Mid-level Senior Security Engineer is responsible for maintaining vendor security applications primarily related to crypto/security functions.
You would be part of the highly visible Global Information Security (GIS) team where you will gain an in-depth understanding of the business partner's requirements for the applications/systems. These requirements will then be used to make determinations and recommendations on the technical and operational feasibility of the solutions. You will be required to maintain and enhance already developed applications for hosted crypto solutions like key management, payment gateways and general purpose HSMs integrate end user applications to leverage these feasibilities.
You would work to develop prototypes of the system design and work with database, operations, technical support, and other various technology areas throughout the development and implementation processes. You will use your knowledge and abilities as senior technical resource to provide your expertise to the team.
You would be responsible for administering and managing cryptographic keys, including key life cycle management, centrally manage keys with granular key management and proper access controls per our crypto security standards and policy guidance.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
[email protected].
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
· Key life cycle management, understand and implement enterprise cryptography standards per industry standards. Specialize in KMS products like CipherTrust Manager and OKV.
· Knowledge of Risk in key management and Crypto compliances per industry standards including Data classification, policies, and data standards, Content filtering.
· Work closely with stakeholders to define crypto requirement for KMS and HSM needs.
· Knowledge of privileged user access control, Audit logging
· Implement Best practices per the Oasis KMIP 2 standards, EMVCo, Global Platform, Multos, ANSI, FIPS140-2, NIST SP 800-57
· Netskope CASB solution and Database encryption with Microsoft SQL TDE, Oracle TDE with PKCS11 and KMIP compliant products.
· RESTful calls with CASB and cloud native applications, PKCS#11, JCE, .NET, MCCAPI, MS CNG
· Ability to implement REST API consoles example Postman.
· Full-stack monitoring using log ingress solutions with Splunk and SNMP v2.0
Data security platform engineering
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.