Systems Engineer - Credential Administrator

Bank Of America
Charlotte, NC
24 Nov 2024

Vacancy expired!

Job Description:

Come join an exciting team within Global Information Security (GIS)!

Cyber Security Technology (CST) is a globally distributed team responsible for cyber security innovation and architecture, engineering, solutions and capabilities development, cyber resiliency, access management engineering, data strategy, deployment maintenance, technical project management and information technology security control support.

The CST IAE Credential Administrator is responsible for managing, administering and supporting certificates and tokens enterprise wide. The role requires collaboration and cooperation with the PKI Engineering team, most importantly, PKI Governance.

Key Responsibilities:

TLS Certificate Administration (iCA, DigiCert and Entrust) • Review and Process external Certificate requests• Revoke Internal and external TLS Certificates; if there is a security event• Screen Certificate renewals (verify attestations and approvals) - via Remedy• Process bulk revocation requests - via Nexus• Domain management - registering in Bank's owned domains w/external CAs• Audit remediation in partnership with PKI Governance• Validate user experience and process impacts of Venafi updates• 24x7 On-call support for production issues

Client Certificate Administration (iCA, DigiCert and Entrust) • Review and process S/MIME, Corporate Customer CA certificate requests• VPN assistance with cert lock outs or basic troubleshooting via Remedy• Revoke Certificates; if there is a security event• Monthly and on demand reportingPKI Collaboration and Code Signing: (CSAS Portal) • Signing ceremony (auditor and/or key holder for PKI CA changes (Addison Only)• Perform offline signing w/Corporate Code Signing Certificate for file types• Provide support for safe access for PKI team (Addison Only)• Alert PKI engineers of system issues encountered by Admin team or customers

Governance and Control• Liaise with PKI Governance on process, policy and documentation• Collaborate with PKI Governance on policy application and execution• Monitor and enforce proper certificate management w/owners and delegates • Co-author, w/PKI Governance, training materials and documentation• Review of PKI audit records to ensure sustainability and compliance• Follow PKI business continuity procedures to include disaster recovery• Manage vendor routines and contracts (PKI, certificates and tokens)• Manage process risk and controls (PCR) and associated metrics

MFA Administration • Security Code Management Portal (User Guide, requirements, TAR list, testing)• SafePass MFA Admin Portal (User Admin., requirements, TAR list, testing)• Token inventory management and reporting• Token Admin support with Service Desks (knowledge articles and escalations)• Fulfillment of orders; domestic and international• Manage bulk order requests (Provisioning, AD updates)• Training and support documentation (Users, SPOCs, InfoSafe, Service desks)• Maintain documentation repositories (Flagscape, SharePoint and Wiki)

Professional Competencies:• Problem solver with strong work ethic• Demonstrates high business and technical acumen technical• Written/oral communications skills• Analytical thinker that understands service and technical support• Ability to document, perform and manage operational procedures• Understanding of the underlying technology processes and systems• Collaboration and teamwork• Risk Management

Technical Expertise:• Knowledge of PKI, Certificates, HSMs, Tokens and associated technologies• 3-5 years experience with certificate administration and management• 2 years working with Venafi or comparable certificate management system• 2-5 years of technical support and troubleshooting• 2-5 years of application support

Job Band:H5

Shift:1st shift (United States of America)

Hours Per Week:40

Weekly Schedule:

Referral Bonus Amount:0 >

Job Description:

Come join an exciting team within Global Information Security (GIS)!

Cyber Security Technology (CST) is a globally distributed team responsible for cyber security innovation and architecture, engineering, solutions and capabilities development, cyber resiliency, access management engineering, data strategy, deployment maintenance, technical project management and information technology security control support.

The CST IAE Credential Administrator is responsible for managing, administering and supporting certificates and tokens enterprise wide. The role requires collaboration and cooperation with the PKI Engineering team, most importantly, PKI Governance.

Key Responsibilities:

TLS Certificate Administration (iCA, DigiCert and Entrust) • Review and Process external Certificate requests• Revoke Internal and external TLS Certificates; if there is a security event• Screen Certificate renewals (verify attestations and approvals) - via Remedy• Process bulk revocation requests - via Nexus• Domain management - registering in Bank's owned domains w/external CAs• Audit remediation in partnership with PKI Governance• Validate user experience and process impacts of Venafi updates• 24x7 On-call support for production issues

Client Certificate Administration (iCA, DigiCert and Entrust) • Review and process S/MIME, Corporate Customer CA certificate requests• VPN assistance with cert lock outs or basic troubleshooting via Remedy• Revoke Certificates; if there is a security event• Monthly and on demand reportingPKI Collaboration and Code Signing: (CSAS Portal) • Signing ceremony (auditor and/or key holder for PKI CA changes (Addison Only)• Perform offline signing w/Corporate Code Signing Certificate for file types• Provide support for safe access for PKI team (Addison Only)• Alert PKI engineers of system issues encountered by Admin team or customers

