The PKI (Public Key Infrastructure) Sr. Engineer is a key member within the Identity and Access Management program. The PKI Sr. Engineer is a subject matter expert who, through independent project engagements and collaboration with business and technology partners, as well as third party vendors, designs and engineers the PKI platforms for the enterprise.


This role is responsible for engineering and ensuring that security is “built into” the organization’s application and PKI platforms, including third party vendor connectivity and interactions and running the PKI services and infrastructure. The PKI Engineer maintains current knowledge of new products, industry trends and recommends enhancements and purchases that allow Sherwin-Williams to maintain healthy and functional applications and protect its employees’ identities. This role provides technical consulting to management, business users, and technical associates to ensure that applications and platforms are secure. This is an individual contributor position.


Here, we believe there’s not one path to success, we believe in careers that grow with you. Whoever you are or wherever you come from in the world, there’s a place for you at Sherwin-Williams. We provide you with the opportunity to explore your curiosity and drive us forward. Sherwin-Williams values the unique talents and abilities from all backgrounds and characteristics. All qualified individuals are encouraged to apply, including individuals with disabilities and Protected Veterans. We’ll give you the space to share your strengths and we want you show us what you can do. You can innovate, grow and discover in a place where you can thrive and Let Your Colors Show! 


At Sherwin-Williams, part of our mission is to help our employees and their families live healthier, save smarter and feel better. This starts with a wide range of world-class benefits designed for you. From retirement to health care, from total well-being to your daily commute—it matters to us. A general description of benefits offered can be found at http://www.myswbenefits.com/. Click on “Candidates” to view benefit offerings that you may be eligible for if you are hired as a Sherwin-Williams employee.


Compensation decisions are dependent on the facts and circumstances of each case and will impact where actual compensation may fall within the stated wage range. The wage range listed for this role takes into account the wide range of factors considered in making compensation decisions including skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled.


The wage range, other compensation, and benefits information listed is accurate as of the date of this posting. The Company reserves the right to modify this information at any time, with or without notice, subject to applicable law.


Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable federal, state, and local laws including with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act where applicable.


Sherwin-Williams is proud to be an Equal Employment Opportunity/Affirmative Action employer committed to an inclusive and diverse workplace. All qualified candidates will receive consideration for employment and will not be discriminated against based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, pregnancy, genetic information, creed, marital status or any other consideration prohibited by law or by contract.


As a VEVRAA Federal Contractor, Sherwin-Williams requests state and local employment services delivery systems to provide priority referral of Protected Veterans.


Please be aware, Sherwin-Williams recruiting team members will never request a candidate to provide a payment, ask for financial information, or sensitive personal information like national identification numbers, date of birth, or bank account numbers during the application process.

Strategy & Planning



  • Work with the business units to identify business requirements for requested projects.

  • Identify the technical requirements of projects.

  • Plan and organize tasks, report on project progress, coordinate with additional development teams.

  • Review and submit technical and security improvement recommendations.


Acquisition & Deployment



  • Deploy and configure access management solutions based on industry best practices.

  • Leverage capabilities of vendor solutions.

  • Develop solutions based on secure design and/or coding practices.


Operational Management



  • Follow the established change control processes, maintain and modify PKI Platforms (Entrust and Digicert) applications

  • Coordinate changes with members from IAM and external teams including Infrastructure Engineers, DBAs and Info Security.

  • Provide on call support for production and non-production issues.

  • Analyze performance of PKI applications and take action to correct deficiencies based on consultation with clients and approval of manager.

  • Act as Subject Matter Expert in the discovery and investigation of critical security vulnerabilities’, as required.


Incidental Functions



  • Stay informed on new technologies, including tools, components, and frameworks.

  • Train and share knowledge with IAM team.

  • Mentor and coach developers and/or Professional Apprentices.

  • Project and task management and reporting as necessary.

  • Make presentations to management, clients, and peer groups as requested.

  • Schedule and lead project and communication meetings with clients.

  • Assist with other projects as may be required to contribute to efficiency and effectiveness of the work.


This position is not eligible for sponsorship for work authorization now or in the future, including conversion to H1-B visa.


This position has a hybrid work schedule with three days in the office and the option for working remotely two days.

Formal Education & Certification


Bachelor’s degree (or foreign equivalent) in a Computer Science, Computer Engineering, or Information Technology field of study (e.g., Information Technology, Electronics and Instrumentation Engineering, Computer Systems Management, Mathematics) or equivalent experience.


Knowledge & Experience



  • 5+ years IT experience.

  • 3+ years experience in design, implementation, and support of various PKI solutions.

  • Demonstrated experience leading and participating in troubleshooting, managing, and solving issues related to PKI Digital Certificates identities, systems, access, accounts, authentication, and authorization

  • Hands-on experience working with PKI Platforms and Host serveroperating systems such as Microsoft Windows and Linux. 

  • Demonstrated experience with Linux/Unix, Windows, scripting (Bash, PowerShell, Perl), SQL, LDAP, and web services


Preferred Experience & Skills



  • Hand on experience with PKI Security technologies and host system administration

  • Experience with Agile principles and practices

  • Exposure with source control tools and orchestration systems (e.g. Subversion, GIT, CVS, Ansible, Puppet, Rancher Kubernetes, Docker Swarm) 


Personal Attributes



  • Strong written and oral communications skills.

  • Proven ability and initiative to learn and research new concepts, ideas, and technologies quickly.

  • Strong commitment to inclusion and diversity

  • Strong systems/process orientation with demonstrated analytical thinking, organization skills and problem-solving skills.

  • Ability to work in a team-oriented, collaborative environment.

  • Ability to quickly pick up new tools and technologies. 

  • Willingness and ability to train and teach others.

  • Ability to facilitate meetings and follow up with resulting action items.

  • Ability to prioritize and execute tasks in a high-pressure environment.

  • Strong presentation and interpersonal skills. 

  • Ability to work effectively in a multi-cultural environment, and to lead and influence cross-organizationally with and without direct authority.

  • Ability to effectively move forward on tasks even with ambiguous or changing requirements.

  • Minimal travel is required

  • Work outside the standard office 7.5 hour workday may be required.