Prin IT Technologist
On-site · Pune, Maharashtra, India
Job Summary
DNS & PKI Engineer responsible for the design, implementation, automation, and operational support of enterprise DNS and certificate services. This role covers authoritative/recursive DNS, Infoblox DDI, DNS security controls (DNSSEC, RPZ), Cloudflare integration for DNS/CDN/SSL/TLS/WAF, and certificate lifecycle management (internal CAs, public CA integration, ACME automation). You will design and operate PKI solutions, manage certificate issuance/renewal/revocation, automate certificate lifecycle, deploy SSL/TLS certificates for web apps and infrastructure, enable mutual TLS where applicable, and ensure alignment with security policies. The position requires automation and IaC development (Terraform, API integrations with Infoblox/Cloudflare/DigiCert), monitoring and alerting for DNS health and certificate expirations, and L3 support with on-call rotation in a hybrid cloud environment. The role emphasizes hybrid DNS architectures, automation, and secure, highly available name resolution and certificate services in on-prem and Cloudflare edge contexts.
Required Qualifications
- 5+ years of hands-on experience in DNS engineering (enterprise-scale)
- PKI / certificate lifecycle management
- Strong experience with Infoblox (DDI platform administration, NIOS)
- DigiCert (certificate issuance, automation, APIs)
- Cloudflare (DNS, CDN, SSL/TLS, WAF)
- Domain registrar management experience
- Deep understanding of DNS protocols and architecture
- TCP/IP networking fundamentals
- SSL/TLS handshake and certificate chains
- Experience troubleshooting DNS resolution failures
- Certificate trust and validation issues
- Scripting/automation experience (PowerShell, Python, or similar)
- Preferred: Hybrid cloud environments (Azure/AWS)
- Microsoft Entra ID / Active Directory integration
- Familiarity with Certificate automation tooling
- Zero Trust architecture
- Infrastructure-as-Code experience (Terraform)
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.