Back to jobs
Lippincott

Certificate Management Automation & Platform Lead

Louisville - West MarketPosted 2 days ago
Full-timeonsite

Job Description

Company:

Marsh

Description:

The Certificate Management Automation & Platform Lead is responsible for defining and executing Marsh’s certificate automation strategy, delivering scalable platforms and integration patterns that minimize manual certificate handling and operational risk. The role drives adoption of automated issuance and renewal using ACME and API-based workflows, embeds certificate controls into CI/CD and Infrastructure-as-Code pipelines, and ensures enterprise standards are consistently enforced through automation guardrails. The lead will explore AI capabilities that can be applied to further streamline certificate management processes and procedures. It covers all certificate types used in Marsh.

Working closely with Security, Platform, Infrastructure and Application teams, the lead integrates and optimizes the Vaults and ecosystems (including CA connectivity, policy enforcement, and lifecycle monitoring), enabling self-service consumption, improved visibility and reporting, and reliable rotation across cloud, on-premises and application environments. The lead partners with technology teams during incidents to consult on and design long-term automation solutions to root causes.

Certificate Management Automation & Platform Lead

We will count on you to:

  • Own the enterprise certificate management automation strategy and roadmap, reducing manual certificate handling and operational risk.

  • Design and deliver automated issuance, renewal, and lifecycle workflows using ACME and API-based patterns across diverse technology stacks.

  • Engineer CI/CD and Infrastructure-as-Code integration patterns, including pipeline templates, reusable modules, and golden paths that enforce certificate standards by default.

  • Operate and continuously improve certificate platforms, including CA connectivity, policy enforcement, onboarding, observability, runbooks, and resilience planning.

  • Partner with Security, Platform, Infrastructure, Application, and vendor teams to drive durable automation, reliability improvements, and continuous innovation, including AI-enabled opportunities.

What you need to have:

  • 7–10+ years of experience in technology with increasing senior-level responsibility.

  • Demonstrated experience building and operating enterprise certificate management automation platforms, ideally with HashiCorp Vault or an equivalent platform.

  • Strong knowledge of ACME, certificate APIs, automated issuance and renewal patterns, and integration approaches for varied application and platform environments.

  • Hands-on experience with automation and integration engineering, such as Python, Go, PowerShell, REST APIs, OAuth2/OIDC, and mTLS.

  • Strong stakeholder management and communication skills, with the ability to work effectively in a federated, cross-functional environment.

What makes you stand out:

  • Experience embedding certificate controls into CI/CD and developer workflows through reusable modules, golden paths, and self-service onboarding.

  • Proven ability to implement policy-as-code guardrails for naming, SANs, key sizes, validity periods, approvals, and segregation of duties.

  • Working knowledge of observability, reliability, and operational management for automation platforms, including dashboards, alerting, SLOs, HA/DR, patching, and auditability.

  • Familiarity with key management and secure key storage integrations, including HSMs, cloud KMS, and secrets management.

  • Experience driving large-scale certificate transitions, reissuance events, or automation improvements using AI to improve efficiency and operating model maturity.

Why join our team:

  • We help you be your best through professional development opportunities, interesting work and supportive leaders.

  • We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities.

  • Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being.

Marsh (NYSE: MRSH) is a global leader in risk, reinsurance and capital, people and investments, and management consulting, advising clients in 130 countries. With annual revenue of over $27 billion and more than 95,000 colleagues, Marsh helps build the confidence to thrive through the power of perspective. For more information, visit corporate.marsh.com, or follow us on LinkedIn and X.

Marsh is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age background, disability, ethnic origin, family duties, gender orientation or expression, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, veteran status (including protected veterans), or any other characteristic protected by applicable law. If you have a need that requires accommodation, please let us know by contacting [email protected].

Marsh is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one “anchor day” per week on which their full team will be together in person.

Certificate Management Automation & Platform Lead at Lippincott | Renata