Enterprise Key Management Security Sr Engineer
Job Title : Enterprise Key Management Security Sr Engineer
Industry : Financial Services - Securities
Location : Pittsburgh, PA
Work Arrangement : Hybrid : 2 days in office (or for emergencies), with scheduled work-from-home days. Must be within reasonable commuting distance.
Job Type : Full-time
Seniority Level : Senior
Required Experience : 7 to 10 years
Minimum Education : Bachelor's Degree (or comparable combination of education, certification(s), and experience)
Base Compensation : USD $120,000 to $160,000
Relocation Assistance : Yes
The Enterprise Key Management Security Sr Engineer drives the design, development, and implementation of activities focused on Enterprise Encryption Solutions, Hardware Security Modules (HSMs), and centralized key management processes and procedures.
This senior engineering role provides subject matter expertise and technical analysis, supporting the design and build of critical cryptographic infrastructure. The position is instrumental in applying security concepts, developing, and implementing cryptographic solutions, and performing HSM lifecycle activities within a highly regulated environment.
Key Responsibilities
- Provide subject matter expertise when applying security concepts.
- Leverage technical knowledge and industry experience to design, build, and implement technology solutions.
- Develop and implement advanced cryptographic solutions.
- Execute HSM lifecycle activities including Initialize, configure, update hardware / software, tamper, and decommission.
- Maintain Secure Room operations and management.
- Determine the impact to existing solutions when new standards are implemented.
- Develop comprehensive documentation.
- Conduct security assessments and information security routines; investigate and recommend corrective actions for data security.
- Advise on complex security procedures and products for various stakeholders.
- Share knowledge, lead, and mentor as directed by management.
- Maintain knowledge of current technologies, industry trends, and best practices.
Essential Qualifications & Experience
Category RequirementsWork Experience 7+ to 10 years of industry-relevant experience, preferably in a Banking or highly regulated industry.HSM and Key Management Extensive experience with HSM solutions (e.g., Thales Network HSM, nShield HSMs) and the entire Encryption Key Lifecycle Management. Experience with Key Ceremonies is required.Core Skills Deep knowledge of Cryptography, encryption, and algorithms.Security Concepts Strong background in Information Security, Access Control (AC), Network Security, Risk Assessments, and Security Technologies.Ideal Candidate Focus Physical hands-on experience and proficiency with PED-Based key operations.Preferred Skills
Knowledge of specific key management systems like Thales CipherTrust Manager, CipherTrust Cloud Key Manager (CCKM), and Oracle Key Vault.Familiarity with Bring Your Own Key (BYOK) and Hold Your Own Key (HYOK) solutions in cloud environments (Azure, AWS, or GCP).Familiarity with scripting languages (a plus).Knowledge of collaboration and monitoring tools such as Jira, Confluence, SharePoint, LogScale, Dynatrace, PowerBI (a plus).