Senior PKI / Credential Lifecycle Management (CLM) Engineer

Clearance Level

None

REQ#: RQ217055

Public Trust: NACI (T1)

Requisition Type: Regular

Your Impact

Own your opportunity to work alongside federal civilian agencies. Make an impact by providing services that help the government ensure the well being and support of U.S. citizens.

Job Description

Overview
We are seeking an experienced Senior PKI/CLM Engineer who can independently lead the deployment of Credential Lifecycle Management (CLM) solutions with minimal technical guidance. This individual will bring strong expertise in PKI modernization, automation, authentication technologies, and mobile credentialing, supporting enterprise‑scale identity transformation initiatives.

Key Responsibilities

Lead end‑to‑end CLM deployment activities with very limited oversight.
Contribute to and help drive modernization strategies, best practices, and emerging identity concepts within the team.
Provide expert‑level guidance and troubleshooting for complex PKI architecture and operational issues.
Support deployment and integration of derived credentials, including mobile credentialing and Certificate‑Based Authentication (CBA) token solutions.
Apply deep knowledge of YubiKey and FIDO authentication standards and implementation patterns.
Design, develop, or enhance scripting and automation workflows using PowerShell, REST APIs, and SOAP interfaces.
Partner with security, engineering, and application teams to ensure certificate services align with enterprise security and compliance standards.

Required Skills & Experience

Strong hands‑on experience deploying and operating CLM platforms (any enterprise CLM is acceptable).
Solid understanding of PKI concepts including certificate authorities, OCSP, CRLs, trust chains, key management, and token lifecycle operations.
Expertise with YubiKey, FIDO2/WebAuthn principles, and hardware‑based authentication workflows.
Experience with derived credential solutions, mobile authentication, and CBA token deployments.
Proficiency with automation and scripting, including PowerShell, REST API integrations, and SOAP‑based solutions.
Ability to troubleshoot and resolve complex PKI and credentialing issues with minimal direction.
Strong communication skills and ability to provide strong leadership on modernization efforts.

Nice to Have

Experience in federal identity ecosystems or ICAM environments.
Familiarity with enterprise CLM platforms such as Venafi, Entrust, HID, Intercede, etc.
Experience with mobile device management (MDM/UEM) integrations.

Work Requirements

Years of Experience

7 + years of related experience

* may vary based on technical training, certification(s), or degree

Certification

Travel Required

None

Salary and Benefit Information

The likely salary range for this position is $124,093 - $142,706. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
View information about benefits and our total rewards program.

About Our Work

We are GDIT. A global technology and professional services company that delivers technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across over 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, cloud, cyber and application development. Together with our customers, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc.

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans