PKI Governance and Configuration Manager

Job Summary:

A PKI Governance and Configuration Manager job in Springfield, VA is currently available through Belcan at one of our key Federal Civilian clients. To be considered for this role, you will have a bachelor's degree and 9 years of relevant experience.

Job Duties:

This role is a hybrid of technical configuration management and high-level cybersecurity governance. You will be the primary architect of compliance, ensuring that all systems across Unclassified, Classified, and SaaS environments maintain their Authority to Operate (ATO). You will bridge the gap between technical PKI operations, engineering and federal regulatory requirements, specifically focusing on NIST SP 800-53, FedRAMP frameworks, and other applicable Federal standards.

PKI & Credential Systems Governance:

• Direct the governance lifecycle for multiple PKI systems and Credential Hosting environments.
• Enforce adherence to Certificate Policy (CP) and Certification Practice Statements (CPS).
• Lead the development and implementation of PKI-related policies across diverse network fabrics.

Compliance & Artifact Development (NIST/FedRAMP):

• Serve as the Lead for all NIST SP 800-53 security compliance assessments.
• Author, review, and maintain a comprehensive library of security artifacts (SSP, SAR, POA&M, etc.).
• Manage the end-to-end FedRAMP certification process for SaaS offerings.
• Ensure continuous monitoring and timely remediation to maintain ATO status for all systems.

Configuration & Change Management:

• Establish and manage strict Configuration Management (CM) baselines for PKI hardware and software.
• Lead the Change Advisory Board (CAB) for identity services, evaluating the security impact of all system modifications.
• Maintain rigorous documentation of system architectures and configuration settings.

Multi-Network Oversight:

• Synchronize security postures across Unclassified (NIPR), Classified (SIPR), and Cloud/SaaS environments.
• Coordinate with cross-functional teams to ensure seamless identity management and credential interoperability.

Required Qualifications:

• Secret clearance with ability to obtain Top Secret clearance.
• Bachelor's degree and 9 years of relevant experience.
• 8+ years in Cybersecurity, with at least 5 years specifically focused on PKI and Federal Governance (GRC).
• Deep understanding of X.509 certificates, HSMs (Hardware Security Modules), CRLs, and OCSP.
• Mastery of NIST SP 800-53, NIST SP 800-37 (RMF), FIPS 140-2/3, NIST SP 800-157 (Rev-1), NIST SP 800-63, and FedRAMP Moderate/High requirements.
• Proven track record of successfully taking a system through the full A&A (Assessment and Authorization) process to achieve an ATO.
• Proficient in the following:
  • Identity Systems: Active Directory Certificate Services (ADCS), Entrust, or EJBCA.
  • Cloud Security: FedRAMP OSCAL, AWS/Azure Government Cloud security controls.
  • Tools: STIG Viewer, SCAP Compliance Checker, Nessus/ACAS, JIRA for CM.

Preferred Qualifications & Skills:

• One or more certificates preferred: CISSP, CISM, or GSLC, ITIL, PMP, or specialized PKI certifications.

Compensation:

We provide a competitive pay and benefits package. This position is offering a salary range of $145,000 - $170,000. Belcan considers several factors when extending an offer, including but not limited to education, experience, geographic location, and discipline. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.

www.belcan.com

Belcan is an equal opportunity employer. Your application and candidacy will not be considered based on race, color, sex, religion, creed, sexual orientation, gender identity, national origin, disability, genetic information, pregnancy, veteran status or any other characteristic protected by federal, state or local laws.