PKI Consultant - CA Hierarchy and Certificate Lifecycle Automation

• Shape Automation & Resilience | Implement lifecycle automation, engineer HA/DR
• Start Early 2026 | Secure your next contract before the holiday shutdown
• No Payroll Fees | 2 Pay Runs Per Week | Easy Online Timesheets

Day rate contract open to ACT, NSW, VIC - Drive delivery in a complex, high-assurance environment

Your new company

We're working with a leading organisation on a major PKI uplift program that will modernise trust services and strengthen cryptographic resilience across hybrid and multi-cloud environments. This is a contract opportunity for a PKI/Data Security Consultant, joining during the delivery phase of a complex security architecture initiative-bringing technical depth and practical expertise to a high-assurance environment.

The organisation is investing heavily in its security architecture capability, with a pipeline of work beyond this engagement and plans to grow the team significantly in the coming months. You'll be part of a collaborative, delivery-focused culture that values innovation, adaptability, and technical excellence.

This role offers hybrid flexibility, with an ACT presence preferred but not essential, and client equipment provided for remote work. Australian citizenship is required, with NV1 clearance ideal (Baseline acceptable) and sponsorship potential for NV2.

Your new role

You'll lead the delivery of enterprise PKI services, moving from design into implementation. This includes:

• Designing and deploying CA hierarchies, trust models, and certificate policies (CP/CPS).
• Driving certificate lifecycle automation (issuance, renewal, revocation, CRLs, OCSP, key rollover).
• Conducting PKI assessments and planning remediation or uplift programs.
• Integrating PKI with cloud platforms, identity systems (IDAM), PAM, applications, workloads, and network devices.
• Engineering high availability and disaster recovery for cryptographic services.
• Producing reference architectures, operational documentation, and secure design guidance.
• Supporting technical workshops and contributing to RFQ responses as required.

What you'll need to succeed

• Strong hands-on experience in PKI design and delivery, including CA hierarchy and certificate lifecycle automation.
• Expertise in Microsoft CA and physical HSMs for key custody and resilience.
• Understanding of cryptographic principles, OCSP, CRLs, and governance frameworks.
• Experience integrating PKI with cloud platforms, IDAM, and PAM solutions.
• Ability to design and test HA/DR architectures for PKI services.
• Familiarity with frameworks such as NIST CSF, ISO 27001, and CIS Controls.
• Australian citizenship with the ability to obtain NV1 clearance (Baseline acceptable; NV2 sponsorship available).
• Strong communication skills to engage stakeholders and translate technical detail into actionable outcomes.

Nice to have: Exposure to Keyfactor, CipherTrust, DSPM-based assessments, and Microsoft Purview.

What you'll get in return

• A high-impact contract role delivering PKI uplift in a complex, multi-cloud environment.
• Opportunity to shape automation and resilience practices for cryptographic services.
• Enjoy a competitive day rate contract.
• Secure your next contract before the holiday shutdown and hit the ground running in 2026.
  
  

What you need to do now

If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.

If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion on your career.

Desired Skills and Experience

PKI, Certificate Authority, CA, KEYFACTOR , DATA SECURITY , "public key infrastructure" , IDAM , ENtra , PAM , "privileged access management" , "identity access management" , OCSP , CRLs