CrawlJobs Logo

Lead, Cryptographic Security Engineer

mastercard.com Logo

Mastercard

Location Icon

Location:
Ireland , Dublin 18

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Responsibility:

  • Contribute to the execution the Cryptographic roadmap for Mastercard –enhancing security posture and enforcing governance and compliance to the Cryptographic and Key Management standards
  • Analyze current cryptographic implementations and identify deviations from our standards
  • Provide technical design and architecture advice to internal teams on how to securely develop and build applications and supporting systems
  • Partner with application teams to determine path to compliance - articulate short, medium and long term plans when necessary
  • Define secure mechanisms for critical business functions, for both on-premises and in cloud environments
  • Assist in the strategy, standards, and architecture for the cryptography, PKI and key management aspects of the SDLC including application, mobile, web service, DevOps, cloud, and CI/CD efforts
  • Define security requirements and guidelines to ensure repeatable processes are followed globally
  • Assist in the strategy, standards, and architecture for the security aspects of key management and operation
  • Provide security advice in cryptography, including several of the following: encryption, hashing, key management, digital certificates, TLS
  • Build out next generation governance model with the intent of understanding our assets and protecting them with proper encryption practices

Requirements:

  • Experience providing secure design advice for web-based environments and secure communication, including mobile applications, web applications and web services
  • Demonstrate a broad awareness of security engineering concepts and practices across all phases of the software development lifecycle
  • Strong understanding of information security, risk and data privacy within the domain of digital commerce including relevant practical experience
  • Knowledge of cryptography, including several of the following: encryption, hashing, key management, digital certificates, TLS, PKCS#11, HSMs
  • Demonstrate technical competency in security engineering based on hands-on experience or relevant qualifications
  • Working knowledge and technical security experience with UNIX, Linux, Solaris, AIX, or Windows
  • Ability to perform analysis, review and design of custom systems, not just product implementation or operations
  • Strong verbal and written communication skills
  • Demonstrate the ability to articulate and communicate effectively to diverse audiences and properly translates security and risk management terminology into business terms and recommends alternative solutions to these stakeholders
  • Design and implement data models and analytics framework into crypto inventory to aggregate, track, and maintain governance over cryptographic assets across the enterprise
  • Develop automated processes and dashboards for cryptographic inventory management, enabling visibility into algorithm usage, key lifecycles, and adherence to organizational cryptographic policies
  • Evaluate and integrate existing data sources to identify cryptographic-related information, ensuring data quality and relevance for inventory purposes
  • Analyze and interpret complex datasets to pinpoint cryptographic data points such as algorithms, key lengths, certificates, and encryption methods across diverse systems
  • Perform data completeness and accuracy assessments to validate cryptographic inventory coverage and identify gaps or inconsistencies
  • Application security (in-depth knowledge)
  • Cryptography
  • Security engineering
  • Architecture and design

Nice to have:

  • Application development (hands-on experience)
  • Cloud security
  • Experience with PKI systems and vendors
  • Experience with retail/payment HSM
  • Alteryx or equivalent ETL
  • PowerBI or equivalent

Additional Information:

Job Posted:
May 04, 2026

Expiration:
May 29, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Mastercard - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Lead, Cryptographic Security Engineer

Application Security Engineering Lead

Join us at Barclays as an Application Security Engineering Lead, where you'll de...
Location
Location
United Kingdom , Glasgow; Knutsford
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience with the software security landscape: CVEs, CWEs, common software vulnerability types
  • Experience with SAST, SCA, and DAST, including the strengths and weaknesses of each
  • At least one programming language (e.g. Java, Go)
  • At least one major cloud provider (e.g. AWS, GCP, Azure)
  • Experience with REST API design
  • Experience with HTTP Authentication
  • Experience with Linux at the terminal, including scripting and automation (e.g. shell, Python)
Job Responsibility
Job Responsibility
  • Provision of subject matter expertise on security systems and engineering patterns
  • Development and implementation of protocols, algorithms, and software applications to protect sensitive data and systems
  • Management and protection of secrets, ensuring that they are securely generated, stored, and used
  • Execution of audits to monitor, identify and assess vulnerabilities in the banks infrastructure/software and support the response to potential security breaches
  • Identification of advancements in to support the innovation and adoption of new cryptographic technologies and techniques
  • Collaboration across the bank, including developers and security teams, to ensure that cryptographic solutions align with business objectives, security policies and regulatory requirements
  • Development/ Implementation and maintenance of Identity and Access Management solutions and systems
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Product Security Engineer

