Frederick, MD  ThermoFisher Scientific

LEARN MORE / APPLY

Work Schedule

First Shift (Days)

Environmental Conditions

Office

Job Description

About the Role

This position is with Thermo Fisher Scientific, an inclusive employer and a member of myGwork — the largest global platform for the LGBTQ+ business community.

At Thermo Fisher Scientific, you’ll lead groundbreaking changes in our certificate management and credential hardening approaches worldwide, impacting over 100,000 colleagues.

Position Overview

In the role of Credential Hardening & Certificate Management Engineer, you will act as the primary SME and program leader for enterprise-wide secrets hardening and certificate lifecycle management initiatives. Operating with significant independence, you will function as an internal transformation consultant, identifying strategic points to enforce standard processes and promote cultural change around credential security. This position complements PAM initiatives and requires the capability to engineer tool-agnostic solutions in a dynamic technology landscape.

Key Responsibilities

Strategic Program Leadership

Lead credential hardening transformation initiatives across the organization, identifying and eliminating legacy practices that compromise security posture

Drive initiatives with the enterprise certificate lifecycle management program, establishing strategy, roadmaps, and success metrics aligned with quantum computing threats and industry trends

Act as the main subject matter expert for standard methodologies in managing secrets, automating certificate lifecycles, and securing credentials.

Develop strategic leverage points to drive organizational change and overcome resistance to security improvements

Engineer tool-agnostic flows that can adapt to changing technology landscapes and vendor transitions

Transformation & Program Management

Function as an internal turnaround consultant for credential security practices, identifying systemic issues and crafting comprehensive remediation strategies

Challenge existing paradigms and “that’s the way we do things” mentalities through data-driven analysis and strategic influence

Develop and implement strategies to increase adoption of standard methodologies across various business units

Complete and deliver credential hardening and certificate management investments

Design and implement cultural transformation initiatives that embed security-first thinking into operational processes

Engineering & Automation

Implement automated certificate rotation systems to address shrinking certificate lifecycles driven by quantum computing threats, including migration to quantum-resistant algorithms

Engineer scalable certificate management efforts that integrate with existing infrastructure while maintaining vendor agnostic flexibility and with preference on agility for post-quantum transitions

Develop comprehensive secrets management frameworks that enforce least privilege, rotation, and audit requirements to strengthen credential workflows

Develop advanced monitoring and alerting systems for certificate expiration, rotation failures, compliance deviations, and quantum readiness assessments

Design integration strategies between certificate management, PAM initiatives, and broader security infrastructure with quantum threat in mind

Cross-Functional Leadership & Influence

Lead cross-functional efforts in implementing credential and certificate security improvements by seeing the work and helping the organization achieve clarity on where it is to head

Represent certificate management initiatives in enterprise engineering, security governance, and compliance committees

Collaborate with PAM teams to ensure complementary and multi-layered security strategies

Foster agreement among collaborators with competing priorities and establish unified approaches to credential security

Mentor and train technical teams on credential management standard methodologies and emerging threats

Secrets Threat Mitigation & Risk Management

Develop and implement quantum readiness assessments for existing certificate and credential infrastructure, identifying vulnerable cryptographic implementations

Develop transition plans for post-quantum cryptography with migration strategies based on timing and risk prioritization

Implement and drive understanding of frameworks that enable rapid algorithm transitions as quantum threats evolve and new standards emerge

Develop quantum threat intelligence notifications that monitor advances in quantum computing and adjust security postures proactively

Establish understanding of hybrid classical-quantum cryptographic systems during transition periods to maintain security while preparing for post-quantum era

Process Innovation & Optimization

Identify and eliminate inefficiencies in current secrets and certificate management processes through root cause analysis and quantum threat impact assessment

Develop metrics to measure program success, improvements in security posture, organizational maturity, and readiness levels for quantum technology

Design automated compliance reporting and audit preparation processes that include credential hardening compliance requirements

Develop repeatable methodologies for certificate lifecycle management that incorporate quantum-safe practices and can scale across global operations

Establish governance frameworks for certificate and credential policy enforcement with quantum threat considerations coordinated

Technology Platform Management

Maintain deep expertise in common enterprise tooling while preparing for potential platform transitions

Evaluate and recommend new secrets management platforms based on strategic requirements

Design migration strategies that prioritize urgency of need, so our security posture does not become lax

Develop vendor-agnostic and dual implementation approaches that protect against technology and vendor lock-in

Enhance integration methodologies to improve existing infrastructure investments

Required Qualifications

Education & Certifications

Bachelor’s degree in Cybersecurity, Computer Science, Systems Engineering, or related field (equivalent experience accepted)

Advanced certifications required: CISSP, CISM, or CCSP with focus on identity and access management or equivalent

Credential management or consulting certifications strongly preferred (e.g. CyberArk Guardian, etc.)

