Cryptographic Security Specialist
Previous Job
Previous
Cryptographic Security Specialist
Ref No.: 18-10973
Location: New York, New York


Brokerage is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries. As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Brokerage can provide a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.

The Cryptographic Services Engineering Team within the Enterprise Security Solutions Group (ESS) is responsible for engineering and developing secure storage and management solutions for encryption keys, passwords, certificates, and other sensitive data. The technology stack consists of home-grown software, 3rd party and open source products and auxiliary services and solutions. The successful candidate will act as a subject matter expert and be responsible for proto-typing, designing and delivering robust, scalable, cross-platform solutions that span teams. He/she will be expected to collaborate with managers and lead engineers across teams, broader partners in Security, CTO and Infrastructure as well as clients in order to understand technical and business requirements that will drive solutions. Resulting software, products and services will be then become BAU within existing engineering and operations teams. Solutions will vary in size/scope and technology as well as time-frames with an expectation of some parallelization across solutions. In addition, the successful candidate will help formulate the overall technical strategy and roadmap for the team. We're looking for an enthusiastic, fungible, innovative technologist with good communication skills who's willing to get their hands dirty whilst not losing sight of the bigger picture.

The successful candidate will be expected to:
* Drive the determination and implementation of solutions (large or small) across platforms
* Deliver initial proof of concept (PoCs) and document the design and architectures for these solutions
* Drive the productionisation of the solution across appropriate engineering and operations teams
* Research vendor and open source solutions and determine fit into strategy and architecture
* Interface with technical contacts at external vendor providers and other internal teams to ensure a holistic solution
* Contribute to a strategy for cryptography for the organization
* Maintain documentation, assist customers through FAQ entries and similar
* Resolve issues escalated from operations teams
* Interpret high level functional requirements to create detailed implementation designs / plans

Skills Required:
* Excellent problem solving skills
* Strong verbal and written skills to interact with global teams and customers
* Excellent understanding of data encryption
* Good understanding of enterprise authentication and web security
* Good understanding of the internet protocols TCP/IP, HTTP, SSL/TLS etc
* Good knowledge/experience on Windows as well as Linux based authentication products and services
* Proficiency in Linux or other Unix variant
* Good understanding of secure coding techniques and IT security principals in general

Skills Desired:
* Experience of public key infrastructure (PKI)
* Solid experience of developing in Java, Perl, .NET or other language including object orientated coding
* Proven architectural and design background
* Experience with cloud encryption solutions
* Experience with hardware security modules (HSM)
* Understanding of Key Management Interoperability Protocol (KMIP)
* Experience operating in large, silo'd enterprise environments
* Good knowledge of emerging authentication standards like SPNEGO, OAUTH, OpenID Connect
* Good understanding of Identity Management
* Experience/Knowledge of either of Kerberos, Active Directory (AD), or LDAP
* Understanding of cryptographic techniques
* Experience with certificate lifecycle management
* Experience building multi-tier applications