Cybersecurity Software Engineer - PKI & Cryptography

Job Description

Job#: 3037115

Job Description

12+ Month Contract

Hybrid On-Site Dearborn MI 4 Days a week

$60-70/HR

Position Description

The Product Cybersecurity PKI & Key Management Security Services team is responsible for generating, distributing, storing, and managing the lifecycle of cryptographic keys and certificates within the vehicle product ecosystem. This includes developing and maintaining in-house APIs and web services to ensure confidentiality, integrity, and authenticity across various use cases and product features.

We are seeking an exceptional Software Engineer specializing in Public Key Infrastructure (PKI) and secure API services to own the end-to-end lifecycle of mission-critical cryptographic systems. This role involves designing, building, deploying, and maintaining high-assurance PKI and security service APIs that support certificate issuance, lifecycle management, revocation, and integration across the connected vehicle ecosystem.

Employees in this role develop and maintain the back-end/server-side components of applications, including APIs, databases, and services containing core business logic. They work with various programming languages and tools to build and maintain services either on-premises or in the cloud.

Key Responsibilities

Engage with customers to understand their use cases and requirements
Solve complex problems by designing, developing, and delivering solutions using various tools, languages, frameworks, and technologies
Align with architecture guidelines to ensure a unified and coherent development approach
Design, develop, and deliver new code using modern tools, languages, frameworks, and technologies
Develop and maintain back-end applications (APIs and microservices) using server-side languages such as Java, Python, and C#
Collaborate with front-end developers and cross-functional teams, including product owners, designers, and architects
Manage application deployment (cloud or on-prem), including health monitoring, performance optimization, security hardening, and disaster recovery
Manage data storage and retrieval using database technologies such as Oracle, MySQL, and MongoDB
Promote best practices such as test-driven development (TDD), continuous integration (CI), and continuous delivery (CD)
Optimize back-end infrastructure and deployment practices to improve resiliency and reliability
Support security practices to safeguard user data, including encryption and anonymization

Skills Required

Software Testing
PostgreSQL
Computer Engineering
Software Development Lifecycle (SDLC)
Software Documentation
Application Development
Bouncy Castle Cryptographic
Cloud Infrastructure
Google Cloud Platform (GCP)
.NET Core
.NET Development
Cybersecurity
C#
Application Testing
Agile Software Development

Skills Preferred

Kubernetes
Technical Communication
Technical Requirements
Technical Documentation
Application Architecture
Technical Analysis

Experience Required

Engineer 3 level
Practical experience in at least 2 programming languages, or advanced expertise in 1
6+ years of experience in IT
4+ years of experience in software engineering/development and secure coding practices using object-oriented programming
Strong knowledge of software architecture, development methodologies, and design principles (including TDD)
Strong understanding of cryptographic algorithms and standards, including RSA, ECC, AES, and X.509
Proven ability to own customer-facing products from ideation through general availability
Ability to manage multiple projects and deliverables across the lifecycle
Bachelor's degree in Computer Science or Engineering

Experience Preferred

2+ years of experience deploying and maintaining cloud infrastructure using Kubernetes or OpenShift
Experience managing databases such as PostgreSQL, Redis, and MongoDB
2+ years of experience building, maintaining, and integrating production PKI systems and cryptographic interfaces
Experience applying industry security standards including NIST, OWASP, ISO, and IEEE
Strong knowledge of software architecture, methodologies, and design principles (including TDD)
Familiarity with in-vehicle network architecture, modules, and protocols

Education

Required

Bachelor's Degree

Preferred

Not specified

Additional Safety / Licensing Requirements

Not specified

Additional Information

Hybrid position: 4 days onsite per week
Remote candidates will be considered if identified as the best fit

Core Responsibilities (Expanded Scope)End-to-End Ownership

Lead the full lifecycle of PKI and Key Management services across vehicle products and the broader ecosystem, including:

Customer requirements gathering
Architecture design
Implementation
Testing
Deployment
Monitoring
Post-launch support

API & Security Services Development

Design and develop robust, secure, and scalable RESTful APIs and web services supporting:

CRL / OCSP
ACME
Certificate issuance
Message encryption/decryption
Software signing
Key rotation
Certificate lifecycle management
HSM integration (PKCS#11)

Implement Access Control Mechanisms Enforcing Least Privilege Principles Using

OAuth
mTLS

Cryptographic Engineering

Implement and harden PKI and key management services
Apply PKI standards including X.509 and PKCS
Utilize cryptographic algorithms such as ECC and RSA
Ensure post-quantum readiness
Integrate with hardware security modules (HSM) and CSPs
Apply hybrid encryption techniques using AES
Define and enforce certificate policies and certificate profiles

Infrastructure & CI/CD Integration

Release and deploy applications through build servers and CI/CD pipelines
Support infrastructure spanning on-premises and cloud Kubernetes environments

Security & Compliance

Monitor and remediate vulnerabilities using:
SAST
DAST
Software quality scans
Security vulnerability scanning
Drive and support testing at every stage of the development lifecycle
EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at [emailprotected] or 844-463-6178.

Everforth Apex is a world-class IT services company that serves thousands of clients across the globe. When you join Everforth Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRateds Best of Staffing® in Talent Satisfaction in the United States and Great Place to Work® in the United Kingdom and Mexico.

Everforth Apex uses a virtual recruiter as part of the application process. Click here for more details. By applying for this job, you agree to receive calls, AI-generated calls, text messages, or emails from Everforth Apex and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy at https://www.apexsystems.com/privacy-policy

Everforth Apex Benefits Overview: Everforth Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Everforth Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Everforth Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Everforth Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our ‘Welcome Packet’ as well, which an Everforth Apex team member can provide.

Everforth Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Everforth Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law.

If you require an accommodation under the Americans with Disabilities Act to participate in an interview with a virtual recruiter or to use our website for a search or application, please contact our Benefits Department at [emailprotected] or 804-523-8228. Please note that this contact information is strictly to be used for medical ADA accommodations and that no other inquiries will be answered.

UnitedHealthcare creates and publishes the Transparency in Coverage Machine-Readable Files on behalf of Everforth Apex Systems.

VEVRAA Federal Contractor.

We request Priority Protected Veteran & Disabled Referrals for all of our locations within the state.

PDN-a1f27200-c30a-45a8-ae81-14a93ed9bf24