Job description
Stott & May are looking to speak with Cryptography Engineers who are ready to step up into a Lead position and/or current Lead Cryptography Specialists who are looking for a new and exciting challenge: in building a Cryptography Team function within a very well-known Financial Services client.
Type: Contract/freelance – Initially 6 months | Awaiting IR35 determination
Day Rate: TBC – Market rate for this type of role
Location: Hybrid working – Some availability to work in London or Yorkshire offices advantageous
Lead Cryptography Engineer – Responsibilities:
1. Drive, develop and play a big part of a Cryptography Operations roadmap and strategy
2. Be a positive cause & effect of cryptographic capabilities (in-house/partner integrations)
3. Implementation and management of cryptographic keys
4. Cryptography and Key Management
5. Facilitate the onboarding of new services and the running of existing services
6. Take the lead on all aspects of implementation (secure key storage mechanisms)
7. Implement cryptography processes across the team
8. Lifecycle mgmt. of cryptographic keys (periodic reviews and replacements)
9. Close collab with Cyber and InfoSec teams - integrating key management practices
Lead Cryptography Engineer – Technical:
10. Solid experience within key handling, segregation of duties and split knowledge within Cryptography
11. Good understanding of Software Delivery pipelines and the automation of key management activities is required
12. Detailed knowledge and understanding around how best to respond to cryptography incidents
13. Solid understanding of HSM technologies & Thales would be great however, other (similar) competing technologies will be just fine
14. HashiCorp Vault experience and previous usage of would great
15. Security & compliance frameworks/standards for cryptography (PCI-DSS, PCI-PIN, PCI-CPP, NIST, FIPS)
16. Awareness of Policy development, Compliance, Audit and Assurance
Lead Cryptography Engineer – Advantageous:
17. Software engineering and infrastructure as code
18. GitHub Actions and/or other potential CI/CD pipeline tooling
19. Security Architecture & design principles
20. Relevant certifications
Previous experience within Financial Services, Banking, Consumer Lending or Payments is very advantageous however, primarily Cryptography will need to be a passion and therefore someone who is already keen on keeping up to date with industry practices and standards related to key management and therefore, have enough knowledge within this amazing field to identify gaps for capability improvement and overall, you will be the domain authority within the business!
Great role for the right person – looking forward to receiving your profile…