• This is a remote role with some travel required to global offices. • Actively involved with the Laboratory Operations team, QA/RA team, Commercial, legal and R&D teams to generate regulatory plans and strategies for digital pathology products and services. • Maintain and implement the compliance plans to ensure continued compliance for our services and products in North America. • Make submissions for regulatory and accreditation applications for new products/services to project timelines to the applicable regulatory bodies. • Develop, compile and review the technical documentation required for regulatory submissions: USA, Canada. • Support Regulatory Affairs team with UK, EU, Rest of World submissions as needed. • Lead communications and engagement with Notified Bodies, Competent Authorities, and international regulatory authorities. • Coordinate post market surveillance (PMS) activities for products and services. • Write and submit periodic regulatory reports to authorities as required. • Establish, manage and monitor the global regulatory requirements database, keeping the product portfolio in compliance with global regulations. • Keep up to date on changing regulatory requirements and standards including FDA/LDT rule changes, emerging AI regulations, privacy/security regulations etc. • Conduct regulatory gap analyses and impact analysis. • Develop internal and global policies & procedures to ensure continuous compliance with all regulatory requirements. • Assist in maintaining the Regulatory Affairs Intranet site. • Collect and report on compliance metrics as directed by the Regulatory Affairs Manager. • Support other members of the Quality team to incorporate regulatory requirements into the Integrated Management System (IMS). • Review of Change Requests for product & service changes which may impact regulatory and customer filings. • Support employees with regulatory queries, customer audits, regulatory audits and inspections as required. • Perform internal & supplier audits as required. • Develop and deliver company training modules on regulatory processes. • Complete all mandatory company training and job specific training required for the role, including Information Security Management System (ISMS), GLP, DocuSign, SDLC as applicable.

Location Details: United States, Remote At GoDaddy the future of work looks different for each team. Some teams work in the office full-time; others have a hybrid arrangement (they work remotely some days and in the office some days) and some work entirely remotely. This is a remote position, so you’ll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or meetings. This position is not eligible to be performed in Alaska, Mississippi, North Dakota, or the Virgin Islands. Join our team At GoDaddy, we are seeking an exceptional Principal Compliance Engineer - PKI with deep technical expertise to define requirements and guide the evolution of our Certificate Authority (CA) platform. Reporting to GoDaddy's Vice President Engineering Partners, you will translate industry standards into technical requirements, define specifications for compliance automation, and provide technical guidance for next-generation cryptographic systems. This role combines technical leadership with strategic requirements development, focusing on post-quantum cryptography readiness, certificate lifecycle automation, and CA infrastructure resilience. What you'll get to do... Technical Standards & Requirements Leadership - Lead technical representation in the CA/Browser Forum and other industry standards bodies, contributing to protocol specifications and requirements development - Translate CAB Forum requirements into detailed technical specifications and engineering requirements for development teams - Define requirements for automated compliance validation systems and monitoring infrastructure CA Infrastructure & Systems Requirements - Conduct deep-dive technical assessments of CA infrastructure, identifying architectural gaps, security vulnerabilities, and performance bottlenecks - Define technical requirements for the evolution of certificate issuance pipelines, HSM integrations, and cryptographic key management systems - Specify requirements for automated testing frameworks for compliance validation, including CT log integration, OCSP responder infrastructure, and revocation mechanisms - Develop automation scripts for compliance testing and validation processes - Define SLIs/SLOs focused on certificate issuance latency, system availability, and compliance metrics - Document requirements for infrastructure-as-code solutions for CA deployment, disaster recovery, and high-availability architectures Cryptographic Systems & Innovation - Research and define requirements for post-quantum cryptographic algorithms (e.g., ML-KEM, ML-DSA, SLH-DSA) and hybrid certificate chains - Develop migration strategies and technical requirements for transitioning legacy cryptographic systems to next-generation algorithms - Create technical specifications for proof-of-concept implementations for emerging standards (ACME extensions, certificate transparency v2, delegated credentials) - Collaborate with cryptography researchers to evaluate algorithm performance, key sizes, and implementation trade-offs Platform Requirements & Automation - Define the technical requirements roadmap for CA platform capabilities including certificate lifecycle automation, API development, and integration frameworks - Specify requirements for scalable APIs and automation tools for certificate issuance, renewal, and revocation workflows - Document specifications for self-service platforms and tools to reduce manual intervention in certificate operations - Develop automated testing scripts and define requirements for continuous compliance monitoring systems with automated remediation capabilities Technical Collaboration & Documentation - Partner with security engineering teams on threat modeling, secure coding practices, and vulnerability management - Lead architecture reviews and technical design sessions with cross-functional engineering teams, providing requirements and guidance - Establish technical documentation standards and compliance engineering requirements for CA-related systems - Mentor engineers on PKI concepts, cryptographic implementations, and compliance engineering patterns Your experience should include... - 8+ years of hands-on engineering experience in PKI systems, applied cryptography, or security infrastructure with proven technical leadership and strong technical background in languages such as Go, Python, Java, or C++ - Deep expertise in PKI architecture including X.509 certificate structures, ASN.1 encoding, certificate chain validation, HSM operations, and cryptographic primitives - Proven experience translating CA/Browser Forum Baseline Requirements into technical specifications, including controls for key generation, certificate issuance, and audit logging - Systems engineering background with experience in distributed systems, API design, database architecture, and cloud infrastructure (AWS/GCP/Azure) - Strong ability to define requirements for PKI protocols (ACME, Certificate Transparency, OCSP/CRL) and translate compliance requirements into technical specifications, detailed engineering requirements, and test automation scripts You might also have... - - Advanced degree in Computer Science, Cryptography, Mathematics, or Electrical Engineering - Experience researching and evaluating post-quantum cryptographic algorithms (NIST PQC finalists, hybrid modes) - Security certifications such as CISSP, CEH, or specialized cryptography credentials - Experience with security audit processes (WebTrust for CAs, ETSI EN 319 411) from a technical implementation perspective - Contributions to PKI-related projects (Boulder, cert-manager, OpenSSL, BoringSSL, etc.) - Experience defining requirements for high-availability systems design, hardware security modules (HSMs), and secure key ceremony procedures - Knowledge of DevSecOps practices, CI/CD pipelines for security-critical systems, and infrastructure automation (Terraform, Kubernetes, Ansible) - Familiarity with cryptographic libraries (OpenSSL, BoringSSL, PKCS#11) and performance considerations for cryptographic operations - Experience developing test automation scripts for compliance validation We've got your back...  We offer a range of total rewards that may include paid time off, retirement savings (e.g., 401k, pension schemes), bonus/incentive eligibility, equity grants, participation in our employee stock purchase plan, competitive health benefits, and other family-friendly benefits including parental leave. GoDaddy’s benefits vary based on individual role and location and can be reviewed in more detail during the interview process. We also embrace our diverse culture and offer a range of Employee Resource Groups (Culture). Have a side hustle? No problem. We love entrepreneurs! Most importantly, come as you are and make your own way. About us... GoDaddy is empowering everyday entrepreneurs around the world by providing the help and tools to succeed online, making opportunity more inclusive for all. GoDaddy is the place people come to name their idea, build a professional website, attract customers, sell their products and services, and manage their work. Our mission is to give our customers the tools, insights, and people to transform their ideas and personal initiative into success. To learn more about the company, visit About Us. At GoDaddy, we know diverse teams build better products—period. Our people and culture reflect and celebrate that sense of diversity and inclusion in ideas, experiences and perspectives. But we also know that’s not enough to build true equity and belonging in our communities. That’s why we prioritize integrating diversity, equity, inclusion and belonging principles into the core of how we work every day—focusing not only on our employee experience, but also our customer experience and operations. It’s the best way to serve our mission of empowering entrepreneurs everywhere, and making opportunity more inclusive for all. To read more about these commitments, as well as our representation and pay equity data, check out our Diversity and Pay Parity annual report which can be found on our Diversity Careers page. GoDaddy is proud to be an equal opportunity employer. GoDaddy will consider for employment qualified applicants with criminal histories in a manner consistent with local and federal requirements. Refer to our full EEO policy. Our recruiting team is available to assist you in completing your application. If they could be helpful, please reach out to myrecruiter@godaddy.com. Colorado Residents: In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. GoDaddy doesn’t accept unsolicited resumes from recruiters or employment agencies.

