Chevron is accepting online applications for the Lead Cloud Engineer – PKI position through June 23, 2026 at 11:59 p.m. (Central Time).

Overview

This is a senior hands-on engineering role within Chevron’s Digital Identity organization responsible for designing, operating, and modernizing enterprise-scale Public Key Infrastructure (PKI) and cryptographic services across cloud and hybrid environments. The role enables secure certificate lifecycle management, key protection, and identity-driven security controls, supporting Zero Trust adoption, phishing-resistant authentication, and protection of critical business workloads.

Responsibilities for this position may include but are not limited to:

• PKI & Certificate Services

• Design, deploy, and manage enterprise PKI platforms (Microsoft ADCS, DigiCert, NDES, cloud-integrated services)
• Own certificate lifecycle management (issuance, renewal, revocation, compliance, automation)
• Implement post-quantum cryptography capabilities aligned to business and regulatory requirements
• Manage HSM-backed key protection and integration with key management systems

• Cloud & Hybrid Identity Integration

• Integrate PKI with Active Directory and Microsoft Entra ID for hybrid identity scenarios
• Enable certificate-based authentication for workloads, APIs, devices, VPN, and service accounts
• Align PKI services with Azure and multi-cloud security architectures

• Security Engineering & Zero Trust

• Implement phishing-resistant authentication using FIDO2, PIV, and certificate-based methods
• Support Conditional Access policies leveraging identity, device posture, and risk signals
• Advance Zero Trust maturity and continuous security posture improvement

• Privileged Access & Operational Security

• Integrate PKI with PAM solutions (e.g., Delinea) for secure service account authentication
• Support privileged access workstations and hardened admin environments
• Lead break-glass and recovery scenarios using secure access controls

• Automation, Reliability & Operations

• Drive automation using scripting, APIs, and orchestration to reduce manual processes
• Lead disaster recovery exercises, upgrades, and PKI platform modernization
• Provide advanced engineering support, incident response, and root cause analysis

• Leadership & Stakeholder Engagement

• Serve as a PKI subject matter expert within Digital Identity – Protection
• Collaborate across security, cloud, and operations teams
• Mentor engineers and contribute to standards and operational excellence

Required Qualifications

• Bachelor’s degree in Computer Science, Information Security, Engineering, or related field (or equivalent experience)
• 12–15 years in Identity & Access Management, PKI, or security infrastructure engineering
• Proven experience operating large-scale enterprise PKI environments
• Strong understanding of cryptography, authentication, and trust models
• Hands-on expertise with PKI platforms, HSM, key management, automation, Active Directory, and Microsoft Entra ID

Preferred Qualifications

• Industry certifications in security or cloud (e.g., CISSP, Azure Security)
• Experience in regulated industries such as oil & gas or energy
• Knowledge of Zero Trust architecture, Conditional Access, and identity security engineering
• Familiarity with ITIL and operational processes in regulated environments

Relocation Options

Relocation will not be considered.

International Considerations

Expatriate assignments will not be considered.

Chevron regrets that it is unable to sponsor employment Visas or consider individuals on time-limited Visa status for this position.

Houston, Texas

U.S. Regulatory Notice

Chevron is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, genetic information, age, disability, Veteran status, or other characteristics protected by applicable law.

We are committed to providing reasonable accommodations for qualified individuals with disabilities. If you need assistance or an accommodation, please email us at emplymnt@chevron.com.

Chevron participates in E-Verify in certain locations as required by law.

Privacy Terms and Conditions

We respect the privacy of candidates for employment. This Privacy Notice sets forth how we will use the information we obtain when you apply for a position through this career site. If you do not consent to the terms of this Privacy Notice, please do not submit information to us.

Please access the Global Application Statements, select the country where you are applying for employment. By applying, you acknowledge that you have read and agree to the country specific statement.

Terms of Use