Data Protection And Cryptography Engineer
Cynet Systems, Phoenix, Arizona, United States, 85003
Job Description:
Responsibilities:
Design, implement, and manage Public Key Infrastructure (PKI), including certificate authorities, certificate lifecycle management, and key rotation. Manage and support Hardware Security Modules (HSMs) for secure key generation, storage, and cryptographic operations. Implement and maintain Identity and Access Management (IAM) solutions, including authentication, authorization, and privileged access controls. Enforce encryption standards for data at rest, data in transit, and key management practices. Develop and maintain cryptographic policies, standards, and procedures. Integrate PKI, IAM, and HSM solutions with enterprise applications and cloud platforms. Troubleshoot cryptographic, certificate, and access-related issues. Support audits, compliance assessments, and security reviews related to data protection. Collaborate with security, infrastructure, cloud, and application teams to embed security-by-design. Required Skills And Expertise:
Strong hands-on experience with PKI (CA design, certificate issuance, revocation, OCSP, CRL). Proven experience with HSM technologies (Thales, Entrust, SafeNet, AWS CloudHSM, Azure Managed HSM, etc.). Solid understanding of IAM concepts and tools (SSO, MFA, RBAC, OAuth, SAML, OpenID Connect). Strong knowledge of cryptographic algorithms and protocols (RSA, ECC, AES, TLS). Experience with key management, secrets management, and certificate automation. Understanding of secure identity lifecycle management and access governance. Certifications (Required / Preferred):
Security Certifications such as CISSP, CISM, Security+, or equivalent. Cryptography or IAM-focused certifications (preferred). Cloud security certifications are a plus. Soft Skills:
Strong analytical and troubleshooting skills. bility to work with cross-functional technical teams. Excellent documentation and communication skills.
Responsibilities:
Design, implement, and manage Public Key Infrastructure (PKI), including certificate authorities, certificate lifecycle management, and key rotation. Manage and support Hardware Security Modules (HSMs) for secure key generation, storage, and cryptographic operations. Implement and maintain Identity and Access Management (IAM) solutions, including authentication, authorization, and privileged access controls. Enforce encryption standards for data at rest, data in transit, and key management practices. Develop and maintain cryptographic policies, standards, and procedures. Integrate PKI, IAM, and HSM solutions with enterprise applications and cloud platforms. Troubleshoot cryptographic, certificate, and access-related issues. Support audits, compliance assessments, and security reviews related to data protection. Collaborate with security, infrastructure, cloud, and application teams to embed security-by-design. Required Skills And Expertise:
Strong hands-on experience with PKI (CA design, certificate issuance, revocation, OCSP, CRL). Proven experience with HSM technologies (Thales, Entrust, SafeNet, AWS CloudHSM, Azure Managed HSM, etc.). Solid understanding of IAM concepts and tools (SSO, MFA, RBAC, OAuth, SAML, OpenID Connect). Strong knowledge of cryptographic algorithms and protocols (RSA, ECC, AES, TLS). Experience with key management, secrets management, and certificate automation. Understanding of secure identity lifecycle management and access governance. Certifications (Required / Preferred):
Security Certifications such as CISSP, CISM, Security+, or equivalent. Cryptography or IAM-focused certifications (preferred). Cloud security certifications are a plus. Soft Skills:
Strong analytical and troubleshooting skills. bility to work with cross-functional technical teams. Excellent documentation and communication skills.