripting/automation languages (PowerShell, Python, etc.) Bonus Points For Sectigo or PKI-related certifications. Microsoft Intune or Endpoint Manager certifications. Experience designing user certificate lifecycle automation in hybrid enterprise environments. Familiarity with secure key escrow, recovery, or auditing practices. Prior consulting experience implementing PKI integrations at scale.