Job description
Stott & May are looking to speak with Cryptography Engineers who are ready to step up into a Lead position and/or current Lead Cryptography Specialists who are looking for a new and exciting challenge: in building a Cryptography Team function within a very well-known Financial Services client.
Type: Contract/freelance – Initially 6 months | Awaiting IR35 determination
Day Rate: TBC – Market rate for this type of role
Location: Hybrid working – Some availability to work in London or Yorkshire offices advantageous
Lead Cryptography Engineer – Responsibilities:
Lead Cryptography Engineer – Technical:
Great role for the right person – looking forward to receiving your profile…
Type: Contract/freelance – Initially 6 months | Awaiting IR35 determination
Day Rate: TBC – Market rate for this type of role
Location: Hybrid working – Some availability to work in London or Yorkshire offices advantageous
Lead Cryptography Engineer – Responsibilities:
- Drive, develop and play a big part of a Cryptography Operations roadmap and strategy
- Be a positive cause & effect of cryptographic capabilities (in-house/partner integrations)
- Implementation and management of cryptographic keys
- Cryptography and Key Management
- Facilitate the onboarding of new services and the running of existing services
- Take the lead on all aspects of implementation (secure key storage mechanisms)
- Implement cryptography processes across the team
- Lifecycle mgmt. of cryptographic keys (periodic reviews and replacements)
- Close collab with Cyber and InfoSec teams - integrating key management practices
Lead Cryptography Engineer – Technical:
- Solid experience within key handling, segregation of duties and split knowledge within Cryptography
- Good understanding of Software Delivery pipelines and the automation of key management activities is required
- Detailed knowledge and understanding around how best to respond to cryptography incidents
- Solid understanding of HSM technologies & Thales would be great however, other (similar) competing technologies will be just fine
- HashiCorp Vault experience and previous usage of would great
- Security & compliance frameworks/standards for cryptography (PCI-DSS, PCI-PIN, PCI-CPP, NIST, FIPS)
- Awareness of Policy development, Compliance, Audit and Assurance
- Software engineering and infrastructure as code
- GitHub Actions and/or other potential CI/CD pipeline tooling
- Security Architecture & design principles
- Relevant certifications
Great role for the right person – looking forward to receiving your profile…