Cryptography Infrastructure Engineer

Cryptography Infrastructure Engineer

We are looking for a Cryptography Infrastructure Engineer to join a financial services client based in Sheffield. There will be a requirement to be in the office once every two–weeks. The contract is also inside IR35.

The objective will be to support the Cryptography team who are responsible for protecting the identity, confidentiality and authenticity of trillions of dollars of transactions globally.

We are looking for an SME in cyber security and cryptography who can help improve their HSM observability for their entire encryption estate. The existing HSM observability is ready to be taken to the next level, improving its resilience, increased monitoring capabilities and faster alerting.

We specifically require someone with expertise in either Thales Luna, nShield or payShield HSMs.

• Be part of a team that implements a new monitoring and alerting solution based upon Splunk
• Have specific knowledge about Entrust nShield HSMs, payShield HSMs or Luna HSMs, and pulling relevant data from the device (via SNMP)
• Closely collaborate with team members – as SME for HSMs, but also other HSMs.
• Work closely with stakeholders to understand requirement details.
• Write a design and test specification for your responsibility in the observability project
• Contribute to documentation of the project
• Help define the roadmap for continual improvements in the management of cryptographic services
• Flag potential issues timely, think outside the box and be creative in finding solutions.

• Good knowledge about HSMs, specifically Entrust nShield, payShield and/or Luna.
• Understand how monitoring for HSMs work with expertise in the technologies such as SNMP
• Stakeholder management skills, with experience of understanding and meeting the needs of multiple stakeholders
• Knowing what it means to be part of a team, not only being a team player. Contribute to discussions, allow others to speak.
• Innovative mindset, we are doing something completely new, inhouse. This requires to speak up when it comes to innovations/new ideas.
• Understanding of cybersecurity principles, global financial services business models, as well as regional compliance standards, relevant local regulations, and applicable laws
• Knowledge of cryptographic modules and solutions, eg TPMs,
• Good understanding on IT Infrastructure technical platforms/technologies
• Understanding of SSH/SSL functionality and usage
• Experience interfacing with technology teams to bring lab concepts to market within an organization and building effective operational models to ensure capabilities are able to be fully utilized and grow to meet the needs of the team
• Understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including; OWASP, ISO2700x series, PCI DSS, GLBA, GDPR, Global data security and privacy acts, FFIEC guidelines, CIS and NIST standards.
• Windows and Linux Servers administration
• Strong Documentation skills

More details available on successful application.