The Senior Security Engineer/Threat Researcher position will be part of Aruba Th...
Location
Location
United States , Remote
Salary
Salary:
101900.00 - 234500.00 USD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • B.S. or M.S. in software engineering, computer science, cybersecurity, or a related field (or equivalent experience)
  • 7+ years of professional experience in software engineering, vulnerability research, penetration testing, or a related security discipline
  • Programming experience in C and at least one additional language used for secure software development, such as Rust, Go, or Python
  • Hands-on experience with security testing tools and techniques, such as fuzzing, reverse engineering, and exploit development frameworks (e.g., Metasploit, Immunity Debugger, Ghidra, or IDA Pro)
  • Understanding of memory-unsafe vulnerabilities, including buffer overflows, use-after-free, integer overflows, and format string vulnerabilities, as well as mitigation techniques such as ASLR, DEP, and stack canaries
  • Strong knowledge of web application security, including OWASP Top 10 vulnerabilities such as XSS, SQL injection, XXE, CSRF, and insecure deserialization
  • Familiarity with secure coding practices, threat modeling, and static and dynamic application security testing (SAST/DAST) tools
  • Knowledge of modern cryptographic algorithms and security protocols (e.g., TLS, IPsec, OAuth) and their implementation pitfalls
  • Demonstrated ability to analyze, exploit, and remediate security vulnerabilities in complex codebases
  • Strong written and verbal communication skills, with the ability to create detailed technical reports and convey complex concepts to both technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Conduct advanced security assessments of HPE Aruba networking products, including manual code reviews and penetration testing, to uncover vulnerabilities such as memory-unsafe errors, insecure deserialization, and authentication/authorization flaws
  • Develop proofs of concept (PoCs) to demonstrate the exploitability of identified vulnerabilities and provide actionable remediation guidance to engineering teams when requested
  • Develop and maintain custom tools to assist in vulnerability discovery, exploit development, and tracking and disclosure of vulnerabilities to the public
  • Assist in managing Aruba’s bug bounty program, collaborating with external researchers and product engineering teams to triage, reproduce, and remediate reported vulnerabilities
  • Assist in writing vulnerability disclosure bulletins and managing the process of releasing those bulletins to the public
  • Serve as a subject-matter expert on secure coding practices, particularly in memory-safe and memory-unsafe programming languages, and evangelize these practices across product engineering teams
  • Conduct original security research on non-Aruba products and technologies, including discovering new vulnerabilities, publishing papers, and presenting at leading security conferences
  • Positively represent Aruba in the global security community by fostering collaboration with security researchers while balancing the goals of researchers with the needs of our customers.
What we offer
What we offer
  • Comprehensive suite of benefits that supports physical, financial, and emotional wellbeing
  • Specific programs catered to helping employees reach career goals
  • Inclusive working environment.
  • Fulltime
Read More
Arrow Right