• Serve as a subject matter and methodological expert in the implementation and monitoring of federal health programs, especially alternative payment models, and value-based care initiatives. • Provide leadership in designing monitoring frameworks, performance metrics, data collection plans, and analytic strategies for implementation and monitoring contracts. • Contribute to AIR’s technical vision for CMS and CMMI work, helping shape approaches that meet federal expectations for rigor, transparency, and accuracy. • Direct large, complex implementation and monitoring or evaluation projects—or a portfolio of smaller projects—ensuring alignment with federal requirements and high quality delivery, on time and on budget. • Oversee the planning, design, and implementation of project procedures, including monitoring plans, analytic plans, research protocols, monitoring reports, risk summaries, and stakeholder engagement strategies.

• Ensure Licensing & Regulatory Compliance: Partner with the Regulatory team to secure and maintain required licenses and authorizations globally. Ensure operations comply with telecom regulations, license conditions, and spectrum-use requirements. • Translate Requirements into Technical Execution: Convert regulatory obligations (e.g., power limits, spectrum rules), license terms, and commercial SLAs into clear technical specifications for network design, configuration, and monitoring. • Cross-Functional Coordination: Lead routine alignment meetings with Regulatory, Commercial, Engineering, and Operations to review compliance status, upcoming requirements, and potential risks. • Develop Scalable Compliance Processes: Establish repeatable procedures, controls, checklists, and documentation frameworks to support operational readiness and ongoing compliance. • Support Regulatory and Contract Reporting: Assist in preparing compliance reports, filings, monitoring summaries, and partner deliverables. • Risk Identification & Mitigation: Proactively identify compliance risks related to operational changes, new markets, or evolving regulations; work with internal teams to implement corrective actions. • Documentation & Record Keeping: Maintain organized, thorough records of licenses, obligations, communications, commitments, and compliance evidence.