Job Description

With 900+ employees in Poland supporting over 45 clients, we leverage our holistic portfolio of capabilities in consulting, design, engineering, operations, and emerging technologies to help clients realize their boldest ambitions and build future-ready, sustainable businesses. It is the freedom provided to every individual at Wipro to learn, grow, and create a career path that makes us an organization of opportunities beyond boundaries of region, age, gender, ability, and routine. We invite you to be a part of this experience

Key Responsibilities

• Lead the infrastructure protection strategy to create, evolve, and secure internal PKI and credential management security strategy.
• Design, implement, and operate enterprise-grade PKI solutions, including internal and external Certificate Authorities (CAs), Hardware Security Modules (HSMs), and certificate lifecycle management platforms.
• Create design components, develop code, and test changes using test-driven development methodologies.
• Provide subject matter expertise in resolving complex problems related to PKI environment.
• Manage, secure, engineer and provide governance for key and certificate management services, including robust, enterprise-grade PKI, certificate lifecycle management (CLCM), infrastructure automation and credential management (CMS) systems.
• Implement and maintain automated certificate renewal programs; capture use-cases for certificate revocation, enrollment & renewal processes.
• Monitor creation of encryption keys to ensure protection against modification and unauthorized disclosure.
• Define Trust Strategies and understand security and governance requirements for Certification Authorities.
• Architect and manage internal PKI infrastructure including CA, RA, CRL, OCSP, and HSM integrations.
• Design and implement certificate lifecycle automation using ACME protocols, scripting (e.g., PowerShell, Python), and enterprise CLM tools.
• Install and manage certificates across platforms: Windows, Linux/Unix, Apache, Tomcat, Java Keystore, F5, Azure Key Vault.
• Implement digital certificate policies aligned with X.509 standards and CA/Browser Forum baseline requirements.

͏

• Develop and maintain Certificate Policy and Certificate Practice Statements (CP/CPS).
• Provide PKI support for application integrations, including TLS/SSL, S/MIME, 802.1x, Smartcards, and Code Signing.
• Collaborate with IAM, Infrastructure, Security, and Application teams to integrate PKI into broader identity solutions.
• Contribute to change management and documentation using ITSM tools (ServiceNow, Remedy).
• Maintain high availability and disaster recovery readiness for PKI infrastructure.
• Track and report on PKI service metrics, SLAs, KPIs, and KRIs to ensure operational excellence.
• Develop and maintain SOPs, technical documentation, and training materials.

Preferred Skills

• Strong technical knowledge of enterprise PKI operations, cryptographic algorithms (symmetric/asymmetric), digital signatures, with strong understanding of compliance, auditing, and key management.
• Microsoft certifications (e.g., Azure Security Engineer, MCSA).
• Knowledge of CA/B Forum, RFC 5280, RFC 6960 (OCSP).
• Familiarity with containerized environments and Kubernetes certificate management.
• Experience with Active Directory Certificate Services, GlobalSign, Sectigo, DigiCert, Keyfactor, OpenSSL, or other certificate management platforms. Understanding of OCSP, CA, RA, CRL, and BYOK configurations.
• Comprehensive understanding of the PKI/HSM ecosystem, including technology, standards, implementations, and migration strategies.
• Experience with developing scripts for administrative and automation tasks.
• Collaborate with other IT and Operational teams to integrate PKI solutions with existing systems/applications.
• Monitor and troubleshoot PKI related issues.
• Assist and educate users/administrators with certificate enabled applications, such as SSL/TLS, S/MIME, Code Signing, Smartcard, 802.1x, EAP-TLS, etc.
• Drive technical discussions to understand digital certificate services requirements.
• Maintain and enhance global solutions for the digital certificate area ensuring high availability and disaster recovery.
• Knowledge of PKI Standards including X.509, CP/CPS, CA/Browser Forum Baseline Requirements.

͏

Equal Opportunity Employer:

Wipro is an Equal Opportunity Employer. We provide consideration for all qualified applicants regardless of race, color, religion, gender, marital status, age, ethnicity, national origin, sexual orientation, political views, disability, or any other characteristic protected by law

Internal Reporting and Whistleblower Protection:

Wipro IT Services Poland Sp. z o.o. adheres to the Internal Reporting and Whistleblower Protection Regulations. Candidates can submit internal reports via email to ombuds.person@wipro.com, through the Internet at www.wiproombuds.com, or by post/courier to Wipro's registered office.