Information Security Engineer

Overview

We are seeking a highly skilled and experienced contractor to support our enterprise Key Management Program and Post-Quantum Readiness initiatives. This role will contribute to the development and execution of an agile, DevSecOps-driven roadmap focused on crypto agility, governance, automation, and secure key lifecycle management.

Key Responsibilities

• Design and implement enterprise key and certificate lifecycle templates and processes.
• Collaborate with stakeholders across InfoSec, Risk, Architecture, and Application teams.
• Contribute to governance updates, risk assessments, and audit readiness.
• Develop and maintain documentation, training materials, and self-service resources.
• Monitor and report on key management metrics, adoption, and compliance.
• Support proof-of-concept efforts for automation, monitoring, and reporting.

Required Skills & Experience

• Strong experience in enterprise, networking, key management, and PKI.
• Familiarity with industry standards and regulatory frameworks (e.g., NIST, PCI-DSS).
• Experience with audit/governance assessments and processes.
• Experience with SIEM platforms and monitoring of crypto-related assets.
• Exposure to integrating security into DevOps pipelines or automation processes.
• Strong documentation and communication skills.
• Ability to mentor junior team members and collaborate cross-functionally.

Optional Skills & Experience

• Hands-on with tools like Venafi, HashiCorp Vault, AWS KMS/ACM, Fortanix.
• Experience in coding/scripting for automation.

MUST HAVE SKILLS:

• Experience with audit/governance processes
• Familiarity with industry standards and regulatory frameworks (e.g., NIST, PCI-DSS)
• Strong experience in enterprise networking, key management, and PKI.

Nice To Have

Hands on with tools like Venafi, HashiCorp Vault, AWS KMS/ACM, Fortanix