Data Protection & Cryptography Engineer

  • Worldpay US
  • Cincinnati, OH, USA
  • Jan 01, 2019
Full time Information Technology Telecommunications

Job Description

Job Description

The job is created for the suitable candidate who is willing to challenge the status-quo and traditional security organizational culture and methods. This job is for a candidate who has the necessary experience around Data Protection across the application stack, and cryptographic methods and systems, and who can make risk based assessments to use cases and apply the right solutions. The job entails putting the customer interest at the fore-front, both the external customers because of whom we are in business, as well as the internal customers who are enabling business capabilities with security embedded. The job requires a mind-set of automating workflows where it's feasible and where it makes sense, abstracting business teams from the cryptographic systems and controls that are available in the company, and enable those through secure APIs for easier consumption.
  • Solid understanding of security, encryption, authentication, key management and applied cryptography
  • PKI design experience including hands on experience with Certificate Authority, Certificate Enrolment Web Service, Revocation servers & HSMs -- Experience with Venafi or AppViewX CERT+ is a plus
  • Experience working with Transparent Database and File System Encryption, such as but not limited to Oracle and SQL Server TDE
  • Experience with Vormetric Data Security Manager -- infrastructure design, policy/rule creation, management and key management
  • Experience and/or Knowledge with Voltage SecureData Enterprise, SecureData Payments, Secure Stateless Tokenization
  • Experience and/or Knowledge with Hardware Security Module (HSM) products such as Thales nShield & payShield, SafeNet Luna EFT & SA
  • Experience with Key Management products and services such as Vormetric DSM, Vormetric CCKM (BYOK), Cryptomathic, AWS KMS, KMS, Azure KMS
  • Experience or knowledge about Cloud Access Security Broker (CASB) products such as Symantec/PerspecSys, CipherCloud, SkyHigh, Netskope, etc. for SaaS data security
  • Experience working with or working for global systems integrators or solution engineering teams
  • Knowledge of cryptographic algorithms, protocols, implementation and standards (e.g., AES, CMS, DES/TDES, Diffie-Hellman, DNSSEC, ECC, IBE, Kerberos, IPsec, OpenSSL, RSA, SHA, SSL/TLS and ANSI, IETF, NIST, FIPS, PKCS, PKI)
  • Understanding of PCI specifications such as PCI DSS, Regulations such as GDPR, PSD2, NY DFS
  • Working experience with cryptographic solutions (including authentication, encryption, hashing, tokenization & signing) across applications, backup, database, endpoint device, email, file, network, removable media and storage domains
  • Working experience with key storage, distribution and implementation (user and machine based)
  • Experience/working knowledge with Unix/Linux, Wintel, Storage Technologies solutions and tools
  • Bachelor's degree in one of the STEM fields
  • Minimum of 3-5 years of experience in data encryption, key management, PKI solutions engineering
  • Professional Security Certification (e.g. CISSP) desired but not required

Additional Requirements:
  • Exhibiting professional maturity, personal integrity, and excellent interpersonal skills
  • Strong work ethic, self-starter who is creative with a 'can-do' attitude
  • Quick learner with strong attention to detail
  • Candidate must be comfortable leading in a fast-paced team environment, and possess very good communications skills.
  • Excellent business acumen with a strong ability to map business requirements to technical solutions.
  • Good writing and presentation skills with ability to multi task
  • Experience in making informed decisions with limited information.
  • Excellent quantitative and analytical problem solving skills
  • Global awareness; experience with and conscious/aware of local, regional, cultural challenges

  • Be a liaison to multiple stakeholder teams and partners, and have the ability to wear multiple hats at the same time, to help drive his teams' objectives and priorities.
  • Manage the implementation, global enterprise expansion, availability of key Data Protection and Crypto solutions and systems
  • Drive the Data Protection Strategy and Roadmap under the leadership guidance
  • Prioritize tasks and escalate issues timely to leadership, and should drive decisions to be made in an informed and quick manner
  • A key strategic theme for the organization around these capabilities is Automation and the candidate has to have and drive the vision, and look for opportunities to automate
  • Perform Security Architecture, Design, Implementation and Operations tasks
  • Work in a virtual team environment where other team members are scattered across the globe and are in different time zones.
  • Be open to jump into troubleshooting calls during incidents and help team members and customers to resolve burning issues and outages, even during off hours if needed
  • Occasional travel will be required to different sites for installation and configuration work, or meet with extended team members and leaders.

All the above duties and responsibilities are essential job functions for which reasonable accommodation will be made. All job requirements listed indicate the minimum level of knowledge, skills and/or ability deemed necessary to perform the job proficiently. This position description is not to be construed as an exhaustive statement of duties, responsibilities or requirements. Employees may be required to perform any other job-related instructions as requested by their leader, subject to reasonable accommodation.