Chevron
Website:
chevron.com
Job details:
The Chevron Engineering and Innovation Excellence Center (ENGINE) in Bengaluru India brings together the resources and expertise of the Chevron global network with talent in India to enhance agility and technological innovation to optimize solutions for the world’s current and future energy challenges. As one of the leading energy providers worldwide, Chevron is involved in the production of crude oil and natural gas, manufacturing of transportation fuels, lubricants, petrochemicals, and additives, and the development of enabling technologies.
Chevron's vision is to be the global energy company most admired for its people, partnerships, and performance. With a clear purpose to develop affordable, reliable, ever-cleaner energy that enables human progress, we believe human ingenuity has the power to solve any challenge and overcome any obstacle. Meeting the world’s growing energy needs requires the pursuit of innovations and advancements that deliver a better future for all
Role Summary
The Lead Cloud Engineer – PKI is a senior technical Implementor within Chevron’s Digital Identity – Protection organization, responsible for designing, operating, and modernizing enterprise‑scale Public Key Infrastructure (PKI) and cryptographic services across hybrid and cloud environments. This role ensures secure certificate lifecycle management, key protection, and identity‑driven security controls, enabling zero‑trust adoption, phishing‑resistant authentication, and protection of critical business workloads.
Key Responsibilities
PKI & Certificate Services
- Lead the design, deployment, and lifecycle management of enterprise PKI platforms, including Microsoft ADCS, DigiCert, NDES, and cloud‑integrated certificate services.
- Own certificate lifecycle management solution & process (issuance, renewal, revocation, compliance, and automation) for users, devices, workloads, and applications.
- Manage HSM‑backed key protection and integration with Enterprise Key Management Systems (EKMS) to ensure cryptographic integrity and regulatory compliance.
Cloud & Hybrid Identity Integration
- Integrate PKI with On‑Prem Active Directory and Microsoft Entra ID to support hybrid identity, device trust, and modern authentication flows.
- Enable certificate‑based authentication for cloud workloads, APIs, devices, Wi‑Fi, VPN, and service accounts.
- Partner with cloud engineering teams to ensure PKI alignment with Azure and multi‑cloud security patterns.
Security Engineering & Zero Trust Enablement
- Implement phishing‑resistant authentication using YubiKey / PIV / FIDO2 and certificate‑based identity assurance.
- Support Conditional Access Policies leveraging certificate trust, device posture, and identity risk signals.
- Contribute to Zero Trust maturity, identity secure score improvements, and continuous security posture enhancement.
Privileged Access & Operational Security
- Integrate PKI with Privileged Access Management (PAM) solutions such as Delinea, including credential rotation and secure service account authentication.
- Support Privileged Access Workstations (PAWs) and hardened admin environments using certificate‑based controls.
- Lead break‑glass and recovery scenarios using hardware‑backed keys and secure access patterns.
Automation, Reliability & Operations
- Drive automation using scripting, APIs, and workflow orchestration to eliminate manual PKI operations and reduce operational risk.
- Lead DR exercises, upgrades, renewals, and platform modernization for PKI services.
- Provide L3/L4 engineering support, incident response, and root cause analysis for PKI‑related issues.
Accountability, Ownership & Stakeholder Engagement
- Act as a technical lead engineer and Subject Matter Expert for PKI and cryptographic services within Digital Identity – Protection.
- Collaborate with security architecture, cloud, endpoint, and operations teams across Chevron.
- Mentor engineers and contribute to documentation, standards, and operational excellence.
Experience & Qualifications
- 12-15 years of experience in Identity & Access Management, ADCS, PKI, Security infrastructure engineering
- Proven experience operating large‑scale enterprise PKI environments
- Strong understanding of cryptography, authentication, and trust models
- Experience in oil & gas, energy, or highly regulated enterprises preferred
- Ability to operate in 24x7 global environments with on‑call responsibilities.
What We Can Offer You
Everything we do at Chevron is guided by our values and our commitment to The Chevron Way.
Have the opportunity to take part in world-leading energy projects, advance your professional development and expand your career within an inclusive and collaborative workplace.
- Join a workplace where innovation, collaboration and safety are at the core of how we work.
- Work in thoughtfully designed environments that support focus, well-being, and innovation enhanced by digital tools that enable seamless collaboration.
- Grow through structured learning, mentorship, and opportunities to contribute to impactful projects that align with Chevron’s values and business priorities.
- Access comprehensive benefits that support your health, well-being, and work-life balance.
- Engage with emerging technologies and digital solutions that are shaping the future of energy and enterprise.
How To Apply
To be a part of our success, click
APPLY to submit your application.
Chevron regrets that it is unable to sponsor employment Visas or consider individuals on time-limited Visa status for this position.
Privacy and Terms and Conditions
We respect the privacy of candidates for employment. This Privacy Notice sets forth how we will use the information we obtain when you apply for a position through this career site. If you do not consent to the terms of this Privacy Notice, please do not submit information to us.
Please access the Global Application Statements, select the country where you are applying for employment. By applying, you acknowledge that you have read and agree to the country specific statement.
Terms of Use
“ENGINE” refers to the Chevron Engineering and Innovation Excellence Center, which operates under Chevron Global Technology and Services Private Limited, an affiliate of Chevron Corporation. References to ENGINE in this document are for convenience only and do not denote a separate legal entity.
This job advertisement is intended to provide a general overview of the role and workplace environment. Role details and outcomes may vary based on business needs and individual performance.
Chevron ENGINE supports global operations, supporting business requirements across the world. Accordingly, the work hours for employees will be aligned to support business requirements. The standard work week will be Monday to Friday. Working hours are 8:00am to 5:00pm or 1.30pm to 10.30pm
Click on Apply to know more.