As a Distinguished Engineer, you will collaborate with our Sr Staff, Staff, and Sr. Engineers to innovate and construct new systems, enhance existing ones, and discover fresh opportunities to apply your specialized knowledge in data security to resolve critical issues. You will spearhead the strategy and execution of a technical roadmap that accelerates product delivery and unlocks new engineering capabilities. Your leadership will be crucial in the design, implementation, and maintenance of a robust Encryption and Tokenization platform, ensuring the protection of sensitive data throughout the organization.

Position Responsibilities

• Lead the development and execution of encryption, tokenization and key managementplatforms, solutions and strategies across the enterprise.

• Ensure the quality, usability, and performance of the encryption and tokenization platformincluding ensuring high availability, disaster recovery, and auditable logging

• Influence and educate leadership on the importance of secure data protection and key management practices

• Collaborate across enterprise teams, including compliance, security and data governance teams to ensure cryptographic products are compliant to company policies

• Stay updated on emerging trends in cryptography and apply this knowledge to enhance data protection strategies

• Provide technical guidance and mentorship, fostering a culture of innovation and continuous improvement

• Collaborate with cross-functional teams to integrate data protection (encryption and tokenization) solutions seamlessly with organizational goals

• Build resilient and scalable keymanagement systems architectures, driving innovation and cost efficiency.

Qualifications

• Strong understanding of cryptographic encryption/tokenization and Key Management System. 

• Demonstrated experience in designing and implementing resilient, scalable, and efficient solutions for data at rest encryption using open-source cryptography libraries and encryption/tokenization protocols (FPE, AEADetc.)

• Strong software engineering skills (experience with Gopreferred)

• Knowledge of key management, Google Tink, PKCS11, JCE , OpenSSL and other crypto libraries

• Experience with PostgreSQL including its native replication mechanisms

• Strong problem-solving abilities with a proactive approach to security risk mitigation

• Strong expertise with site reliability engineering practices and operational excellence - Implementing and utilizing infrastructure observability and monitoring tools (Grafana, Prometheus, OpenTelemetry, eBPF)

• Building and evolving CI/CD tools and pipelines (Bazel, Terraform, Argo CD/Workflows/Rollouts)

• Excellent communication skills for conveying technical concepts to diverse stakeholder

• Experience with Data Protection and Key Management System within large-scale, distributed environments

• Knowledge of industry standards and regulations related to Key Management Systems, Cryptography, Encryption and Tokenization

• Ability to lead and execute encryption, tokenization and key managementprojects from conception to deployment

• Familiarity with hardware security modules (HSM) andCryptography Standards

Experience

• 10+ years in security engineering with a focus on Data Encryption, Tokenization, Key Management Systems, Cryptography,and security engineering

• 8+ years in security, encryption, architecture, and design

• 6+ years with open-source frameworks related to security

• 4+ years with cloud services and their security aspects, preferably with experience in AWS, GCP, Azure.

Education

• Bachelor’s degree in computer science, Information Systems, or equivalent with a focus on security and cryptography