HSM PKI Cryptography Engineer

Home Based  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Keywords

Cryptography Key Management Cloud Computing Public Key Infrastructure Amazon Web Services Computer Security Governance Hardware Security Module Microsoft Azure Regulatory Compliance ISO/IEC 27001 PCI Data Security Standards Risk Analysis National Institute of Standards and Technology (NIST) Public Key Certificates GDPR Safety Principles Gemalto Agile Methodology Auditing Business Requirements Capacity Planning Communications Security Databases Data Security DevOps Digital Signature Performance Tuning Product Lifecycle Writing Documentation RSA (Cryptosystem) Secure Coding Stakeholder Management Vulnerability Vulnerability Management Transport Layer Security Google Cloud Enterprise Application Platform

Description

We are seeking a skilled and experienced Hardware Security Module (HSM) and Cryptography Engineer to join our cybersecurity team. The ideal candidate will have deep expertise in Hardware Security Modules (HSMs), Public Key Infrastructure (PKI), cryptography, cloud key management, and encryption key management, combined with a strong understanding of cybersecurity governance and compliance.

In this role, you will be responsible for designing, implementing, and managing secure cryptographic solutions to safeguard critical data, systems, and applications. You will work closely with cross-functional teams to ensure robust encryption practices, compliance with cybersecurity standards, and seamless integration with cloud and on-premises environments.

Key Responsibilities: HSM and Cryptography Management

  • Deploy, configure, and maintain Hardware Security Modules (HSMs) to protect sensitive cryptographic keys and operations.
  • Design and implement cryptographic solutions (eg, key generation, encryption, digital signatures) to secure data and systems.
  • Conduct performance tuning and capacity planning for HSMs to support business needs.
  • Integrate HSMs with enterprise applications, databases, and cloud environments.

PKI and Encryption Key Management

  • Manage Public Key Infrastructure (PKI) systems, including issuing, renewing, and revoking digital certificates.
  • Develop and maintain encryption key management systems to ensure secure storage, usage, and life cycle management of keys.
  • Design and enforce policies and procedures for encryption key usage and handling.

Cloud Key Management and Integration

  • Implement and manage cloud-based key management services (eg, AWS KMS, Azure Key Vault, Google Cloud KMS).
  • Ensure secure integration of cryptographic solutions across hybrid and multi-cloud environments.
  • Provide guidance on best practices for securing sensitive data in the cloud.

Cybersecurity Governance and Compliance

  • Develop and enforce policies and standards for cryptographic operations and key management.
  • Ensure compliance with industry regulations and frameworks (eg, GDPR, PCI DSS, ISO 27001, NIST).
  • Conduct risk assessments and audits of cryptographic systems to identify and address vulnerabilities.
  • Collaborate with internal and external auditors to ensure adherence to cybersecurity governance requirements.

Research and Innovation

  • Stay updated on the latest cryptographic technologies, tools, and threats.
  • Evaluate emerging HSM, PKI, and key management solutions to enhance the organization's security posture.
  • Provide training and knowledge sharing for teams on cryptographic best practices and technologies.

Key Requirements:Technical Expertise

  • Strong experience in configuring, deploying, and managing HSMs (eg, Thales, Gemalto, Utimaco, AWS CloudHSM).
  • Expertise in PKI, including certificate authorities, digital certificates, and secure communication protocols (eg, TLS, SSL).
  • Solid understanding of cryptographic algorithms (eg, RSA, AES, ECC) and their applications.
  • Experience with cloud-based key management services (eg, AWS KMS, Azure Key Vault).
  • Proficiency in encryption key management tools and platforms.

Cybersecurity and Governance Knowledge

  • Familiarity with cybersecurity frameworks (eg, NIST, ISO 27001) and regulatory compliance standards (eg, GDPR, PCI DSS).
  • Knowledge of secure coding practices and vulnerability management.

General Skills

  • Strong problem-solving and analytical skills to identify and mitigate cryptographic risks.
  • Excellent communication and documentation skills to explain technical concepts to non-technical stakeholders.
  • Experience working in Agile or DevOps environments is a plus.

Qualifications

  • Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
  • Relevant certifications are highly desirable (eg, CISSP, CISM, CCSP, GIAC, AWS Certified Security Specialty).
Start date
24/02/2025
Duration
12 months
From
Talent Smart Limited
Published at
23.01.2025
Project ID:
2840415
Contract type
Freelance
To apply to this project you must log in.
Register