As a Solution Engineer for Next-Gen Trust Security (NGTS), you are the premier technical subject matter expert for our company's Machine Identity Management portfolio. Following our integration with CyberArk, you will lead the technical charge in transforming how enterprises manage cryptographic trust.
You will be responsible for defining technical solutions that secure critical business imperatives, evangelizing our "better together" integration of Certificate Lifecycle Management (CLM) and Zero-Touch Public Key Infrastructure (ZTPKI) within the Strata Cloud Manager (SCM) platform. You will serve as the technical bridge between the Network Security teams and Identity stakeholders, ensuring that enforcement systems (NGFW/SASE) stay synchronized as certificate lifecycles compress.
Your Impact
Technical Win Leadership: Lead Proof of Value (PoV) engagements and technical validations for NGTS, ensuring a high technical win rate by demonstrating operational resilience and outage elimination.
Solution Architecture: Design unified cryptographic governance models within Strata Cloud Manager that align certificate operations with network enforcement.
Strategic Execution: Identify critical projects and actions required to achieve a customer's desired security end-state; eliminate sales obstacles through creative and adaptive problem-solving.
Market Evangelism: Act as a thought leader on the "Cryptographic Reset," educating CISOs and VP-level stakeholders on the risks of 47-day certificate lifecycles and the path to Post-Quantum Cryptography (PQC).
Product Advocacy: Share industry experience regarding customer usage patterns to provide feedback to product teams on how to make NGTS/MIM easier for customers to adopt fully.
Strategic Discovery: Conduct deep-dive discovery sessions to uncover unmanaged or "rogue" certificates using network-native discovery tools.
Cross-Functional Collaboration: Partner with Solutions Consultants (SCs), Account Managers, and the CyberArk MIM Specialist team to build and execute account-based pursuit strategies.
Platformization: Drive the adoption of Secure Flex credits by showing customers how to consolidate siloed CLM/PKI tools into a centralized control plane.
Requirements: Your Experience:
Professional Background: 5+ years of Sales Engineering or Consulting experience with a proven track record in a cybersecurity software vendor.
Deep Domain Expertise: Extensive experience in Certificate Lifecycle Management (CLM), PKI architecture (ZTPKI, Microsoft ADCS), and SSL/TLS protocols.
Technical Proficiency: Experience with automated provisioning (ACME, SCEP), Cloud-native connectors (Azure, GCP, AWS), and hardware/virtual security appliances.
DevOps & Modern Infrastructure: Hands-on experience with DevOps tools (Terraform, Git, Kubernetes, Ansible) and container technologies (Docker) is a significant benefit.
Network Security Foundation: Strong understanding of NGFW, SASE, and GlobalProtect architectures, particularly how they handle decryption, inspection, and certificate-based authentication.
Consultative Selling: Proven ability to simplify complex cryptographic concepts into business-value outcomes (e.g., preventing service outages).
Communication: Excellent written communication skills; bilingual proficiency in German is a requirement for this role.
Education & Certification: CISSP or equivalent Information Security certifications are preferred.
Technical Qualifications (Must-Haves)
PKI & Certificate Governance: Comprehensive knowledge of Public Key Infrastructure, including certificate authorities, lifecycle management, and trust models.
Cryptography Fundamentals: Deep understanding of symmetric and asymmetric encryption, key management, and cryptographic standards.
Network Protocols: Mastery of TLS/SSL handshakes, S/MIME, and secure communication protocols.
This position is open to all candidates.