PKI Governance and Configuration Manager

• Oversee the integrity, security, and compliance of Department of State’s PKI and Credential hosting systems.
• Manage the governance lifecycle for multiple PKI systems and Credential Hosting environments, including enforcing adherence to Certificate Policy (CP) and Certification Practice Statements (CPS).
• Lead all NIST SP 800-53 security compliance assessments and maintain comprehensive security artifacts (SSP, SAR, POA&M, etc.).
• Manage the FedRAMP certification process for SaaS offerings and ensure continuous monitoring to maintain Authority to Operate (ATO).
• Establish and manage configuration management baselines and lead the Change Advisory Board (CAB) to evaluate security impacts of system modifications.
• Coordinate security posture synchronization across Unclassified (NIPR), Classified (SIPR), and Cloud/SaaS environments and ensure seamless identity management and credential interoperability.

• Bachelor’s degree with at least 9 years of experience, or Master’s degree with at least 7 years of experience; additional experience may be considered in lieu of degree.
• 8+ years in cybersecurity, with at least 5 years focused on PKI and Federal Governance (GRC).
• Deep understanding of X.509 certificates, HSMs, CRLs, and OCSP.
• Mastery of NIST SP 800-53, NIST SP 800-37 (RMF), FIPS 140-2/3, NIST SP 800-157 (Rev-1), NIST SP 800-63, and FedRAMP Moderate/High standards.
• Proven experience leading systems through the full Assessment and Authorization (A&A) process for ATO.
• Certifications such as CISSP, CISM, GSLC, ITIL, PMP, or specialized PKI certifications are preferred.
• Proficiency in Identity Systems (Active Directory Certificate Services, Entrust, EJBCA), Cloud Security (FedRAMP OSCAL, AWS/Azure Government Cloud controls), and tools like STIG Viewer, SCAP Compliance Checker, Nessus/ACAS, JIRA for configuration management.

Ref: #851-Rockville-S1