We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Microsoft Active Directory Public Key Infrastructure (AD PKI) Expert at MetroSys. Location Information: USA. Position Summary:. We are seeking a . Microsoft Active Directory Public Key Infrastructure (AD PKI) Expert. for a short-term engagement to conduct a . deep-dive discovery, analysis, and review. of our existing . PKI environment. . The consultant will provide a detailed . report on the current state. , along with . recommendations and options. for . migration, separation, and alternative on-premises or cloud-based architectures. .. Key Responsibilities:. Deep-Dive PKI Discovery & Assessment:. Conduct a . thorough review of the existing AD PKI infrastructure. , including . Certificate Authorities (CAs), Certificate Templates, CRL distribution, and Auto-Enrollment policies. .. Analyze . dependencies, security configurations, and compliance gaps. .. Evaluate . PKI integration with Active Directory, network services, and enterprise applications. .. Analysis & Reporting:. Provide a . detailed assessment report. outlining the . current PKI architecture, strengths, weaknesses, and risks. .. Identify . potential issues, security vulnerabilities, and areas for improvement. .. Offer . guidance on best practices for PKI security hardening and lifecycle management. .. Migration & Separation Strategy:. Provide expert recommendations on . PKI migration and separation strategies. , considering:. Splitting PKI environments. for multiple organizations or business units.. Migrating from on-premises to cloud-based PKI solutions. (e.g., Microsoft Intune SCEP, AWS Private CA, or Azure Key Vault).. Transitioning from legacy PKI to a modern, scalable architecture. .. Assess the impact of . moving to cloud-native, hybrid, or third-party PKI solutions. .. Future-State Architecture & Roadmap:. Design and present . high-level architecture options. tailored to business requirements.. Provide . recommendations for governance, automation, and certificate lifecycle management. .. Suggest . enhancements for security, compliance, and resilience. (e.g., HSM integration, CRL optimization, OCSP setup).. Qualifications & Skills:. Expert-level knowledge of Microsoft AD Certificate Services (AD CS), PKI design, implementation, and security best practices. .. Experience with . certificate lifecycle management, HSMs, and enterprise PKI solutions. .. Strong understanding of certificate-based authentication, encryption, and digital signatures. .. Hands-on experience in . PKI migrations, separation strategies, and hybrid cloud PKI deployments. .. Familiarity with . cloud-based PKI alternatives. , such as . Microsoft Intune SCEP, AWS Private CA, or Azure Key Vault. .. Experience with . PowerShell scripting for automation. of PKI-related tasks.. Knowledge of . compliance frameworks (NIST, CIS, ISO 27001) and PKI security hardening techniques. .. Relevant certifications (preferred): . Microsoft Certified: Identity and Access Administrator, CISSP, CISM, or other security-related certifications. .