Governance and Control• Liaise with PKI Governance on process, policy and documentation• Collaborate with PKI Governance on policy application and execution• Monitor and enforce proper certificate management w/owners and delegates • Co-author, w/PKI Governance, training materials and documentation• Review of PKI audit records to ensure sustainability and compliance• Follow PKI business continuity procedures to include disaster recovery• Manage vendor routines and contracts (PKI, certificates and tokens)• Manage process risk and controls (PCR) and associated metrics

MFA Administration • Security Code Management Portal (User Guide, requirements, TAR list, testing)• SafePass MFA Admin Portal (User Admin., requirements, TAR list, testing)• Token inventory management and reporting• Token Admin support with Service Desks (knowledge articles and escalations)• Fulfillment of orders; domestic and international• Manage bulk order requests (Provisioning, AD updates)• Training and support documentation (Users, SPOCs, InfoSafe, Service desks)• Maintain documentation repositories (Flagscape, SharePoint and Wiki)

Professional Competencies:• Problem solver with strong work ethic• Demonstrates high business and technical acumen technical• Written/oral communications skills• Analytical thinker that understands service and technical support• Ability to document, perform and manage operational procedures• Understanding of the underlying technology processes and systems• Collaboration and teamwork• Risk Management

Technical Expertise:• Knowledge of PKI, Certificates, HSMs, Tokens and associated technologies• 3-5 years experience with certificate administration and management• 2 years working with Venafi or comparable certificate management system• 2-5 years of technical support and troubleshooting• 2-5 years of application support

Job Band:H5

Shift:1st shift (United States of America)

Hours Per Week:40

Weekly Schedule:

Referral Bonus Amount:0

Job Description:

Come join an exciting team within Global Information Security (GIS)!

Cyber Security Technology (CST) is a globally distributed team responsible for cyber security innovation and architecture, engineering, solutions and capabilities development, cyber resiliency, access management engineering, data strategy, deployment maintenance, technical project management and information technology security control support.

The CST IAE Credential Administrator is responsible for managing, administering and supporting certificates and tokens enterprise wide. The role requires collaboration and cooperation with the PKI Engineering team, most importantly, PKI Governance.

Key Responsibilities:

TLS Certificate Administration (iCA, DigiCert and Entrust) • Review and Process external Certificate requests• Revoke Internal and external TLS Certificates; if there is a security event• Screen Certificate renewals (verify attestations and approvals) - via Remedy• Process bulk revocation requests - via Nexus• Domain management - registering in Bank's owned domains w/external CAs• Audit remediation in partnership with PKI Governance• Validate user experience and process impacts of Venafi updates• 24x7 On-call support for production issues

Client Certificate Administration (iCA, DigiCert and Entrust) • Review and process S/MIME, Corporate Customer CA certificate requests• VPN assistance with cert lock outs or basic troubleshooting via Remedy• Revoke Certificates; if there is a security event• Monthly and on demand reportingPKI Collaboration and Code Signing: (CSAS Portal) • Signing ceremony (auditor and/or key holder for PKI CA changes (Addison Only)• Perform offline signing w/Corporate Code Signing Certificate for file types• Provide support for safe access for PKI team (Addison Only)• Alert PKI engineers of system issues encountered by Admin team or customers

Governance and Control• Liaise with PKI Governance on process, policy and documentation• Collaborate with PKI Governance on policy application and execution• Monitor and enforce proper certificate management w/owners and delegates • Co-author, w/PKI Governance, training materials and documentation• Review of PKI audit records to ensure sustainability and compliance• Follow PKI business continuity procedures to include disaster recovery• Manage vendor routines and contracts (PKI, certificates and tokens)• Manage process risk and controls (PCR) and associated metrics

MFA Administration • Security Code Management Portal (User Guide, requirements, TAR list, testing)• SafePass MFA Admin Portal (User Admin., requirements, TAR list, testing)• Token inventory management and reporting• Token Admin support with Service Desks (knowledge articles and escalations)• Fulfillment of orders; domestic and international• Manage bulk order requests (Provisioning, AD updates)• Training and support documentation (Users, SPOCs, InfoSafe, Service desks)• Maintain documentation repositories (Flagscape, SharePoint and Wiki)

Professional Competencies:• Problem solver with strong work ethic• Demonstrates high business and technical acumen technical• Written/oral communications skills• Analytical thinker that understands service and technical support• Ability to document, perform and manage operational procedures• Understanding of the underlying technology processes and systems• Collaboration and teamwork• Risk Management

Technical Expertise:• Knowledge of PKI, Certificates, HSMs, Tokens and associated technologies• 3-5 years experience with certificate administration and management• 2 years working with Venafi or comparable certificate management system• 2-5 years of technical support and troubleshooting• 2-5 years of application support

Shift:1st shift (United States of America)

Hours Per Week:40

Learn more about this role
  • ID: #23376332
  • State: North Carolina Charlotte 28201 Charlotte USA
  • City: Charlotte
  • Salary: USD TBD TBD
  • Job type: Permanent
  • Showed: 2021-11-24
  • Deadline: 2022-01-22
  • Category: Security