Certificate management training preferred: Feisty Duck Practical TLS and PKI or similar

Experience

8+ years of enterprise security experience with focus on identity, access management, or certificate/PKI systems

5+ years of program or project leadership experience driving organizational transformation

3+ years of hands-on experience with certificate management platforms, PKI infrastructure, and secrets management

Demonstrated experience as a change agent or transformation consultant in security domains

Proven track record of challenging status quo and driving process improvements in large organizations

Technical Skills

Expert proficiency in secrets management, credential hardening, privileged access principles, and quantum-safe credential protection mechanisms

Advanced knowledge of PKI, certificate lifecycles, automated rotation technologies, and post-quantum cryptography standards (NIST PQC, hybrid certificates)

Strong experience with secrets/certificates management platforms, including quantum readiness assessment capabilities

Demonstrated ability to engineer tool-agnostic solutions, manage technology transitions, and implement crypto agile frameworks

Experience with SaaS secrets and certificate management, DevOps integration, infrastructure automation, and quantum-safe practices

Advanced knowledge of quantum computing impacts on cryptography, secrets and certificate management strategies, and post-quantum transition planning

Leadership & Consulting Skills

Outstanding influence and persuasion abilities with track record of inspiring change without direct authority

Critical thinking and problem-solving skills to identify key points for organizational transformation

Strong consulting and advisory skills with experience challenging existing practices and driving improvements

Excellent communication abilities with capability to present complex technical concepts to executive audiences

Proven mentorship and training capabilities with track record of developing technical teams

Cultural change leadership with experience overcoming organizational resistance to security improvements

Specialized Proficiencies

Comprehensive understanding of secrets management and specific mitigation strategies for enterprise environments

Experience with regulatory compliance requirements (SOX, PCI DSS, HIPAA) related to certificate and credential management, including emerging quantum-safe compliance standards

Expertise in threat modeling and risk assessment methodologies for credential security with quantum threat scenarios and impact analysis

Proficiency with DevSecOps practices, automated security integration, and quantum-safe CI/CD pipeline security

Deep understanding of zero trust architecture principles, implementation strategies, and quantum-resilient zero trust frameworks

Knowledge of post-quantum cryptography algorithms (lattice-based, hash-based, multivariate, isogeny-based) and their practical implementation challenges

What We Offer

Join our world-class organization and lead groundbreaking change in enterprise security. Drive meaningful impact across our global operations while developing brand new solutions for tomorrow’s security challenges. We offer competitive compensation, comprehensive benefits, executive development opportunities, and the chance to craft the future of certificate and credential security. Apply today at: http://jobs.thermofisher.com

Thermo Fisher Scientific Inc. is an equal opportunity employer offering reasonable accommodations for applicants with disabilities. We value diversity and inclusion in our workforce. #StartYourStory with us.

Compensation and Benefits

The salary range estimated for this position based in Maryland is $113,500.00-$170,200.00.

This position may also be eligible to receive a variable annual bonus based on company, team, and/or individual performance results in accordance with company policy. We offer a comprehensive Total Rewards package that our U.S. colleagues and their families can count on, which includes:

A choice of national medical and dental plans, and a national vision plan, including health incentive programs

Employee assistance and family support programs, including commuter benefits and tuition reimbursement

At least 120 hours paid time off (PTO), 10 paid holidays annually, paid parental leave (3 weeks for bonding and 8 weeks for caregiver leave), accident and life insurance, and short- and long-term disability in accordance with company policy

Retirement and savings programs, such as our competitive 401(k) U.S. retirement savings plan

Employees’ Stock Purchase Plan (ESPP) offers eligible colleagues the opportunity to purchase company stock at a discount

For more information on our benefits, please visit: https://jobs.thermofisher.com/global/en/total-rewards

Thermo Fisher Scientific is an EEO/Affirmative Action Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other legally protected status.

LEARN MORE / APPLY

Job Hiring / Frederick, MD / IT Security Engineer III – Credential Hardening & Certificate Management >> APPLY/LEARN MORE >> https://de.jobsyn.org/9301e1fe96194744b62468241af5fdfa8003 >> #job #jobs #hiring #BGJobs   

+++++++++++++++
? Looking for more jobs like this? Find more at CareerOneStop, sponsored by the U.S. Department of Labor Employment and Training Administration.
+++++++++++++++