Director, PKI Operations
United StatesJob Description
Key Skills Required
Master these to land this role
Want to know if you're a match for this job?
Who we are
DigiCert is a global leader in intelligent trust. We protect the digital world by ensuring the security, privacy, and authenticity of every interaction. Our AI-powered DigiCert ONE platform unifies PKI, DNS, and certificate lifecycle management, to secure infrastructure, software, devices, messages, AI content and agents. Learn why more than 100,000 organizations, including 90% of the Fortune 500, choose DigiCert to stop today’s threats and prepare for a quantum-safe future at www.digicert.com
Job summary
The Director, PKI Operations will lead the strategy, design, and day-to-day operations of DigiCert's Public Key Infrastructure. This role is responsible for ensuring the availability, security, and compliance of DigiCert's certificate authority (CA) infrastructure and related PKI services. The ideal candidate brings deep PKI expertise, strong leadership skills, and a track record of operating mission-critical security infrastructure at scale.
What you will do
- Own and oversee all PKI operations, including CA hierarchy management, HSM administration, and key ceremony execution.
- Lead, mentor, and scale a high-performing PKI operations team across multiple time zones.
- Ensure continuous availability, integrity, and security of DigiCert's CA infrastructure in compliance with WebTrust, CA/Browser Forum Baseline Requirements, and applicable regulations.
- Drive automation and operational efficiency across certificate issuance, revocation, renewal, and monitoring workflows.
- Partner with engineering, compliance, and product teams to support new PKI capabilities and ensure alignment with trust framework standards.
- Lead internal and external PKI audits (WebTrust, ETSI), manage audit readiness, and remediate findings.
- Develop and maintain PKI policies, procedures, Certificate Practices Statements (CPS), and Certificate Policies (CP).
- Define and enforce DR/BCP strategies for all HSM infrastructure.
- Serve as a subject matter expert and escalation point for complex PKI incidents and customer-impacting issues.
What you will have
- 10+ years of experience in PKI, information security, or related infrastructure roles, with 3+ years in a leadership capacity.
- Deep hands-on expertise with CA operations, X.509 certificates, HSMs (e.g., Thales/), OCSP, CRL, and ACME protocols.
- Strong working knowledge of CA/Browser Forum Baseline Requirements, WebTrust for CAs, RFC 5280, and related standards.
- Experience managing PKI audits and interfacing with external auditors.
- Proven ability to lead geographically distributed operations teams in a 24/7 environment.
- Strong communication skills with the ability to translate complex PKI concepts for executive and non-technical audiences.
- Experience with cloud PKI environments (AWS, Azure, GCP) and PKI automation tools is a plus.
Benefits
- Competitive compensation and comprehensive health, dental, and vision coverage
- Retirement savings programs with company matching (401(k) or RRSP)
- Generous paid time off, including holidays, and vacation
- Paid parental leave and family support benefits
- Life and disability coverage
- Flexible spending and health savings options (where applicable)
- Health and wellness support, including gym reimbursement and wellness programs
- Employee Assistance Program with 24/7 confidential support for employees and families
- Education assistance and professional development opportunities
- Access to LinkedIn Learning and continuous learning resources
- Employee referral bonus program and additional company perks and discounts
- Internal rewards and recognition platform (Motivosity) to celebrate and acknowledge project wins, milestone achievements, and the outstanding contributions of our colleagues
- Business travel insurance and global employee support programs
How would you rate this job post?
See what other professionals think about this role.
Safety First
- Never pay for a job application.
- Do not share sensitive bank info.
- Verify the client before starting work.