We are excited to begin our journey as an All-of-Government Panel Provider!
We would love to work with you - our Client Managers are always up for a chat.
Infrastructure - IDAM / PKI - Senior Engineer
Back to job search
We’re partnering with a large, complex enterprise environment seeking an experienced IDAM / PKI Engineer to help design, enhance, and operate their identity and certificate services at scale.
This is a hands-on security engineering role focused on strengthening authentication, authorisation, identity governance, and certificate lifecycle management across hybrid cloud and on-prem platforms. You’ll work closely with security, infrastructure, and application teams, contributing directly to Zero Trust initiatives and the uplift of enterprise security capability.
You’ll be working across:
• Designing and supporting enterprise Identity & Access Management solutions
• Enhancing Azure AD / Entra ID, Active Directory, MFA, Conditional Access, and federation platforms
• Building and maintaining PKI environments (Microsoft AD CS, CA hierarchies, OCSP, CRLs, HSM-backed keys)
• Automating certificate lifecycle processes (issuance, renewal, revocation)
• Supporting certificate-based authentication, TLS, device and smartcard certificates
• Troubleshooting complex identity and authentication issues
• Contributing to Zero Trust architecture and security improvement initiatives
We’re looking for someone who brings:
• 5+ years’ experience in IDAM, PKI, or security engineering
• Strong expertise with Entra ID / Azure AD, Active Directory, MFA, Conditional Access
• Solid experience with Microsoft Certificate Services (AD CS)
• Knowledge of SAML, OAuth2, OIDC, Kerberos, NTLM
• PowerShell scripting and automation capability
• Experience with certificate management platforms (Venafi, AppViewX, DigiCert, Sectigo or similar)
Nice to have:
• Privileged Access Management (PAM)
• HSM platforms (Thales, Utimaco, Azure Key Vault HSM)
• Entra ID governance (IGA / PIM)
• Cloud-based PKI or certificate automation tooling
You’ll be a strong problem-solver who enjoys diagnosing complex issues, documenting solutions, and lifting capability across teams. Coaching and collaboration skills are important, as you’ll work alongside a broad group of technical specialists.
✔ 37.5-hour work week
✔ Agile delivery environment
✔ Must hold (or be eligible to obtain) SV security clearance
If you enjoy working deep in identity, authentication, and PKI, and want to have real influence over enterprise security posture, we’d love to hear from you.
Infrastructure - IDAM / PKI - Senior Engineer
| Location: | Wellington |
| Discipline: | Telecommunications |
| Job type: | Contract |
| Salary: | 110 to 125 |
| Contact name: | Matt Frizzell |
| Contact email: | matt@placeme.nz |
| Job ref: | 1455710 |
| Published: | about 8 hours ago |
We’re partnering with a large, complex enterprise environment seeking an experienced IDAM / PKI Engineer to help design, enhance, and operate their identity and certificate services at scale.
This is a hands-on security engineering role focused on strengthening authentication, authorisation, identity governance, and certificate lifecycle management across hybrid cloud and on-prem platforms. You’ll work closely with security, infrastructure, and application teams, contributing directly to Zero Trust initiatives and the uplift of enterprise security capability.
You’ll be working across:
• Designing and supporting enterprise Identity & Access Management solutions
• Enhancing Azure AD / Entra ID, Active Directory, MFA, Conditional Access, and federation platforms
• Building and maintaining PKI environments (Microsoft AD CS, CA hierarchies, OCSP, CRLs, HSM-backed keys)
• Automating certificate lifecycle processes (issuance, renewal, revocation)
• Supporting certificate-based authentication, TLS, device and smartcard certificates
• Troubleshooting complex identity and authentication issues
• Contributing to Zero Trust architecture and security improvement initiatives
We’re looking for someone who brings:
• 5+ years’ experience in IDAM, PKI, or security engineering
• Strong expertise with Entra ID / Azure AD, Active Directory, MFA, Conditional Access
• Solid experience with Microsoft Certificate Services (AD CS)
• Knowledge of SAML, OAuth2, OIDC, Kerberos, NTLM
• PowerShell scripting and automation capability
• Experience with certificate management platforms (Venafi, AppViewX, DigiCert, Sectigo or similar)
Nice to have:
• Privileged Access Management (PAM)
• HSM platforms (Thales, Utimaco, Azure Key Vault HSM)
• Entra ID governance (IGA / PIM)
• Cloud-based PKI or certificate automation tooling
You’ll be a strong problem-solver who enjoys diagnosing complex issues, documenting solutions, and lifting capability across teams. Coaching and collaboration skills are important, as you’ll work alongside a broad group of technical specialists.
✔ 37.5-hour work week
✔ Agile delivery environment
✔ Must hold (or be eligible to obtain) SV security clearance
If you enjoy working deep in identity, authentication, and PKI, and want to have real influence over enterprise security posture, we’d love to hear from you.
Latest jobs
- Senior Data Analyst
-
Job location: Wellington Job salary: 120000 to 151000
Senior Data Analyst – Core Banking Transformati...
- Infrastructure - IDAM / PKI - Senior Engineer
-
Job location: Wellington Job salary: 110 to 125
We’re partnering with a large, complex enterpr...
- Talent Manager
-
Job location: Wellington Job salary: 65000 to 80000
We’re on the lookout for an experienced Senior ...