Product Security Engineer

The Senior Security Engineer/Threat Researcher position will be part of Aruba Th...
Location
Location
Puerto Rico , Aguadilla
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • B.S. or M.S. in software engineering, computer science, cybersecurity or a related field (or equivalent experience)
  • 6+ years of professional experience in software engineering, vulnerability research, penetration testing, or a related security discipline
  • Programming experience in C and at least one additional language used for secure software development, such as Rust, Go, or Python
  • Hands-on experience with security testing tools and techniques, such as fuzzing, reverse engineering, and exploit development frameworks (e.g., Metasploit, Immunity Debugger, Ghidra, or IDA Pro)
  • Understanding of memory-unsafe vulnerabilities, including buffer overflows, use-after-free, integer overflows, and format string vulnerabilities, as well as mitigation techniques such as ASLR, DEP, and stack canaries
  • Strong knowledge of web application security, including OWASP Top 10 vulnerabilities such as XSS, SQL injection, XXE, CSRF and insecure deserialization
  • Familiarity with secure coding practices, threat modeling, and static and dynamic application security testing (SAST/DAST) tools
  • Knowledge of modern cryptographic algorithms and security protocols (e.g., TLS, IPsec, OAuth) and their implementation pitfalls
  • Demonstrated ability to analyze, exploit, and remediate security vulnerabilities in complex codebases
  • Strong written and verbal communication skills, with the ability to create detailed technical reports and convey complex concepts to both technical and non-technical stakeholders. English advanced
Job Responsibility
Job Responsibility
  • Conduct advanced security assessments of HPE Aruba networking products, including manual code reviews and penetration testing, to uncover vulnerabilities such as memory-unsafe errors, insecure deserialization, and authentication/authorization flaws
  • Develop proofs of concept (PoCs) to demonstrate the exploitability of identified vulnerabilities and provide actionable remediation guidance to engineering teams when requested
  • Develop and maintain custom tools to assist in vulnerability discovery, exploit development, and tracking and disclosure of vulnerabilities to the public
  • Assist in managing Aruba’s bug bounty program, collaborating with external researchers and product engineering teams to triage, reproduce, and remediate reported vulnerabilities
  • Assist in writing vulnerability disclosure bulletins and managing the process of releasing those bulletins to the public
  • Serve as a subject-matter expert on secure coding practices, particularly in memory-safe and memory-unsafe programming languages, and evangelize these practices across product engineering teams
  • Conduct original security research on non-Aruba products and technologies, including discovering new vulnerabilities, publishing papers, and presenting at leading security conferences
  • Positively represent Aruba in the global security community by fostering collaboration with security researchers while balancing the goals of researchers with the needs of our customers
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Product Security Engineer- Threat Researcher

The Senior Security Engineer/Threat Researcher position will be part of Aruba Th...
Location
Location
Puerto Rico , Aguadilla
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • B.S. or M.S. in software engineering, computer science, cybersecurity or a related field (or equivalent experience)
  • 6+ years of professional experience in software engineering, vulnerability research, penetration testing, or a related security discipline
  • Programming experience in C and at least one additional language used for secure software development, such as Rust, Go, or Python
  • Hands-on experience with security testing tools and techniques, such as fuzzing, reverse engineering, and exploit development frameworks (e.g., Metasploit, Immunity Debugger, Ghidra, or IDA Pro)
  • Understanding of memory-unsafe vulnerabilities, including buffer overflows, use-after-free, integer overflows, and format string vulnerabilities, as well as mitigation techniques such as ASLR, DEP, and stack canaries
  • Strong knowledge of web application security, including OWASP Top 10 vulnerabilities such as XSS, SQL injection, XXE, CSRF and insecure deserialization
  • Familiarity with secure coding practices, threat modeling, and static and dynamic application security testing (SAST/DAST) tools
  • Knowledge of modern cryptographic algorithms and security protocols (e.g., TLS, IPsec, OAuth) and their implementation pitfalls
  • Demonstrated ability to analyze, exploit, and remediate security vulnerabilities in complex codebases
  • Strong written and verbal communication skills, with the ability to create detailed technical reports and convey complex concepts to both technical and non-technical stakeholders. English advanced
Job Responsibility
Job Responsibility
  • Conduct advanced security assessments of HPE Aruba networking products, including manual code reviews and penetration testing, to uncover vulnerabilities such as memory-unsafe errors, insecure deserialization, and authentication/authorization flaws
  • Develop proofs of concept (PoCs) to demonstrate the exploitability of identified vulnerabilities and provide actionable remediation guidance to engineering teams when requested
  • Develop and maintain custom tools to assist in vulnerability discovery, exploit development, and tracking and disclosure of vulnerabilities to the public
  • Assist in managing Aruba’s bug bounty program, collaborating with external researchers and product engineering teams to triage, reproduce, and remediate reported vulnerabilities
  • Assist in writing vulnerability disclosure bulletins and managing the process of releasing those bulletins to the public
  • Serve as a subject-matter expert on secure coding practices, particularly in memory-safe and memory-unsafe programming languages, and evangelize these practices across product engineering teams
  • Conduct original security research on non-Aruba products and technologies, including discovering new vulnerabilities, publishing papers, and presenting at leading security conferences
  • Positively represent Aruba in the global security community by fostering collaboration with security researchers while balancing the goals of researchers with the needs of our customers
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Product Security Engineer

