IAM Platform Engineer Cryptography

at Essent
πŸ“ 's-Hertogenbosch, Netherlands
EUR 59,600-97,100 per year
MIDDLE
βœ… Hybrid

πŸ•™ 32-40 hours per week

SCRAPED

Used Tools & Technologies

Not specified

Required Skills & Competences ?

Security @ 3 DevOps @ 3 CI/CD @ 6 API @ 6 PKI @ 3 Compliance @ 3 Agile @ 3

Details

Join the team to design, build and maintain PKI platforms and certificate-based trust services that support users, workloads and applications. The role focuses on automation, compliance, availability and a strategic shift toward post-quantum cryptography.

Responsibilities

  • Design, build, and maintain PKI platforms and certificate-based trust services for users, workloads, and applications.
  • Manage the complete certificate lifecycle with a focus on automation and efficiency.
  • Implement group-wide automation of certificate lifecycle management and cryptographic processes, leveraging DevOps principles and tools.
  • Implement concepts and strategies for transitioning to Post-Quantum Cryptography (PQC).
  • Ensure compliance with national and international regulatory, energy market-specific, and industry standards (examples listed: BSI, ENISA, eIDAS, ISO 27001, NIST).
  • Monitor, troubleshoot, and optimize PKI and cryptographic services for availability, performance, and security.
  • Participate in incident, risk, and problem management efforts for IAM, PKI, and cryptography-related issues, providing expert guidance and resolution strategies (3rd-level support).
  • Collaborate across IAM, Security, and Infrastructure teams to deliver secure, end-to-end cryptographic services.
  • Contribute to the development and maintenance of the organisation's cryptographic roadmap and strategy, with attention to emerging threats and technologies.

Requirements

  • 3+ years of experience in PKI and cryptography.
  • Familiarity with IoT security, TLS, User PKI, Workload PKI and Key Management.
  • PKI & Certificate Management knowledge: PKCS#, x.509, HSM, key lifecycle management, SmartCards, S/MIME.
  • Understanding of cryptographic principles, protocols and tools.
  • Ability to assist in designing scalable, compliant and highly available PKI/cryptographic solutions.
  • Experience with cloud-native PKI, container/workload identities, and hybrid PKI solutions.
  • Automation & DevOps: strong knowledge of Certificate Lifecycle Management and protocols like ACME, EST, SCEP, REST APIs, and integration with CI/CD pipelines.
  • Exposure to agile delivery models, focusing on continuous improvement and iterative development.
  • Analytical, process-oriented approach with ownership of services through to resolution.
  • Passion for technology and Cyber Security.
  • Fluent English; German is beneficial.

Benefits

  • A gross monthly salary between €4,968 - €8,091.
  • A flexible benefit budget (includes 8% holiday pay, 1.8% benefit contribution, 10 additional days off beyond statutory entitlement).
  • An annual result-dependent bonus of 10%.
  • Opportunity to work hybrid (including a workation arrangement for up to 20 days per year).
  • Discounts on energy products and services.
  • Head office within walking distance of Den Bosch Central Station (office facilities include coffee bar, company restaurant, free fresh fruit).
  • NS Business Card for commuting or a kilometre allowance.
  • Development opportunities, training and a personal development budget; international opportunities within the E.ON Group.
  • Inclusive environment where only skills and contributions matter.

Additional Details

  • Application deadline: Apply before November 11th.
  • Location: office near Den Bosch (address locality provided as 's-Hertogenbosch, Netherlands).
  • Employment type: Full time.