Provide technical direction for the development, engineering, interfacing, integration, and testing of all components of complex PKI hardware/software systems to include requirements elicitation, analysis and functional allocation, conducting systems requirements reviews, developing concepts of operation and interface standards, developing system architectures, and performing technical/non-technical assessment and management.
- Create documentation including authorization memorandums, Certificate Practice Statements, Certificate Policies, Cross-Certification Arrangements, key transfer and equipment move approvals. Develop and update policies for interoperability with federal, industry and partner nations for PKI enabled devices and applications. Understand ITAR requirements and actively work with CACI export control to stay in compliance.
- Assist in audits, resolve discrepancies, evaluate results, create POA&Ms, evaluate audit reports.
- Conduct and/or approve end-to-end system trade analyses to optimize PKI Root Certification Authority operations over its life-cycle through the proper balance of risk and security.
- Recommend courses of actions to government personnel. Experience interacting with senior-level government executives. Serve as a member of the Configuration Control Board (CCB). Participate and provide support to the government representatives at federal and international working group meetings.
- Develop PKI solutions for various projects. Support mobility, commercial solutions for classified, unmanned aircraft vehicles, RCVS, NPE, TMS, token development as well as other programs involving PKI. Interact with key personal to understand and explain details of those solutions.
- Maintain knowledge of current and evolving agency, national, and international standards applicable to the system development of interest. Apply and enforce use of suitable standards to ensure consistency and interoperability of developer hardware and software.
- Participate in algorithm migrations, cybersecurity evaluations and threat analysis.
- Develop system design alternatives that consider life cycle cost, reuse, complexity, risk, system expansion, and growth.
- Provide support to security authorization activities in compliance with the NIST Risk Management Framework (RMF) process, and prescribed processes for security engineering.