Summary
Overview
Work History
Education
Skills
Websites
Certification
Languages
Hobbies and Interests
Personal Information
Timeline
Generic

Soumitra Kannao

Pune

Summary

Accomplished PKI Architect with 9.7 years of experience in designing, implementing, and managing Public Key Infrastructure (PKI) solutions. Expertise in Microsoft PKI, CLM tools such as AppViewX and Keyfactor, and a certified Keyfactor Command Admin. Proficient in EJBCA application and skilled in managing Luna HSM environments. Possess deep knowledge of Post-Quantum Cryptography (PQC) standards, including designing Crypto Agility frameworks, and understanding emerging threats and mitigation techniques like ML-DSA and ML-KEM algorithms. Demonstrated ability to craft Statements of Work (SOWs) based on RFPs and deliver comprehensive projects, including PKI assessments, Crypto assessments (CBOM), PKI and CLM implementations, and CLM automation. Proven ability to align PKI solutions with organizational and security requirements. Experienced in creating robust cryptographic infrastructures to meet modern compliance and security standards.

Overview

10
10
years of professional experience
1
1
Certification

Work History

PKI Architect

HCLTech
Pune
09.2024 - Current
  • Operated in capacity of PKI architect for Data Security Practice team.
  • Developed foundational framework for PQC implementation.
  • Created framework enabling enhanced crypto agility.
  • Leveraged tools like AppviewX, Keyfactor, and Venafi to streamline certificate agility processes.
  • Developed proof of concept for hybrid certificate implementation.
  • Monitored evolving frameworks such as NIST, GDPR, HIPAA, and IETF for updates like ML-DSA, ML-KEM.
  • Directed design and execution of PKI implementation, assessment tasks, and security automation workflows.
  • Deployed Microsoft Public Key Infrastructure in cluster configuration.
  • Implemented EJBCA to facilitate certificate enrolment.
  • Integrated various certification authorities with CLM Keyfactor and Appviewx by coordinating with vendors.
  • Developed automation workflows enabling certificate provisioning via CLM.

PKI Design and Implementation Engineer

DXC Technologies
Remote
09.2023 - 09.2024
  • Designed and implemented PKI solutions to enhance security frameworks.
  • Crafted customized PKI infrastructure according to set prerequisites.
  • Executed implementation strategies for secure and efficient certificate management systems.
  • Automated Certificate Lifecycle management systems for both cloud-based and on-premises environments.
  • Handled HSM Luna A790 and Azure Dedicated HSM.
  • Managed external CA such as DigiCert, Sectigo, CSC, and Go Daddy.
  • Conducted integration of internal and external CA with CLM tools including AppviewX and Keyfactor.
  • Implemented and maintained PKI components like MS ADCS, OCSP, HSMs, Smartcards, CRLs, and certificate templates.

PKI Architect

Accenture
Pune
11.2021 - 09.2023
  • Functioned in the role of PKI architect.
  • Created secure Public Key Infrastructure aligning with specified needs.
  • Streamlined certificate handling by implementing automated lifecycle management for both cloud and on-prem solutions.
  • Leveraged DigiCert APIs with PowerShell and MS Graph API to automate certificate processes.
  • Utilized HSM solutions for secure key storage and Certificate Authority integration.
  • Managed external certification authorities like DigiCert and Sectigo.
  • Conducting comprehensive analysis of associated APIs for integration.
  • Worked on all PKI aspects including MS ADCS, OCSP, HSM, Smartcards, CRL, certificate template designing, NDES, TLS vulnerability and TLS communication

PKI and AD Consultant

Capgemini
Pune
07.2020 - 11.2021
  • Provided expert consultation on AD and PKI solutions to diverse accounts.
  • Provided expertise for setting up Microsoft AD and PKI systems initially.
  • Managed external certificate authority relationships, including Sectigo, CSC, Digicert, Go Daddy.
  • Resolved AD-related challenges, including replication and cross-forest implementations.
  • Engaged with a range of resources such as Azure Key Vault, Sectigo, as well as Venafi.

Technical Support Specialist

Veritas
Pune
03.2019 - 07.2020
  • Working on Veritas Enterprise Vault Archiving, Journaling, Indexing, SMTP Archiving, File System Archiving, Discovery and Compliance Accelerator Searches, Exports and Legal Holds and eDiscovery Issues
  • Handling issues related to the Active directory, identity management, SSO for the infrastructures as a perspective of the product
  • Working on certificate related issues bases on the requirement of building up SSL connectivity, assigning the cryptography requirements and algorithms
  • In depth AD account management maintaining GPO, UAC, Anti-Virus rules and Firewall rules
  • Working on Azure AD for the user management and configuring identity management and SSO
  • Dealing with installation of the servers and the OS required for the product specific enhancement in the customer environment

