Staff PKI Engineer

Lucid Motors • Newark, CA • 12h ago

Staff Public Key Infrastructure Engineer

In this role, you are embedded within the Brand’s Content Team as the Creative Lead for Motion to work cross-functionally within the various teams and departments at Lucid.

As a Staff PKI Engineer, you will be working with the Vehicle Cybersecurity team, and you will have the opportunity to be a key member of Vehicle Cybersecurity Organization.

**This role is located on-site at Headquarters in Newark, CA.**

ROLE AND RESPONSIBILITIES:

Maintaining a secure public key infrastructure to support certificate-based authentication and encryption.
Implement and maintain Code Signing infrastructure.
Managing and maintaining digital certificates, including certificate authorities, root certificates, and intermediate certificates.
Ensuring compliance with industry standards and best practices such as NIST guidelines.
Managing and monitoring the issuance, revocation, and renewal of certificates.
Implementing and maintaining secure certificate-based authentication and encryption protocols, such as SSL/TLS.
Collaborating with other larger product engineering teams to ensure that the PKI infrastructure is integrated with other systems and processes.

REQUIRED QUALIFICATIONS:

Bachelor's degree in the areas of Computer Science, Computer Engineering, Electrical Engineering or a related technical field is required.
7+ years of experience with public key infrastructure design and implementation.
6+ years of experience administrating and managing Hardware Security Modules(Eg: Thales)
Strong understanding of certificate-based authentication and encryption protocols, such as SSL/TLS
Experience designing PKI Architecture.
Experience in creating and maintaining documentation for CA policies, procedures, and best practices to ensure consistency and transparency in CA operations
Knowledge of industry standards and best practices.
Thorough understanding of X.509 standard RFC 5820.
Hands-on experience with digital certificate lifecycle management, including issuance, revocation, and renewal.
Strong technical skills in network security, firewall configurations, and VPN technologies.
Knowledge of security and risk assessment methodologies, vulnerability scanning, and penetration testing.
Hands-on experience with Unix based OS such as RedHat Linux, Ubuntu.
Experience with establishing and maintaining backup and disaster recovery procedures to ensure the availability and integrity of the CA's data and configurations in case of unexpected failures or disasters.
Knowledge and experience with Prime key EJBCA and Sign Servers or other PKI applications such as Active Directory Certificate Services.
Ability to work in a fast-paced, high-pressure environment and handle multiple projects simultaneously.
Strong communication skills and ability to effectively interact with clients, stakeholders, and internal teams.
Certifications in security, such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), are highly desirable.

PREFERRED QUALIFICATIONS:

Master's degree or higher education in the areas of Computer Science, Computer Engineering, Electrical Engineering or a related technical field.
10+ years of related experience
Experience managing Primekey CA Stack.
Experience specifically managing Thales HSMs.
Experience writing Python, Shell based scripts.
Experience managing MySQL Databases.
Experience with different WebServices protocols such as RESTAPI
Understanding of AWS Cloud Services.
Experience with messaging queue architecture (eg: MQTT).

At Lucid, we don’t just welcome diversity - we celebrate it! Lucid Motors is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, national or ethnic origin, age, religion, disability, sexual orientation, gender, gender identity and expression, marital status, and any other characteristic protected under applicable State or Federal laws and regulations.