Microsoft Active Directory Public Key Infrastructure Expert

at MetroSys, Inc.
  • Remote - Worldwide

Remote

Cybersecurity

Senior

Job description

Position Summary:

We are seeking a Microsoft Active Directory Public Key Infrastructure (AD PKI) Expert for a short-term engagement to conduct a deep-dive discovery, analysis, and review of our existing PKI environment. The consultant will provide a detailed report on the current state, along with recommendations and options for migration, separation, and alternative on-premises or cloud-based architectures.

Key Responsibilities:

  • Deep-Dive PKI Discovery & Assessment:

    • Conduct a thorough review of the existing AD PKI infrastructure, including Certificate Authorities (CAs), Certificate Templates, CRL distribution, and Auto-Enrollment policies.
    • Analyze dependencies, security configurations, and compliance gaps.
    • Evaluate PKI integration with Active Directory, network services, and enterprise applications.

  • Analysis & Reporting:

    • Provide a detailed assessment report outlining the current PKI architecture, strengths, weaknesses, and risks.
    • Identify potential issues, security vulnerabilities, and areas for improvement.
    • Offer guidance on best practices for PKI security hardening and lifecycle management.

  • Migration & Separation Strategy:

    • Provide expert recommendations on PKI migration and separation strategies, considering:
      • Splitting PKI environments for multiple organizations or business units.
      • Migrating from on-premises to cloud-based PKI solutions (e.g., Microsoft Intune SCEP, AWS Private CA, or Azure Key Vault).
      • Transitioning from legacy PKI to a modern, scalable architecture.
    • Assess the impact of moving to cloud-native, hybrid, or third-party PKI solutions.

  • Future-State Architecture & Roadmap:

    • Design and present high-level architecture options tailored to business requirements.
    • Provide recommendations for governance, automation, and certificate lifecycle management.
    • Suggest enhancements for security, compliance, and resilience (e.g., HSM integration, CRL optimization, OCSP setup).

Qualifications & Skills:

  • Expert-level knowledge of Microsoft AD Certificate Services (AD CS), PKI design, implementation, and security best practices.
  • Experience with certificate lifecycle management, HSMs, and enterprise PKI solutions.
  • Strong understanding of certificate-based authentication, encryption, and digital signatures.
  • Hands-on experience in PKI migrations, separation strategies, and hybrid cloud PKI deployments.
  • Familiarity with cloud-based PKI alternatives, such as Microsoft Intune SCEP, AWS Private CA, or Azure Key Vault.
  • Experience with PowerShell scripting for automation of PKI-related tasks.
  • Knowledge of compliance frameworks (NIST, CIS, ISO 27001) and PKI security hardening techniques.
  • Relevant certifications (preferred): Microsoft Certified: Identity and Access Administrator, CISSP, CISM, or other security-related certifications.
Share this job:
Please let MetroSys, Inc. know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

MetroSys, Inc. logo

MetroSys, Inc.

  • 13 remote jobs

Latest Jobs at MetroSys, Inc.

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply