Security Engineer, Product Security

We are seeking a highly motivated and technically proficient PKI Engineer to become a core member of the Product Security team, a vital component of the broader Security organization at Recorded Future. This critical role is based in our Gothenburg office and will be absolutely instrumental in securing our global cloud infrastructure. The successful candidate will take ownership of the design, development, deployment, and ongoing management of our internal Public Key Infrastructure (PKI), ensuring it meets the highest standards of security, availability, and scalability for all our cloud-native environments. This is a foundational role that directly impacts the security posture of our product and the integrity of our data.

What You’ll Do:

This is a key, hands-on engineering role with a strong emphasis on automation and operational excellence. Your primary responsibilities will include:

• Designing and Implementing Automated Certificate Lifecycle Management (CLM): You will be responsible for developing and maintaining robust, highly automated solutions for the entire certificate lifecycle—from issuance and renewal to revocation and deployment. This includes leveraging tools and scripting to integrate CLM seamlessly with our existing cloud orchestration and configuration management systems.
• PKI Architecture and Governance: You will actively contribute to the architectural evolution of our internal Certificate Authorities (CAs) and related trust stores. You will ensure the PKI design and its operational practices strictly adhere to both Recorded Future's rigorous internal security policies and industry best practices and regulatory requirements (e.g., NIST, ISO 27001).
• Subject Matter Expertise and Consultation: You will serve as the primary Subject Matter Expert (SME) for all things PKI and cryptography across the organization. This involves providing high-level consultation and technical guidance to engineering, platform, and development teams on secure key management, certificate usage, transport layer security (TLS/SSL), and digital signing.
• Operational Support and Troubleshooting: You will troubleshoot and resolve complex, high-impact certificate-related issues across our production and development environments, often requiring deep-dive analysis into network traffic, application logs, and CA infrastructure.
• Security Tooling and Integration: Research, evaluate, and integrate modern security tooling related to PKI, hardware security modules (HSMs), and secrets management to enhance the security and efficiency of our operations.
• Platform Security Team Participation: In addition to core PKI duties, this role involves active participation in the Platform Security team's daily operations, including participating in on-call rotations, security incident response activities, and broader platform-related security projects. This collaboration ensures a cohesive and secure platform foundation.

What You’ll Bring:

• 3+ years of proven relevant professional experience
• Strong foundational knowledge of computer security principles
• In-depth knowledge in PKI concepts, protocols (e.g., OCSP, CRL, SCEP, EST), and certificate management
• Demonstrated experience with cloud-based PKI services, such as AWS Certificate Manager (ACM)
• Experience working with HashiCorp Vault is a plus
• A proactive and enthusiastic approach to learning new technologies
• Strong communication skills
• A background in coding/scripting is a plus