Public Key Infrastructure Senior Analyst

We have an exciting new opportunity for a Public Key Infrastructure (PKI) Senior Analyst to join the A&O Shearman Belfast office. This role will be pivotal in managing and evolving our enterprise Public Key Infrastructure (PKI) to support secure communications, digital signatures, and identity assurance across our international offices and client-facing platforms. It will also work closely with legal technology teams, compliance, and IT operations to ensure our PKI systems meet the complex regulatory and operational demands of a global legal practice.

Apply today via the link below or contact [email protected] for more information.


About the team

The firm's ability to keep our clients' data secure is a bedrock for our reputation as a trustworthy professional services partner to many of the world's large and prestigious organisations. Information security is not an afterthought; it is core to all that we do, to protect not only our data but that of our clients, and has the unwavering support of the Board.

Led by our new CISO, Yolande Young, the in-house Information Security team is a core part of our technology services structure with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearman's strategy to lead where global complexity creates opportunity.

In addition, you will have the opportunity to share and gain intel from the firm's cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients' cyber risk management and incident response programmes.


What you will do

PKI Tooling & Infrastructure

• Support the design, implementation, and lifecycle management of enterprise PKI infrastructure, including internal and external Certificate Authorities (CAs), Registration Authorities (RAs), and Hardware Security Modules (HSMs).

• Control digital certificates for secure email (S/MIME), document signing, client portals, and internal applications across multiple jurisdictions.

• Collaborate with legal operations and IT teams to integrate PKI into document management systems (e.g., iManage, NetDocuments), secure file transfer platforms, and e-signature workflows.

• Develop and maintain PKI governance policies, procedures, and technical documentation aligned with firm-wide risk management strategies.

• Provide guidance on cryptographic protocols and secure communications to legal professionals, and technical teams.

Security & Compliance

• Ensure compliance for the firm's PKI infrastructure with global data protection and legal industry regulations (e.g., GDPR, UK DPA 2018, HIPAA, ISO27001, eIDAS).

• Conduct regular audits, risk assessments, and incident response activities related to PKI and digital trust.

• Support the Cyber Defence team with incident response activities relevant to the firm's PKI infrastructure.

• Contribute to the promotion of a culture of security awareness and risk mitigation, aligning activities and initiatives relating to PKI infrastructure with broader information security goals.

• Assist in the Governance, Risk, and Compliance (GRC) team in answering any client queries and requests pertaining to PKI infrastructure, where appropriate.

• Stay abreast of emerging cryptographic standards, threats, and technologies relevant to the legal sector.

Documentation & Governance

• Contribute to the development and refinement of the firm's documentation related to the PKI infrastructure, such as policies, procedures, standards, playbooks, and diagrams.

• Maintain accurate records of PKI configurations, incidents, and changes to ensure compliance and to facilitate any audits.

Mentorship and Advocacy

• Mentor and support junior colleagues in supporting and managing the security of the firm's network infrastructure.

• Advocate for information security across the organisation and drive an evolved culture of risk awareness and mitigation.

• Provide any required training and guidance around PKI best practices to wider technology, IT and information security colleagues, alongside other relevant stakeholders within the firm.

What you will have

• Extensive experience in cybersecurity, with significant experience in a PKI-focused role.

• Deep understanding of X.509 certificates, CRLs, OCSP, key lifecycle management, and secure email protocols.

• Experience with enterprise PKI platforms (e.g., Microsoft AD CS, Venafi, DigiCert) and integration with technology stacks.

• Excellent written and verbal communication skills and ability to work collaboratively with colleagues across the firm.

• A willingness to learn and develop both technically and personally in the role.

You will stand out if you bring

• Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field.

• Experience with cloud-based PKI and key management solutions (e.g., Azure Key Vault, AWS ACM).

• Experience with industry-standard security frameworks (e.g. ISO27001/ISO22301).

What we can offer you

We recognise that our people are our most valuable asset, which is reflected in the wide range of benefits that are available to our employees. Some of these benefits include: our occupational pension scheme, group income protection cover, private medical insurance, mental health resources and free apps, health and wellbeing services encompassing GP service, emergency back-up care support, parental and special leave, holiday entitlement increasing with length of service, holiday trading, online discounts and lifestyle management services.

Should you require additional support at any stage of the recruitment process due to a disability or a health condition, please do not hesitate to contact a member of our recruitment team who will work with you to provide any adjustments as required.

We are an equal opportunities recruiter and do not discriminate on the basis of race, colour, sex, religion, sexual orientation, national origin, disability, or any other protected characteristic.

If this role is not of interest we may have another suitable opportunity here for you at A&O Shearman! Visit our careers portal at A&O Shearman Careers and submit your CV to our Talent Network to be notified when the perfect opportunity becomes available.