Hardware Security Module Engineer

job summary:

HSM Engineer role will be responsible for designing, deploying, configuring, and maintaining Hardware Security Modules used to protect sensitive cryptographic keys and perform secure cryptographic operations. This role ensures the security, availability, and compliance of cryptographic infrastructure in alignment with industry standards, security policies, and regulatory requirements

Location, Arizona, or Nebraska, 5 days a week onsite

location: Chandler, Arizona

job type: Contract to Perm

salary: $70 - 80 per hour

work hours: 8am to 5pm

education: No Degree Required



responsibilities:

HSM Administration & Operations

Deploy, configure, and manage HSM devices (e.g., Thales, Entrust, Futurex, Utimaco)

Maintain and update HSM inventory to ensure up-to-date tracking.

Submit Firewall request to allow network traffic between HSM and client systems

Manage HSM partitioning, remote HSM administration and auditing functions.

Conduct firmware and software upgrades while maintaining operational continuity.

Ensure HSM configurations meet compliance standards (PCI-DSS, PIN, HIPAA, GDPR, ISO 27001, etc.).

Monitor for unauthorized access or anomalies in cryptographic operations.

Participate in internal and external security audits.

Work with development and infrastructure teams to integrate cryptographic services into business applications.

Troubleshoot HSM integration issues with applications, APIs, and security services.

Implement automated monitoring and alerting for HSM performance and health.

Respond to cryptographic security incidents and investigate root causes.

Provide on-call support for HSM-related issues and outages.

qualifications:

- Bachelor's degree in computer science, Information Security, or related field (or equivalent experience).

- 3-5 years of experience in HSM administration and/or cryptographic operations

- Hands-on experience with HSM vendors such as Thales, Entrust, Futurex, Utimaco, or SafeNet.

- Strong understanding of PKI, digital certificates, TLS/SSL, and key management practices.

- Familiarity with security standards: FIPS 140-2/140-3, NIST SP 800 series, PCI-DSS.

- Experience with scripting languages (Python, PowerShell, Bash) for automation.

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact

Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).

This posting is open for thirty (30) days.