As a Product Security Engineer specializing in cryptography and PKI, you will de...
Location
Location
United States , Palo Alto
Salary
Salary:
Not provided
1x.tech Logo
1X Technologies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong experience with cryptography, PKI design, and key management
  • Experience working with hardware security modules (HSMs), including vendor selection, integration, and root‑of‑trust establishment
  • Familiarity with remote device attestation frameworks (such as fTPM, OP‑TEE, or similar)
  • Demonstrated ability to design and scale secure firmware signing and code signing pipelines
  • Proven track record in defining and enforcing trust policies (key generation, rotation, destruction) and provisioning mechanisms
  • Experience securing build/artifact pipelines and developing secure communication protocols
  • Ability to work cross‑functionally with hardware, software, security operations, and infrastructure teams
  • High attention to detail, strong problem solving, with a mindset of anticipating vulnerabilities and designing defendable systems
Job Responsibility
Job Responsibility
  • Design and manage end‑to‑end cryptographic services, including public key infrastructure (PKI) and key lifecycle management
  • Establish HSM infrastructure as the root‑of‑trust for firmware signing and IoT endpoint authentication
  • Lead evaluation, procurement, installation, configuration, and integration of HSM vendor solutions
  • Architect key management systems that scale from hundreds of devices today to millions over time
  • Design remote device attestation mechanisms (e.g. fTPM, OP‑TEE, or equivalent) tied to the HSM root‑of‑trust
  • Build and automate secure firmware/bootloader signing pipelines
  • Define trust infrastructure and policies for author key generation, provisioning, rotation, and destruction
  • Secure build/artifact pipelines and code‑signing workflows
  • Develop factory provisioning architecture for mass key/certificate distribution
  • Support the development of secure communication protocols
  • Fulltime
Read More
Arrow Right

Lead Blockchain Engineer

We’re looking for a Blockchain Development Lead to join our Engineering team and...
Location
Location
India , Noida
Salary
Salary:
Not provided
taazaa.com Logo
Taazaa Inc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of software development experience
  • 2+ years in blockchain or distributed systems
  • Strong experience with Solidity, Rust, or Go for blockchain protocols or smart contract development
  • Hands-on experience with Ethereum, Hyperledger, Polygon, or Solana ecosystems
  • Deep understanding of cryptographic primitives, consensus algorithms, and decentralized architectures
  • Familiarity with web3 libraries, Node.js/TypeScript, and REST/gRPC API integration
  • Proven experience in leading teams, conducting code reviews, and mentoring developers
Job Responsibility
Job Responsibility
  • Architecture & Design: Lead the design of scalable, secure, and efficient blockchain systems (permissioned and public)
  • Technical Leadership: Mentor and guide developers on smart contracts, distributed ledger design, and cryptographic principles
  • Integration: Collaborate with backend, cloud, and data engineering teams to integrate blockchain components with existing SaaS architectures
  • Innovation: Evaluate emerging technologies (L2s, ZK proofs, stablecoins, cross-chain protocols) for use in real-world business applications
  • Quality & Security: Establish best practices for code reviews, audits, and on-chain security
  • Collaboration: Partner with cross-functional teams including Product Managers, Designers, and Data Scientists to prototype and deploy blockchain-powered features
What we offer
What we offer
  • Continuous professional growth, offering workshops and training
  • Work-life balance with flexible hours and remote options
  • Competitive salaries
  • Health benefits
  • Various perks
  • Fulltime
Read More
Arrow Right