Technical Support Engineer

Convergys (Microsoft Premier Support Engineer)
Pune
09.2017 - 03.2019
  • Worked as a part of an elite technical team in Microsoft EPS project (Premier Support Engineer)
  • Contributed in installing, configuring, troubleshooting and monitoring core infrastructure components, such as Active Directory, Active Directory Certificate Services, DNS, DHCP, File and Storage services, Group Policy, driving domain migration projects, AD backup and restore, disaster recovery
  • Majorly worked as a PKI SME, handling responsibilities of certificate management, MS ADCS, eradicating the vulnerabilities presented in vulnerability scanner
  • Participating in calls and remote troubleshooting sessions, study the client environment and delivering solutions as per best practices recommended by Microsoft
  • Delivering triages to the rest of the team members for knowledge transfer
  • ADCS database corruption and CRL missing issues.
  • MS PKI failure issue (restoration and integrations).
  • MS PKI certificate enrollment failures.
  • Mitigating certificate-based vulnerabilities.
  • Migrated SHA-1 PKI to SHA-2.
  • Designed templates for MS PKI for customized use cases.
  • Key mismatch issued related to certificates.
  • Inter-domain and cross-forest PKI implementation.
  • Kerberos authentication, encryption, delegation, KCD, and double-hop issues.
  • Designing, implementing, and troubleshooting multi-tier PKI environments.
  • CRL publication, revocation checks, issues.
  • LDAP over SSL.
  • Driving CA server migrations.
  • NDES deployment.
  • Deployment of Web Enrollment.
  • Creation of CA Policy files.

Sr. Associate Technical Support

Techmahindra Ltd.
Pune
06.2015 - 09.2017
  • Providing Infrastructure L1 service in Active Directory support
  • Managing and preserving the network stability with the help of the tools like Splunk, Tivoli and Cisco Prime
  • Changes in the DNS like managing A- record, C-record and PTR with the help of tool Infoblox
  • Design an IP addressing scheme to meet design requirement
  • Troubleshooting the network issue reported through the received incidents
  • Carrying out incident management as per the ITIL Incident Management Life Cycle
  • Acting as bridge between client and troubleshooting network team for P1 and P2 issues

Education

Bachelor’s degree - Electronics and telecommunications

Sipna COET
Amravati
01.2014

Higher Secondary Education -

Rural independent Jr. College
Amravati
01.2010

Secondary Education -

Golden Kids English high school
Amravati
01.2008

Skills

  • Public Key Infrastructure (PKI)
  • Cryptography
  • Microsoft PKI
  • Certificate Lifecycle Management (CLM)
  • AppviewX
  • Keyfactor
  • Post-Quantum Cryptography (PQC)
  • IBM Guardium Quantum Safe
  • Active Directory (AD)
  • Luna Thales HSM
  • Key management
  • PowerShell Scripting
  • Azure Security
  • Compliance and Standards
  • Tools and Applications
  • Client management
  • SOW creations
  • Data Security Pre-Sales

Websites

Certification

  • Practical Introduction to Quantum Cryptography by IBM
  • Keyfactor Command Core Certified Professional
  • AppviewX CERT+
  • AZ500: Microsoft Certified: Azure Security Engineer Associate
  • AZ104: Microsoft Certified: Azure Administrator Associate
  • MCSE: Implementing Microsoft Azure Infrastructure Solutions
  • MCSA: Administering Windows Server 2012
  • Exam 412: Configuring Advanced Windows Server 2012 Services
  • Exam 410: Installing and Configuring Windows Server 2012
  • ITIL V3 Foundation
  • CCNA from Seed Infotech Pune 2014

Languages

Marathi
First Language
English
Proficient (C2)
C2
Hindi
Intermediate (B1)
B1
German
Beginner
A1

Hobbies and Interests

  • Reading fictional novels
  • House architecture and Home Interior aesthetics
  • Travelling but leisure
  • Exploring new food
  • Reading blogs

Personal Information

Date of Birth: 05/30/92

Timeline

PKI Architect

HCLTech
09.2024 - Current

PKI Design and Implementation Engineer

DXC Technologies
09.2023 - 09.2024

PKI Architect

Accenture
11.2021 - 09.2023

PKI and AD Consultant

Capgemini
07.2020 - 11.2021

Technical Support Specialist

Veritas
03.2019 - 07.2020

Technical Support Engineer

Convergys (Microsoft Premier Support Engineer)
09.2017 - 03.2019

Sr. Associate Technical Support

Techmahindra Ltd.
06.2015 - 09.2017

Bachelor’s degree - Electronics and telecommunications

Sipna COET

Higher Secondary Education -

Rural independent Jr. College

Secondary Education -

Golden Kids English high school

Similar Profiles

CREATE PROFILE
Soumitra Kannao