ZetesConfidens is part of Zetes People ID, the division of the Zetes Group specialised in the identification and authentication of people, including the production and personalisation of highly secure documents. ZetesConfidens is an operational business unit which provides certificate services and trust services for governments, the financial sector and private organisations. ZetesConfidens qualifies as a Trust Services Provider as defined under the eIDAS regulation.

To support its future development, ZetesConfidens is looking for a                                          

PKI ADMINISTRATOR

Context

You will be the leader of the specialist team that is responsible for a new ICT infrastructure for the mission critical cloud services for this new venture.
At first the team will create a new ICT environment as well as incorporate the existing core infrastructure already in place today. You will be involved in all aspects of creating and extending the existing server rooms, deployment of generic ICT and special cryptographic equipment.
 
This team is based at two locations in the periphery of Brussels (1130 Brussels but mainly at 1601 Ruisbroek), both are located close to the Brussels ring way and to the train stations (resp. at 2 minutes and 10 minutes’ walk to the office).

Function

• You define and implement the key management policy and certificate management policy for all PKI components
• You are organize and execute activities like:
• Key ceremonies
• Configuration and initialisation of new PKI components or systems
• Audits, remediation and follow-up of recommendations
• Update and improve existing procedures
• You co-author and/or review policy documents (certification practice statements, certificate policies, timestamp policies, etc.)

PKI ADMINISTRATION TASKS

• Day to day administration of the PKI infrastructure including CA and VA, HSM, backup media, timestamping infrastructure, etc.
• Perform exceptional tasks such as manual Certificate Enrolment, Certificate Revocation, etc.
• Define and describe the CA hierarchy, PKI architecture, configurations, etc.
• Define and describe the lifecycles for all managed objects such as certificates, keys, CRLs, etc.
• Provide support of certificate services projects and operation support
• Prepare and document configuration scripts
• Install, configure and maintain the operational environment
• Configuration of the PKI application software
• Maintain a test environment and test all critical procedures on this test environment

SYSTEM MAINTENANCE and DOCUMENTATION

• Troubleshooting and problem solving
• Maintain the integrity and security of servers and systems
• Maintain system documentation
• Define and (for specific purposes) implement or assist with the implementation of monitoring tools, specifically related to monitoring performance and availability for SLA for public services (CRL publication, web site, OCSP responder, certificate & revocation request handling, etc.)

INTEGRATION  & DEPLOYMENT

• Define and describe the interfaces and protocols for integration of the core PKI components with external systems for card personalisation , card management and certificate management
• Create customized tools / software / scripts for highly specialised PKI-specific tasks
• Coordinate the installation and maintenance of the PKI systems

OTHER

• Manage operation of Electronic Key Management System, other information security duties, and Public Key Infrastructure (PKI)
• Able to generate Key pairs and submit certificate request
• Ensures operation of equipment by completing preventive maintenance requirements and tests; following manufacturer's instructions; troubleshooting malfunctions; calling for repairs; maintaining equipment inventories; evaluating new equipment and techniques.
• Monitoring of PKI related Key Performance Indicators, analysis and reporting of incidents, follow technology trends
• Make recommendations to purchase hardware and software, coordinates installation and provides backup recovery
• Define and/or review the profiles for cards and HSMs for client applications (e.g. smartcards for digital signature, HSM for server side signing)

 Requirements and Skills

• Bachelor degree or master degree
• Several years' experience with PKI
• Experience in in Security Management  is a plus
• General understanding of ICT environments
• Good analytical skills
• You can handle complex information and are able to describe ICT environments, write functional descriptions, procedures, reports, etc.
• You have attention to detail
• Experience with a combination of the following:
• Public Key Infrastructure (Internal and Internet)
• X.509 Digital Certificate Management
• Hardware Security Modules (Thales, Utimaco, Gemalto, Safenet or other)
• Key Management
• Cryptography Algorithms
• Telecommunication protocols such as TLS/SSL

Nice to Have:

• Experience with scripting languages, i.e. Shell Script, Python, Perl, Powershell, Bash...
• Sysadmin experience with Linux or Windows

 

 Language skills

• Our internal working language is English
• For contacts with colleagues a good understanding of Dutch and French is beneficial
• Good writing skills in English
• Other European languages are a bonus

We offer

• A high level of autonomy
• A full-time job in the ZETES office in 1601 Ruisbroek (Flemish Brabant)
• Continuous learning in the market of peopleID
• Attending relevant seminars and specific training courses
• Work within a dynamic team experienced with large-scale projects
• An attractive remuneration package and fringe benefits in-line with your experience

More information about Zetes

• https://confidens.zetes.com/
• http://peopleid.zetes.com/en
• www.zetes.com/en

If you are fascinated by this challenging opportunity, please send your application letter and cv to the HR director : koen.vandeveire@be.zetes.com