Job#: 3037115
Job Description:
12+ Month Contract
Hybrid On-Site Dearborn MI 4 Days a week
$60-70/HR
Position Description
The Product Cybersecurity PKI & Key Management Security Services team is responsible for generating, distributing, storing, and managing the lifecycle of cryptographic keys and certificates within the vehicle product ecosystem. This includes developing and maintaining in-house APIs and web services to ensure confidentiality, integrity, and authenticity across various use cases and product features.
We are seeking an exceptional Software Engineer specializing in Public Key Infrastructure (PKI) and secure API services to own the end-to-end lifecycle of mission-critical cryptographic systems. This role involves designing, building, deploying, and maintaining high-assurance PKI and security service APIs that support certificate issuance, lifecycle management, revocation, and integration across the connected vehicle ecosystem.
Employees in this role develop and maintain the back-end/server-side components of applications, including APIs, databases, and services containing core business logic. They work with various programming languages and tools to build and maintain services either on-premises or in the cloud.
Key Responsibilities
- Engage with customers to understand their use cases and requirements
- Solve complex problems by designing, developing, and delivering solutions using various tools, languages, frameworks, and technologies
- Align with architecture guidelines to ensure a unified and coherent development approach
- Design, develop, and deliver new code using modern tools, languages, frameworks, and technologies
- Develop and maintain back-end applications (APIs and microservices) using server-side languages such as Java, Python, and C#
- Collaborate with front-end developers and cross-functional teams, including product owners, designers, and architects
- Manage application deployment (cloud or on-prem), including health monitoring, performance optimization, security hardening, and disaster recovery
- Manage data storage and retrieval using database technologies such as Oracle, MySQL, and MongoDB
- Promote best practices such as test-driven development (TDD), continuous integration (CI), and continuous delivery (CD)
- Optimize back-end infrastructure and deployment practices to improve resiliency and reliability
- Support security practices to safeguard user data, including encryption and anonymization
Skills Required
- Software Testing
- PostgreSQL
- Computer Engineering
- Software Development Lifecycle (SDLC)
- Software Documentation
- Application Development
- Bouncy Castle Cryptographic
- Cloud Infrastructure
- Google Cloud Platform (GCP)
- .NET Core
- .NET Development
- Cybersecurity
- C#
- Application Testing
- Agile Software Development
Skills Preferred
- Kubernetes
- Technical Communication
- Technical Requirements
- Technical Documentation
- Application Architecture
- Technical Analysis
Experience Required
- Engineer 3 level
- Practical experience in at least 2 programming languages, or advanced expertise in 1
- 6+ years of experience in IT
- 4+ years of experience in software engineering/development and secure coding practices using object-oriented programming
- Strong knowledge of software architecture, development methodologies, and design principles (including TDD)
- Strong understanding of cryptographic algorithms and standards, including RSA, ECC, AES, and X.509
- Proven ability to own customer-facing products from ideation through general availability
- Ability to manage multiple projects and deliverables across the lifecycle
- Bachelor’s degree in Computer Science or Engineering
Education
Required:
Preferred:
Additional Safety / Licensing Requirements
Additional Information
- Hybrid position: 4 days onsite per week
- Remote candidates will be considered if identified as the best fit
Core Responsibilities (Expanded Scope)End-to-End Ownership
Lead the full lifecycle of PKI and Key Management services across vehicle products and the broader ecosystem, including:
- Customer requirements gathering
- Architecture design
- Implementation
- Testing
- Deployment
- Monitoring
- Post-launch support
API & Security Services Development
Design and develop robust, secure, and scalable RESTful APIs and web services supporting:
- CRL / OCSP
- ACME
- Certificate issuance
- Message encryption/decryption
- Software signing
- Key rotation
- Certificate lifecycle management
- HSM integration (PKCS#11)
Implement access control mechanisms enforcing least privilege principles using:
Cryptographic Engineering
- Implement and harden PKI and key management services
- Apply PKI standards including X.509 and PKCS
- Utilize cryptographic algorithms such as ECC and RSA
- Ensure post-quantum readiness
- Integrate with hardware security modules (HSM) and CSPs
- Apply hybrid encryption techniques using AES
- Define and enforce certificate policies and certificate profiles
Infrastructure & CI/CD Integration
- Release and deploy applications through build servers and CI/CD pipelines
- Support infrastructure spanning on-premises and cloud Kubernetes environments
Security & Compliance
- Monitor and remediate vulnerabilities using:
- SAST
- DAST
- Software quality scans
- Security vulnerability scanning
- Drive and support testing at every stage of the development lifecycle
EEO Employer
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law
