Cryptographic Services Engineer Expert - Data Protection
Apply NowCompany: Huntington National Bank
Location: Columbus, OH 43230
Description:
Description
Job Description Summary:
The Cryptographic Services Engineer Expert will independently lead and perform Data Protection engineering activities of building, configuring, troubleshooting, integrating and administrating Data Protection technologies and will support one or more of the following core technologies or services related to Encryption, Secure Data Transmission, Key Management, Certificate Management, Public Key Infrastructure (PKI) Administration, Tokenization, Cloud Security, Security Metrics/Reporting, and line of business consultation and governance.
Duties & Responsibilities:
Basic Qualifications:
Preferred Qualifications:
Other Working Conditions
Exempt Status: (Yes = not eligible for overtime pay) (No = eligible for overtime pay)
Yes
Workplace Type:
Office
Our Approach to Office Workplace Type
Certain positions outside our branch network may be eligible for a flexible work arrangement. We're combining the best of both worlds: in-office and work from home. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. Remote roles will also have the opportunity to come together in our offices for moments that matter. Specific work arrangements will be provided by the hiring team.
Huntington is an equal opportunity and affirmative action employer and is committed to providing equal employment opportunities for all regardless of race, color, religion, sex, national origin, age, disability, sexual orientation, veteran status, gender identity and expression, genetic information, or any other basis protected by local, state, or federal law.
Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details.
Agency Statement: Huntington does not accept solicitation from Third Party Recruiters for any position
Job Description Summary:
The Cryptographic Services Engineer Expert will independently lead and perform Data Protection engineering activities of building, configuring, troubleshooting, integrating and administrating Data Protection technologies and will support one or more of the following core technologies or services related to Encryption, Secure Data Transmission, Key Management, Certificate Management, Public Key Infrastructure (PKI) Administration, Tokenization, Cloud Security, Security Metrics/Reporting, and line of business consultation and governance.
Duties & Responsibilities:
- Serve as a Subject Matter Expert (SME) and ambassador for Huntington encryption technologies.
- Assist in the design, implementation, and delivery of comprehensive key management, certificate management, tokenization & other Data Protection technologies, including work estimation and consultative validation of technical feasibility and principles, in coordination with defined enterprise goals.
- Establish policies and processes for Encryption Key Management and Certificate Lifecycle Management based on industry standards & best practices.
- Collaborate with cross-functional stakeholder(s) other engineers and managers to assist in comprehension of key management and encryption policy requirements, the development and testing of these policies, and successful deployments into various production environments.
- Perform ongoing review and analysis of cryptographic frameworks and remediation workflows including testing and implementation of Post-Quantum encryption technologies and algorithms across our technology landscape.
- Author documentation for cryptographic policies, system configuration, procedures, workflows, and architectural patterns related to cryptography.
- Configure, deploy, and manage encryption services related to Hardware Security Module (HSM) Appliances, Public Key Infrastructure (PKI), and Encryption Key Management systems.
- Maintain and Troubleshoot operations, protocols, and create reports to monitor ongoing performance of teams cryptographic technologies.
- Independently lead execution of both scheduled engineering build/configuration events as well as incident(break/fix) events to include participation in rotating on-call 24x7 support.
Basic Qualifications:
- Bachelor's Degree (Computer Science, Information Security, or a relevant field.
- 7 years IT or Information Security Engineering experience (Military service may qualify).
- 3 years experience in configuring, monitoring and managing HSM/Key Management Technology (Gemalto, SafeNet, Thales, FutureX, nShield, Utimaco).
Preferred Qualifications:
- Expert Proficiency in various cryptographic related tools and hardware within a Financial Services environment (Certificate Management tools, Active Directory Certificate Services, Tokenization, OpenSSL, PGP, Venafi, Hashicorp, KeyFactor).
- Experience with Java, SQL, Powershell and/or Python including interpreting & authoring queries/scripts
- Expert and hands-on working knowledge of two or more of the following: Networking Design and Operations (OCI Model, TCP/IP, Interconnecting Network Devices, SSH, SSL/TLS Encrypted Communications, X.509 Certificate Management, Kerberos, Active Directory, SFTP, SCP, HTTP/HTTPS, KMIP/NAE, SCEP/EST, NDES, OCSP, TLS/Cipher Suites)
- Expert proficiency with leading troubleshooting moderately complex IT Infrastructure/Server/Networking issues
- Expert proficiency with leading technical system maintenance (Patch management, configuration management, design documentation management)
- Familiarity with Cloud Encryption Services (Amazon KMS, Azure Key Vault, Google Cloud Key Management)
- Advanced knowledge in following Cyber Security Concepts: (Vulnerability Management, Network Security, Logging and Event Monitoring, Data Loss Prevention, Identity Access Management, Threat Intelligence, Penetration testing, IT Risk Management, Endpoint Security)
- IT Certification: CISSP; CEH; CompTIA Network+, A+, Security+ or equivalent; ITIL Fundamentals; Cisco's CCNA, CCNP; GIAC; ISC2; Microsoft MCP (Microsoft Certified Professional) or advanced Microsoft certification; Cloud Security Practitioner/Professional
Other Working Conditions
- 7x24 on-call support rotation may be required
- Occasional travel may be required (
Exempt Status: (Yes = not eligible for overtime pay) (No = eligible for overtime pay)
Yes
Workplace Type:
Office
Our Approach to Office Workplace Type
Certain positions outside our branch network may be eligible for a flexible work arrangement. We're combining the best of both worlds: in-office and work from home. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. Remote roles will also have the opportunity to come together in our offices for moments that matter. Specific work arrangements will be provided by the hiring team.
Huntington is an equal opportunity and affirmative action employer and is committed to providing equal employment opportunities for all regardless of race, color, religion, sex, national origin, age, disability, sexual orientation, veteran status, gender identity and expression, genetic information, or any other basis protected by local, state, or federal law.
Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details.
Agency Statement: Huntington does not accept solicitation from Third Party Recruiters for any position