Cryptographic Engineer

Duration: 12 months contract- Hybrid

The Cryptographic Engineer will be responsible for designing, implementing, and maintaining the key management system used to protect sensitive data within the bank. This role involves ensuring the secure generation, storage, distribution, and rotation of cryptographic keys in compliance with NIST and industry standards following all the best practices. Ability to produce detailed architectural diagrams and technical documentation from business/technical requirements.

Develop and implement key management solution based on security policies and procedures to achieve secure key lifecycle management

Oversight of the generation, distribution, and secure storage of cryptographic keys, ensuring they are held in accordance to the highest security protocols

Build, maintain and monitor highly resilient, redundant and secure key management systems

Ensure compliance with internal standards, procedures and regulatory requirements related to key management. Participate in security audits and assessments

Available to respond to security incidents involving the compromise or corruption of cryptographic key scenarios. Devise, implement and document corrective actions to prevent future incidents. Familiarity of Incident and Problem Management systems like Remedy or ServiceNow

Work closely with clients, partners, vendors and security teams to integrate key management practices into broader security initiatives. Provide guidance and support on cryptographic practices. Collaborate with operations and other cross-functional teams to implement automated workflows for key lifecycle management

Maintain comprehensive documentation of key management processes, configurations, and incident responses

Conduct training sessions and awareness programs for employees on best practices in key management and cryptographic security. Stay up-to-date with industry trends and emerging technologies related to key management and cryptographic standards.

Proficiency in key management systems and tools (e.g., HSMs, KMS, PKI)

Strong understanding of cryptographic algorithms and protocols

Experience with security standards and frameworks (e.g., NIST, ISO 27001, PCI DSS)

Familiarity with cloud-based key management services (e.g., AWS KMS, Azure Key Vault)

Primary Skill

Linux

Required Qualifications

Proficiency in Linux and Windows operating systems

Strong experience with automation using Perl, python or PowerShell

Familiarity with cloud-based key management services (e.g., AWS KMS, Azure Key Vault)

Use of monitoring tools i.e. Splunk, Elastic, PrometheGrafana stack, ELK, etc.

Proficiency in at least one programming language (e.g., Java, Go) and experience with orchestration tools (e.g., Ansible, Terraform).

Experience using Utimaco, Thales, Entrust, etc. products for HSM and other Key Management components like legacy Gemalto, Vormetric or CipherTrust Manager

Working knowledge of JIRA and Agile Scrum routines

Familiarity with DevOps practices and tools (e.g., CI/CD pipelines)

Bachelor's degree in Computer Science, Information Security, or relevant experience.

Minimum of 5-10 years of experience in key management, cryptographic security, or a related field

Advanced degrees or certifications (e.g., CISSP, CISM, CEH) are a plus

Proficiency in key management systems and tools (e.g., HSMs, KMS, PKI)

Strong understanding of cryptographic algorithms and protocols

Experience with security standards and frameworks (e.g., NIST, ISO 27001, PCI DSS)

Familiarity with cloud-based key management services (e.g., AWS KMS, Azure Key Vault)

Proficiency in Linux and Windows operating systems

Strong experience with automation using Perl, python or PowerShell

Familiarity with cloud-based key management services (e.g., AWS KMS, Azure Key Vault)

Use of monitoring tools i.e. Splunk, Elastic, PrometheGrafana stack, ELK, etc.

Proficiency in at least one programming language (e.g., Java, Go) and experience with orchestration tools (e.g., Ansible, Terraform).

Experience using Utimaco, Thales, Entrust, etc. products for HSM and other Key Management components like legacy Gemalto, Vormetric or CipherTrust Manager

Working knowledge of JIRA and Agile Scrum routines

Familiarity with DevOps practices and tools (e.g., CI/CD pipelines)

Job Responsibilities

Develop and implement key management solution based on security policies and procedures to achieve secure key lifecycle management

Oversight of the generation, distribution, and secure storage of cryptographic keys, ensuring they are held in accordance to the highest security protocols

Build, maintain and monitor highly resilient, redundant and secure key management systems

Ensure compliance with internal standards, procedures and regulatory requirements related to key management. Participate in security audits and assessments

Available to respond to security incidents involving the compromise or corruption of cryptographic key scenarios. Devise, implement and document corrective actions to prevent future incidents. Familiarity of Incident and Problem Management systems like Remedy or ServiceNow

Work closely with clients, partners, vendors and security teams to integrate key management practices into broader security initiatives. Provide guidance and support on cryptographic practices. Collaborate with operations and other cross-functional teams to implement automated workflows for key lifecycle management

Maintain comprehensive documentation of key management processes, configurations, and incident responses

Conduct training sessions and awareness programs for employees on best practices in key management and cryptographic security. Stay up-to-date with industry trends and emerging technologies related to key management and cryptographic standards.

Proficiency in key management systems and tools (e.g., HSMs, KMS, PKI)

Strong understanding of cryptographic algorithms and protocols

Experience with security standards and frameworks (e.g., NIST, ISO 27001, PCI DSS)

Familiarity with cloud-based key management services (e.g., AWS KMS, Azure Key Vault)