Candidate profile details:
• Degree/Certifications Required: CISSP- nice to have
• Years of experience: 7 years
• Reason for request/why opened: new project
• Project Scope: Greywolf project- protect data for the bank
• Best Vs Average Candidate: Design, architecture, automation, using the tool.
• Design and build certification automation.
• Ansible, Terraform experience
• If they have cryptography experience, strong nice to have
Summary of day to day responsibilities:
• Design & Develop Automation: Architect, build, test, and deploy automated systems and workflows for managing cryptographic assets and operations, including:
o Certificate lifecycle management (certificate issuance, renewal, revocation).
o Symmetric and asymmetric key generation, distribution, and rotation.
o Integration with certified key management platforms.
o Automated provisioning/de-provisioning of cryptographic services for applications and infrastructure.
• Integrate Cryptographic Services: Develop tools, APIs, and integrations to seamlessly incorporate cryptographic functions (encryption, decryption, signing, verification) into applications, CI/CD pipelines, and infrastructure components.
• Infrastructure Management: Implement and manage cryptographic infrastructure using Infrastructure-as-Code (IaC) principles (e.g., Terraform, Ansible) for consistency, repeatability, and scalability.
• Certificate Management: Automate Certificate management to prevent outages and security incidents related to expired or invalid certificates.
• Tooling & Scripting: Write high-quality, maintainable code (primarily in languages like Python, Powershell, Bash) and leverage appropriate tools and libraries for automation tasks.
• Documentation: Maintain clear and comprehensive documentation for automation code, processes, architectures, and configurations.
• The Crypto Automation Engineer team will be responsible for designing, developing, implementing, and managing automated solutions for cryptographic services and infrastructure. Automation engineer will play a critical role in securing our organization’s data and systems by automating key management, certificate lifecycles, encryption processes, and other cryptographic operations, thereby enhancing efficiency, reliability, and security posture.
• This will entail collaboration with the Crypto Requirement team, Crypto Engineer team, Crypto Operation team and Security Architecture team.
Key Responsibilities:
• Design & Develop Automation: Architect, build, test, and deploy automated systems and workflows for managing cryptographic assets and operations, including:
o Certificate lifecycle management (certificate issuance, renewal, revocation).
o Symmetric and asymmetric key generation, distribution, and rotation.
o Integration with certified key management platforms.
o Automated provisioning/de-provisioning of cryptographic services for applications and infrastructure.
• Integrate Cryptographic Services: Develop tools, APIs, and integrations to seamlessly incorporate cryptographic functions (encryption, decryption, signing, verification) into applications, CI/CD pipelines, and infrastructure components.
• Infrastructure Management: Implement and manage cryptographic infrastructure using Infrastructure-as-Code (IaC) principles (e.g., Terraform, Ansible) for consistency, repeatability, and scalability.
• Certificate Management: Automate Certificate management to prevent outages and security incidents related to expired or invalid certificates.
• Tooling & Scripting: Write high-quality, maintainable code (primarily in languages like Python, Powershell, Bash) and leverage appropriate tools and libraries for automation tasks.
• Documentation: Maintain clear and comprehensive documentation for automation code, processes, architectures, and configurations.
Required Qualifications:
• 7+ years of total experience
• 3+ year experience in a Security Engineering, DevOps, SRE, or Software Engineering role with a focus on automation.
• Proficiency in one or more scripting/programming languages (e.g., Python, Bash, PowerShell).
• Hands-on experience with automation tools and frameworks (e.g., Ansible, Terraform, Jenkins, GitHub).
• Proven experience in designing and implementing automation solution for certificate lifecycle management.
• Hands-on experience with certificate management platform (e.g., Venafi)
• Strong understanding of fundamental cryptographic concepts: symmetric/asymmetric encryption, hashing algorithms, digital signatures, TLS, PKI, key management principles.
• Familiarity with cloud platforms (Azure, GCP) and their native cryptographic services (e.g., Azure Key Vault, GCP Cloud KMS).
• Experience working with Linux and/or Windows operating systems.
• In depth knowledge of various security controls
• Strong analytical, problem-solving, and troubleshooting skills.
• Strong verbal and written communications skills are essential for this role.
• Proven ability to work in a fast-paced environment and manage multiple deadlines and priorities.
Preferred/Bonus Qualifications:
• Direct experience managing PKI systems (e.g., Microsoft CA, Venafi).
• Experience with Database Transparent Data Encryption (TDE) and encryption in Transit.
• Hands-on experience managing Hardware Security Modules (HSMs) (e.g., Thales, Entrust HSMs).
• Relevant security certifications (e.g., CISSP, CCSP).
• Understanding principles of Post-Quantum Cryptography and its standardization.
• Employment experience in financial industry is a Plus.
Must have:
• DevOps
• Programming languages (e.g., Python, Bash, PowerShell).
• Hands-on experience with automation tools and frameworks (e.g., Ansible, Terraform, Jenkins, GitHub).
Nice To Have:
• Cryptographic knowledge
• Banking exp.
• CISSP
Job Details
13245
Contract
6 months
Scarborough
#J-18808-Ljbffr