David Wozny - PKI Bloke (Retired)

I said I wouldn't post my CV on this web-site, and I won't...

... but here's a flavour of what it might contain

  • Public Key Infrastructure (PKI) expertise on Active Directory Certificate Services (ADCS), experienced with Entrust Datacard and Verizon UniCERT products

  • Hardware Security Module (HSM) expertise with Thales / nCipher products, experienced with Gemalto / SafeNet products

  • Very strong smart card skills with Intercede MyID, HID ActivID (formerly ActivIdentity CMS) and Microsoft FIM CM products

  • Extensive Windows Server and Active Directory (AD) experience

  • Wi-Fi network security expertise with WPA2 and EAP-TLS

  • Expertise in two factor authentication with smart cards and experience of RSA SecurID

  • Key Signing Ceremony (KSC) directing and document authoring expertise

  • Led / delivered PKI solutions for the UK military, national / local government institutions, FTSE100 businesses and European banks

  • Developed solutions incorporating 'managed PKI services', such as Symmantec (formerly VeriSign) managed PKI

  • Delivered PKI solutions involving CheckPoint firewalls, F5 load balancers, Cisco VPNs, Oracle databases, X.500 directories, Java code signing and AirWatch MDM

  • Technical authoring expertise at all levels of design and engineering, including writing vendor white papers - see PKI White Papers

  • Substantial experience of delivering PKI subject matter presentations, such as for Microsoft at TechEd EMEA in Barcelona - see PKI Presentation

  • Authored Certification Practice Statement (CPS) and Certificate Policy (CP) documents - I am familiar with the ‘policy / governance’ documents which typically accompany PKI solutions

  • Authored tScheme approval profiles for applicants successful in gaining tScheme approved PKI service

  • IT project management and IT department management experience

  • Very good at explaining technical matters to a non-technical audience, e.g. stakeholders

  • Amazon Web Services (AWS) solutions architect trained


  • UK Government Security Check (SC) cleared until 22nd July 2022

  • Disclosure Scotland (Basic) issued on 26th June 2018


  • BEng (Hons) Computer-Aided Engineering (First Class)
  • Microsoft Certified Systems Engineer (MCSE)
  • Certified Information Systems Security Professional (CISSP)

My favourite professional quote: "CAs are easy - PKI is hard"