This position is no longer open for applications

Why Work Here?

At MF Cyber, we understand the critical importance of cybersecurity and the complex challenges that organizations face in establishing and sustaining robust cybersecurity programs. We recognize that cybersecurity incidents can directly and immediately impact revenue and reputation, making it imperative to prioritize comprehensive protection. By gaining a thorough understanding of your enterprise-level requirements, we tailor our approach to address your specific needs. Our scalable model ensures cost-effective and results-driven delivery, taking into consideration budget constraints, timing constraints, and the maturity of your cybersecurity program. With our expertise and commitment to excellence, we are dedicated to helping you navigate the intricacies of cybersecurity and safeguard your organization from threats. Our pillars of expertise are: Cyber Fusion Center (SOC) and Incident Response (IR), Identity and Access Management (IAM), Cyber Strategy and Governance, Risk and Compliance, Architecture, Engineering, and Infrastructure, Cyber and Operational Resilience, focusing on: Advisory & Management Consulting - Our professionals provide executive-level consulting and advisory focused on helping organizations improve performance. We offer external perspective and guidance on roadmaps and how to build and execute on your program. Cybersecurity Innovation Center (CIC) - Explore innovative design in a secure environment before adoption. This cloud-based lab environment serves as a catalyst for the development, innovation and growth of a global, capability-based cybersecurity and risk workforce. Project Resourcing - Our strategic staff augmentation team enables us to rapidly scale project resourcing and provide clients with contract-to-hire services to help build out their teams. Managed Services - Outsourcing the responsibility for building, maintaining, and operating functions in order to execute on programs and operate efficiently internally. 

MorganFranklin's Cybersecurity practice helps clients across the globe to solve their most critical Cybersecurity needs. From consulting and implementation to managed services and project resourcing, we work to safeguard assets by identifying risks, developing, and maturing Cybersecurity programs, and implementing solutions that support and meet business goals. Custom-tailored and business-aligned service offerings include:

• Artificial Intelligence (AI)
• Cyber Fusion Center (CFC)
• Identity and Access Management (IAM)
• Cyber Strategy and GRC
• Architecture, Engineering, and Infrastructure/OT (AEGIS)
• Cyber and Operational Resilience (CORe)

Lead PKI Engineer

About the Role
We are seeking a hands-on, senior PKI Engineer to lead and operate the internal certificate authority for a large, complex global enterprise. This is not a “diagram and whiteboard” role – it’s a sleeves-up position for someone who has spent years building, maintaining, and troubleshooting PKI infrastructure at scale. The environment is mission-critical, supporting thousands of internal applications, services, and systems that rely on strong, reliable certificate-based authentication.

The ideal candidate will have deep expertise in Microsoft Active Directory Certificate Services (ADCS) along with exposure to a range of PKI and certificate lifecycle management platforms. This includes real-world knowledge of X.509 certificate standards, certificate chains, and integration with hardware security modules (HSMs).

Key Responsibilities

• Lead a team of experienced PKI specialists, providing technical direction, guidance, and oversight for daily operations and strategic initiatives.
• Own the day-to-day operation, maintenance, and troubleshooting of a large-scale Microsoft ADCS-based private CA infrastructure.
• Manage the full certificate lifecycle – issuance, renewal, revocation, CRL publishing, and integration with dependent systems.
• Troubleshoot and resolve complex PKI issues in production environments, including chain-of-trust problems, revocation issues, and HSM integration challenges.
• Build, configure, and automate deployment of new ADCS CA instances in isolated or region-specific infrastructures.
• Ensure compliance with organizational and industry security standards for certificate issuance and management.
• Collaborate with infrastructure and security teams on PKI integrations, changes in validity periods, and adoption of emerging standards such as post-quantum cryptography (PQC).

Required Qualifications

• 10+ years of hands-on PKI experience in large enterprise environments, including both design and operations.
• 7+ years managing Microsoft Active Directory Certificate Services (Enterprise and Standalone CAs) in complex, distributed infrastructures.
• Proven experience leading other senior PKI engineers or specialists in high-availability, global environments.
• In-depth understanding of:
  o X.509 certificates, key usage, and extended key usage (EKU)
  o Certificate chain validation and trust anchors
  o CRL and OCSP configuration and troubleshooting
  o Hardware Security Modules (HSM) integration with CA infrastructure
• Experience with additional PKI or certificate lifecycle platform (e.g., Venafi, AppViewX, Keyfactor Command, DigiCert CertCentral, Entrust).
• Strong scripting and automation skills for CA setup, configuration, and lifecycle tasks (e.g., PowerShell, Python).
• Ability to work under pressure in a production incident scenario and quickly identify root cause.
• Excellent communication skills to collaborate with senior technical staff, leadership, and cross-functional teams.

Preferred Qualifications

• Experience with PKI operations in multiple regions, including isolated or regulated environments (e.g., China, Hong Kong).
• Familiarity with certificate usage in application authentication, TLS/SSL termination, and code signing.
• Exposure to PQC readiness efforts and shortened validity period transitions.
• Microsoft certification in security or infrastructure (e.g., MCSE, Microsoft Certified: Security Operations Analyst Associate).
  

Why Join Us:

• Opportunity to make a significant impact in a dynamic and growing company.
• Collaborative and inclusive work environment.

MorganFranklin Cyber is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

Perks:

• Unmatched career growth opportunities.
• Work with top leaders in the Cybersecurity field.
• A flexible, independent work environment to excel.

MF Cyber, LLC is privately held, founder-led and operated with majority ownership by M/C Partners. M/C Partners in Boston, Massachusetts based private equity firm that has been investing in the IT services and communications industries for over three decades. Since inception in 1986, M/C Partners has raised over $3.0 billion of institutional equity in more than 150 businesses. M/C takes a long-term view towards its investments and has established a strong track record of partnering with management teams to build companies. They are one of the more experienced investors in the technology services industry and have completed dozens of investments in technology services and consulting organizations, including several with specializations in cybersecurity.

This is an employment opportunity aligned to MorganFranklin's cybersecurity offering (MF Cyber LLC, “MorganFranklin Cyber").