Chief Information Security Officer

We are seeking an experienced Chief Information Security Officer to lead our inf...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
sokin.com Logo
Sokin
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years in information security with 5+ years in senior security leadership roles
  • Experience in regulated financial services (payments, banking, or fintech)
  • Track record of building and leading security teams in scale-up environments
  • Experience with FCA regulation, PCI-DSS compliance, and financial services audits
  • Hands-on experience with security incident response and crisis management
  • Deep knowledge of AWS security services (GuardDuty, Security Hub, WAF, KMS, CloudTrail, Config)
  • Experience with containerised environments (EKS/Kubernetes) and serverless security
  • Strong understanding of network security, zero trust architecture, and micro-segmentation
  • Proficiency with SIEM platforms (Splunk, Datadog Security, or equivalent)
  • Knowledge of application security tools: Wiz, SonarQube, Burp Suite, OWASP ZAP
Job Responsibility
Job Responsibility
  • Define and execute the enterprise information security strategy aligned with business objectives
  • Establish and maintain the Information Security Management System (ISMS) to support constant certification readiness with PCI DSS, ISO 27001 and SOC2
  • Own security policies, standards, and procedures across the organisation
  • Report to the Board and senior leadership on security posture, risk exposure and programme maturity
  • Manage security budget and resource allocation
  • Lead enterprise security risk assessments and maintain the infosec item on the risk register
  • Ensure compliance with FCA operational resilience requirements and SYSC guidelines
  • Maintain PCI-DSS Level 1 compliance across payment processing infrastructure
  • Oversee GDPR, UK Data Protection Act, and international privacy compliance
  • Manage relationships with external auditors, penetration testers, and regulatory bodies
What we offer
What we offer
  • Competitive salary and equity participation
  • Hybrid working with flexibility
  • Private healthcare
  • Pension contribution
  • Professional development budget
  • Opportunity to shape security strategy at a high-growth fintech
Read More
Arrow Right
New

Lead Information Security Engineer - Cryptographic Products and Services

Wells Fargo is seeking a motivated Lead Information Security Engineer to join an...
Location
Location
United States , Irving; Charlotte; Columbus
Salary
Salary:
119000.00 - 187000.00 USD / Year
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
May 08, 2026
Flip Icon
Requirements
Requirements
  • 5+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • 5+ years of experience in automation development, platform engineering, or information security engineering, or an equivalent combination of education, training, and professional experience
  • 4+ years of hands‑on experience developing production‑grade automation and scripts using one or more of the following: Python, PowerShell, Bash : Ansible or similar orchestration/configuration tools : JavaScript, VBScript, or workflow automation platforms
  • 4+ years experience in automating tasks across Linux and Windows server environments
  • 4+ years hands on experience to design scalable, repeatable, and maintainable automation solutions
  • 2+ years demonstrated experience acting in a lead engineering role, providing technical direction and mentorship to other engineers
  • 4+ years experience working with APIs, service integrations, and command‑line tooling
  • 4+ years experience in software development fundamentals, including version control, testing, and documentation
Job Responsibility
Job Responsibility
  • Drive design, deployment and automation strategies for encryption, tokenization and key management products and services including Hardware Security Modules, security appliances and security applications deploying in physical, virtual, and containerized environments
  • Provide technical guidance and oversight to teams and team members responsible for product delivery and operational maintenance
  • Develop and maintain documentation including design and build guides, deployment strategies, automation guides and operational processes
  • Participate in research, analysis and evaluation of new cryptographic products and services
  • Participate in Proof of Concept (POC) testing and demonstrations for new cryptographic products and services
  • Support company driven audits, gather evidence of compliance to company policies, and drive product enhancements, when needed, to remediate findings
  • Conduct technical investigation of incidents to identify causes and recommend future mitigation strategies
  • Collaborate across Wells Fargo teams, including compliance, security architecture and security evaluation teams to ensure cryptographic products are compliant to company policies
  • Work with vendors to understand the technology vendor's roadmap, help to influence that roadmap, and ensure requests for technology/product enhancements are meeting the needs of Wells Fargo
  • Work with partner engineering teams on identification and remediation of security vulnerabilities and may also conduct risk assessments of infrastructure to ensure compliance with corporate security policies and adherence to best practices
What we offer
What we offer
  • Health benefits
  • 401(k) Plan
  • Paid time off
  • Disability benefits
  • Life insurance, critical illness insurance, and accident insurance
  • Parental leave
  • Critical caregiving leave
  • Discounts and savings
  • Commuter benefits
  • Tuition reimbursement
  • Fulltime
!
Read More
Arrow Right