Certificate Management Operations Lead
Marsh McLennan
The Certificate Management Operations Lead is responsible for overseeing the day-to-day execution of certificate lifecycle activities across Marsh for all certificate types used in the organization. This role partners with Certificate Management Office (CMO) leaders, application, infrastructure, and security teams to ensure certificates are issued, renewed, revoked, and replaced accurately and on time, in line with established processes and governance. The lead owns certificate inventory and status records, manages upcoming expirations, and proactively drives remediation with the appropriate teams to prevent service disruption. The role also manages and oversees certificate-related incidents (including urgent renewals and revocations), providing clear communication, overseeing actions through to closure, and ensuring timely, auditable completion of all lifecycle tasks.
We will count on you to:
- Manage certificate requests, issuance, renewals, replacements, and revocations across internal and external Certificate Authorities.
- Oversee certificate inventory, lifecycle status, and upcoming expirations to ensure full visibility and prevent service disruption.
- Lead certificate-related incident response, emergency break-fix activities, deployment verification, and post-change validation in partnership with technical teams.
- Produce operational reporting, maintain runbooks and standard request artifacts, and support audit/compliance evidence requirements.
- Partner with automation and platform leaders to identify and support opportunities for process improvement, tooling integration, and reduced manual effort.
- Identify and remediate unknown or unowned certificates to ensure all certificates are properly inventoried and actively managed.
What you need to have:
- 7-10+ years of experience in technology with progressively senior responsibilities.
- Demonstrated experience supporting certificate lifecycle operations in an enterprise environment.
- Working knowledge of PKI and X.509 certificates, including TLS/SSL basics, certificate chains/intermediates, and common keystore formats such as PEM, PFX, and JKS.
- Familiarity with certificate management platforms and workflows such as Venafi, DigiCert/Sectigo, Microsoft AD CS, or ACME-based issuance.
Don't want to miss the next one?
Subscribe to daily email alerts for roles matching your interests.