Business Analyst IIII
US - MI - Detroit
The Technical Support Resource for Certificate & Key Encryption Management is a proven leader who has extensive experience in digital certificate/key management. The candidate will have the ability to lead a team in defining processes and tool enhancements for a Certificate Management system. Additionally, this candidate will need to have exceptional communication skills in order to coordinate with diverse teams to successfully drive results. Certificate Management is the management of digital Web, User and Machine certificates throughout the enterprise, including issuance, revocation and renewal. Ally has both Public External, and Internal Public Key Infrastructure (PKI) Web Certificates as well as Supplier VPN (User) and Employee VPN (Machine) Certificates. The candidate must also have an understanding of cryptographic keys, symmetric and asymmetric keys, cryptographic key algorithms and cipher blocks including the use of HSM’s and Key Manger tools.
- This position will be accountable for overall certificate & key management lifecycle.
- Create enhancements or demands for improvements or modifications.
- Process fulfillment requests (Service requests/Catalog tasks)
- Manages all SSL/TLS Certificates associated with the prime Ally Certificate Authority (CA)
- Monitor Public (External) and Managed PKI (Private/Internal) CA SSL/TLS Certificates for upcoming expiration dates
- Monitor all expiry notifications from ServiceNow and the CA Vendor to ensure no issues result from Certificate expiration
- Track all SSL/TLS Certificates in ServiceNow
- Update Public and Private SSL Certificates within the ServiceNow Certificate Module
- Configure and setup SSL/TLS Certificates relationships within the CMDB to respective applications and servers
- Revoke SSL Certificates which are no longer being used in both Managed PKI and Public CA portals, and update all associated ServiceNow records accordingly
- Interact directly with CA vendor/s and IT customers for troubleshooting of certificate and key related issues
- Update and maintain runbook and process guides for requesting and distributing certificates to various applications teams
- Distribute certificates for Windows and MAC OS machines which require PKCS #12 files which are Password protected and not using WNES servers for automatic push
- Provide technical guidance moving some of the manual certificate provisioning process to a more automated method possible using other tools such as Venafi, including come
- scripting experience.
- Migrating and encrypting private keys from a public or internal CA into an HSM or Key Manager solution
- Helping with the creating a new enterprise encryption solution and upcoming IP Projects related to Cert and Key Encryption
- 27/7 support for troubleshooting Key and certificate issues. Ability to be on call and work over the 40 hour normal week
- Based on knowledge in other technologies this role may require supporting other security controls which are supported by the operations team.
- Certification and experience in IT operational standards such as ITIL v3 preferred.
- Ability to gather and convey information to stakeholders Strong analytical, technical writing and verbal communication skills.
- Ability to influence change across a matrix organization and collaborate with business and technology teams to deliver solutions
- Needs to be self-motivated and willing to learn details of Certificate management processes and tools and encourage team members to do the same
- Ability to effectively analyze Certificate Service Requests to ensure compliance with Standards and reduce certificate duplication
- 7+ years’ experience working in Information Technology
- 3+ years’ experience working in Security
- Understands how the IT group operates and how his/her role meets customer needs and creates value.
- Knowledge of Ally Policies and work environment and tools
- Candidate must have general knowledge regarding cryptographic methodologies and processes within IT organizations
- General understanding of cryptographic keys, symmetric and asymmetric keys, cryptographic key algorithms and cipher blocks
- Experience with using an HSM and/or Key Manager for any business encryption requirements
- Experience in helping create new encryption enterprise solutions for current or upcoming IT Projects
- Experience or knowledge of migrating and encrypting private keys from a public or internal CA into an HSM or Key Manager
- Ability to work in a fast paced environment and must have good communication skills