Cybersecurity Consultant

Who We AreAt Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities.The RoleProfiles with strong expertise in PKI and cryptography, with proven knowledge in Certificate Lifecycle Management (CLM) and PKI architecture/operations (issuance policies, key protection, CRL/OCSP, governance and auditability). Comfortable leading certificate inventory and ownership models, driving renewal/rotation automation, and integrating CLM/PKI capabilities with enterprise platforms and applications to reduce expiry-related incidents and strengthen security and compliance in hybrid and cloud environments.Nice to have: experience in data discovery and classification, encryption strategy, tokenization/FPE, DLP and DSPM, aligning data protection controls with regulatory requirements and data governance practices.Who You AreProfiles with strong expertise in PKI and cryptography, with proven knowledge in Certificate Lifecycle Management (CLM) and PKI architecture/operations (issuance policies, key protection, CRL/OCSP, governance and auditability). Comfortable leading certificate inventory and ownership models, driving renewal/rotation automation, and integrating CLM/PKI capabilities with enterprise platforms and applications to reduce expiry-related incidents and strengthen security and compliance in hybrid and cloud environments.Nice to have: experience in data discovery and classification, encryption strategy, tokenization/FPE, DLP and DSPM, aligning data protection controls with regulatory requirements and data governance practices.EDUCATION AND CERTIFICATIONSBachelor's or Master's degree in Computer Engineering, Cybersecurity, or Telecommunications.EXPERIENCE3+ year in cybersecurity servicesLANGUAGESSpanish and English (B2 level or higher)SKILLS AND KNOWLEDGEPKI / CLM Expertise (must-have): strong knowledge of PKI concepts and operations (Root/Sub CA design, certificate profiles/templates, issuance policies, CRL/AIA, OCSP, key ceremony basics, separation of duties), plus end-to-end Certificate Lifecycle Management (discovery, inventory, ownership, renewal/rotation, revocation, retirement).Cryptography fundamentals applied to enterprise: practical understanding of symmetric/asymmetric crypto, hashing/signing, TLS/mTLS, key protection and lifecycle (generation, storage, rotation, compromise handling), and how these choices impact security, availability and compliance.Hybrid & cloud delivery: experience working across on-prem and cloud environments, integrating certificate services with infrastructure (load balancers, web servers, API gateways), identity components, and application pipelines. Automation mindset: ability to design and implement automation for certificate issuance and renewals (e.g., API-driven workflows, integrations with CMDB/ITSM, and protocols such as ACME/SCEP/EST when applicable).Troubleshooting & incident handling: strong skills diagnosing certificate/TLS issues (expiry, trust chain, name mismatch, handshake failures), managing revocations/compromises, and executing remediation at pace with minimal service impact.(Nice to have) Data protection controls: exposure to data discovery/classification, DLP, DSPM, encryption strategy, and tokenization/FPE-especially where they intersect with key management and certificate governance.KEY RESPONSIBILITIESOwn PKI/CLM solution delivery: lead the assessment, design and implementation of PKI and CLM capabilities, from current-state review to target architecture and operational model.Certificate inventory & governance: build/maintain a complete certificate inventory (where they live, what they protect, owners, expiry, criticality), define ownership and stewardship, and establish governance processes and policy standards.Automation & integration: implement certificate lifecycle automation (request/approval, issuance, deployment, renewal/rotation, revocation), integrating CLM/PKI with enterprise platforms (load balancers, web/app servers, container platforms, API gateways, CI/CD pipelines, CMDB/ITSM, IAM).Being YouDiversity is a whole lot more than what we look like or where we come from, it's how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we're not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That's the Kyndryl Way.What You Can ExpectWith state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed.Get Referred! If you know someone that works at Kyndryl, when asked 'How Did You Hear About Us' during the application process, select 'Employee Referral' and enter your contact's Kyndryl email address. Apply tot his job Apply To this Job