JOBSEARCHER

Cloud Engineer

ChevronHouston, TXJune 17th, 2026
Chevron is accepting online applications for the Lead Cloud Engineer – PKI position through June 23, 2026 at 11:59 p.m. (Central Time).OverviewThis is a senior hands-on engineering role within Chevron’s Digital Identity organization responsible for designing, operating, and modernizing enterprise-scale Public Key Infrastructure (PKI) and cryptographic services across cloud and hybrid environments. The role enables secure certificate lifecycle management, key protection, and identity-driven security controls, supporting Zero Trust adoption, phishing-resistant authentication, and protection of critical business workloads.Responsibilities for this position may include but are not limited to:PKI & Certificate ServicesDesign, deploy, and manage enterprise PKI platforms (Microsoft ADCS, DigiCert, NDES, cloud-integrated services)Own certificate lifecycle management (issuance, renewal, revocation, compliance, automation)Implement post-quantum cryptography capabilities aligned to business and regulatory requirementsManage HSM-backed key protection and integration with key management systemsCloud & Hybrid Identity IntegrationIntegrate PKI with Active Directory and Microsoft Entra ID for hybrid identity scenariosEnable certificate-based authentication for workloads, APIs, devices, VPN, and service accountsAlign PKI services with Azure and multi-cloud security architecturesSecurity Engineering & Zero TrustImplement phishing-resistant authentication using FIDO2, PIV, and certificate-based methodsSupport Conditional Access policies leveraging identity, device posture, and risk signalsAdvance Zero Trust maturity and continuous security posture improvementPrivileged Access & Operational SecurityIntegrate PKI with PAM solutions (e.g., Delinea) for secure service account authenticationSupport privileged access workstations and hardened admin environmentsLead break-glass and recovery scenarios using secure access controlsAutomation, Reliability & OperationsDrive automation using scripting, APIs, and orchestration to reduce manual processesLead disaster recovery exercises, upgrades, and PKI platform modernizationProvide advanced engineering support, incident response, and root cause analysisLeadership & Stakeholder EngagementServe as a PKI subject matter expert within Digital Identity – ProtectionCollaborate across security, cloud, and operations teamsMentor engineers and contribute to standards and operational excellenceRequired QualificationsBachelor’s degree in Computer Science, Information Security, Engineering, or related field (or equivalent experience)12–15 years in Identity & Access Management, PKI, or security infrastructure engineeringProven experience operating large-scale enterprise PKI environmentsStrong understanding of cryptography, authentication, and trust modelsHands-on expertise with PKI platforms, HSM, key management, automation, Active Directory, and Microsoft Entra IDPreferred QualificationsIndustry certifications in security or cloud (e.g., CISSP, Azure Security)Experience in regulated industries such as oil & gas or energyKnowledge of Zero Trust architecture, Conditional Access, and identity security engineeringFamiliarity with ITIL and operational processes in regulated environmentsRelocation OptionsRelocation will not be considered.International ConsiderationsExpatriate assignments will not be considered.Chevron regrets that it is unable to sponsor employment Visas or consider individuals on time-limited Visa status for this position.