View all jobs

Technical Lead, Certificate and Key Management (CKM)

Brampton, ON


• Partner with team members in information security, network, infrastructure and application support teams to build and operate an effective Certificate Management Solution as aligned to business requirements, technical standards, and security frameworks.

• Lead/recommend overall CKM strategy and roadmap, including, but not limited to: enterprise key and certificate management, the related public key infrastructure, certification authorities (CAs), hardware security modules , and hybrid public/private cloud integration.

• Produce technical solution documents, design/architecture documents, and security design documentation as required to support new, proposed or existing CKM solutions.

• Deliver technical presentations and/or knowledge walkthroughs of existing and proposed systems to various audiences including project team members, peer technology teams and senior management.


• Deep knowledge of encryption algorithms both asymmetric and symmetric, key management and certificate use cases and hands on experience establishing the required infrastructure, technologies, and concepts to enable these.

• Demonstrated experience in building and operating CAs including the security protections, protection of the associated private keys and definition and implementation of Certification Practice Statement and Certificate Policies supporting the CAs and resulting certificates.

• In depth understanding of both PKI and symmetric cryptography, data-at-rest and data-in-transit encryption techniques and methodologies, including database, file, disk encryption, as well as Transport Layer Security (TLS), Secure Shell (SSH), etc.

• Experience in leveraging your analytic and problem-solving skills to associate security/control weaknesses within a technology environment to the risk that is posed to the business.

• Ability to present ideas in a clear and concise manner while tailoring your communication style and messaging to the various audiences

Powered by