COMPANY: This company is a multinational banking and financial services corporation
LOCATION: Charlotte, NC
As an experienced professional, provide advice to client management with regard to moderately complex security issues. Assists in the review, development, testing and implementation of security plans, products and control techniques. Coordinates the reporting data security incidents. Provides technical support to the client and management and staff in risk assessments and implementation of appropriate data security procedures and products. Monitors existing and proposed security standard setting groups. State and Federal legislation and regulations. Identifies and escalates changes that will affect information security policy, standards and procedures. Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs. Researches attempted efforts to compromise security protocols. Administers security policies to control access to systems and maintains the company firewall. Works on complex problems where analysis of situations or data requires an in-depth evaluation of various factors. Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Work leadership may be provided by assigning work and resolving problems
The Cryptography Architect will be a functional member of the Cyber Security Technology (CST) Cryptography Domain and will act as a point of contact providing guidance on Cryptographic topics, policies, controls, and topics which are new in the media/have media focus.
As a Cryptography Architect your main responsibilities will include:
Develop an understanding of the Bank and Industry risks, with a specific slant to Cryptography, and key Management.
Work independently in providing Cryptographic architectural reviews, design and guidance for the company
Provide advisory and oversight for changes to Cryptographic and Key Management based Standards and Baselines.
Work in collaboration with GIS Peers supporting them in their activities and helping them continue to provide Defense in Depth Information Security over sight.
Establish and maintain a network of stakeholders and partners.
Act as an escalation point for Cryptography, and PKI questions and best practices.
Coordinate and remediate ad hoc GIS issues and assist partners to reach a resolution in line with GIS baselines and standards.
Keep up to date with Cryptographic risks and emerging threats.
: 5-7 years of IT experience
Good understanding of algorithms ranging from symmetric, a-symmetric, hashes, and random number generators
Experience with Key split, derivation and distribution models.
Be familiar with all aspects of the Key lifecycle including storage
Have a good understanding of cryptography based protocols including external communications, data storage, authentication and data transfer.
Good knowledge of Hardware Security Modules verses Software based modules, and the FIPS 140-2 certification.
Be aware of industry approved/recognized algorithms verses proprietary/non-approved.
Have a good understanding of PKI including the Certificate lifecycle, Certificate Practice Statements and Certificate Policies
Have a natural desire and curiosity to learn new cryptographic concepts/processes
Have a natural ability to think 'outside of the box', and want to design and lead the Industry
Have an ability to communicate at all levels
Have a desire to share knowledge and assist Peers in their understanding
Have a good understanding of where Cryptography fits within the wider spectrum of Information Security.
EDUCATION: : Bachelor's Degree Required