Jordan Akroyd

Senior Technical Specialist

Wellington, New Zealand job@jordinary.me jordinary.me LinkedIn GitHub

Summary

Senior Technical Specialist with 10+ years of experience designing, operating, and securing PKI and HSM infrastructure for critical government and financial environments. Previously held a Top-Secret security clearance. Expert in certificate lifecycle management, cryptographic hardware integration, and driving multi-million dollar infrastructure modernizations. Recognized for technical leadership in post-quantum cryptography (PQC) and complex security remediations.

Specializations

PKI / Certificate Lifecycle ManagementHSM Integration (General Purpose & Payment)Infrastructure & Platform EngineeringSecurity Engineering & Compliance (NZISM/ISO 27001/CPS234/NIST SP 800-53 and SP 800-57)DevOps & Automation

Experience

Senior Technical Specialist

Bank of New Zealand (BNZ) · Wellington/Remote, NZ

Aug 2022 — Present

Rearchitected enterprise PKI solution to a modern, simplified stack, resulting in $500,000 annual licensing savings.
Modernized HSM infrastructure by deploying Thales Luna Network and Offline units, implementing redundant configurations for CyberArk and Entrust to eliminate single points of failure and significantly reduce service outages.
Acted as the primary stakeholder for cryptographic security, leading cross-bank initiatives for the deprecation of client auth from TLS web CAs.
Spearheaded initiatives to remediate legacy protocols (RC4, weak TLS ciphers) across the organizational footprint.
Received a 'Chevron' award, BNZs main and most prestigious award for my ability to 'Own it'.
Maintained and secured core infrastructure including Active Directory, DNS, and Entra ID/Azure environments.

Luna HSMThales PayShieldTerraformAnsibleEntra IDVenafiCyberArkADCSDigiCertIntune

Digital Identity & Security Consultant

Cogito Group Pty Ltd · Wellington, NZ

Apr 2020 — Aug 2022

Designed and deployed on-premise PKI and physical infrastructure (servers, firewalls, switches) for high-security clients.
Authored high-level (HLD) and detailed design (LLD) documentation and as-built guides for enterprise security solutions.
Conducted PKI signing ceremonies under government oversight, ensuring strict adherence to NZISM and ISO 27001 standards.
Managed internal corporate and production infrastructure, including vulnerability scanning and disaster recovery execution.
Led technical interviews and candidate screening to scale the engineering team.

EJBCAPalo AltoJuniperSonicWallQCT/Cisco/Dell SwitchesWindows ServerLinuxJellyfishADCSEntrust

DevOps Engineer

Cogito Group Pty Ltd · Wellington, NZ

Aug 2019 — Apr 2020

Contributed core code to flagship software applications and integrated them with SIEM, monitoring, and PKI components.
Operated and maintained full-stack networking, storage, and server equipment.
Provided tier-3 on-call technical support for critical client infrastructure.

PythonGoDockerMonitoring/SIEM Integration

Technical Support Analyst

Ministry of Business, Innovation and Employment (MBIE) · Wellington, NZ

Mar 2019 — Aug 2019

Provided specialized technical support for the Energy and Resource markets team.

Skills

PKI & Cryptography

EJBCA · HashiCorp Vault · X.509 / TLS / mTLS · PKCS#11 · HSM (Luna, PayShield, nCipher) · Venafi · DigiCert · Entrust · AWS Private CA · ADCS

Infrastructure & Security

Terraform · Ansible · Docker · Octopus Deploy · Active Directory / DNS · Windows Server · Linux · CyberArk · Cloudflare

Languages

Go · Python · Bash · PowerShell

Cloud & Identity

Azure · AWS · Entra ID · Intune · Google Cloud

Observability & Defense

Splunk · Prometheus · Grafana · Nagios · Microsoft Defender for Identity

Education

Bachelor of Science — Computer Science

University of Waikato · 2018

Certifications

PRINCE2® Project Management

AXELOS · 2022