Main Content

Cryptographic and Key Management Specialist

Position: Cryptographic and Key Management Specialist
Reports To: VP, Access Management & Change Control
Location: Dallas TX or New York, NY

Position Summary:

The Cryptographic and Key Management Specialist PKI is responsible for the administration of IS configuration items as it pertains to system and customer connectivity. The role is primarily responsible for ensuring TCH is in compliance with the best practices detailed in our Enterprise PKI Practice Statement and Key Management procedures. This includes process ownership for SSL certificate administration and PGP key administration throughout all TCH environments. The role includes the responsibilities associated with supporting customer connectivity issues related to SSL and PGP installations and changes.

Qualifications Required:

  • 3+ years’ experience supporting and troubleshooting FTPS and PGP encryption
  • Understanding of Cryptography and Key Management
  • Entrust EPKI experience
  • Symantec MPKI experience
  • Knowledge of X.509 digital certificates
  • Knowledge of TLS/SSL protocol
  • Java SSL (Keystore) experience
  • OpenSSL experience
  • Strong verbal and communication skills

Qualifications Desired:

  • 5+ years’ experience as a PKI certificate administrator
  • Minimum three (3) years with Payments industry standards (PCI, ANSI, ISO, EMVCo)
  • Minimum three (3) years equivalent experience with regulations and compliance relating to debit and credit services
  • Minimum three (3) years equivalent experience in a technical operations area of a financial institution, including an understanding of Card Services, debit/credit card processing and other card operations activities
  • Familiar with EMV specifications and processes, both from an issuer and a merchant perspective
  • Familiar with payment network tokenization standards, both from an issuer and a digital/mobile wallet point of view
  • 3+ years’ experience supporting and troubleshooting IBM MQ TLS protocol and certificate management
  • 3+ years’ experience supporting and troubleshooting McAfee PGP encryption
  • Experience supporting IIS TLS certificate enabled websites

Essential Functions and Responsibilities:

  • Ownership for SSL certificate administration and PGP key administration throughout all TCH environments
  • Perform devices and application level key management activities to minimize the number of years a chosen key can used in crypto analysis
  • Define and configure cryptographic key profiles to facilitate transaction processing , store and distribute digital certificate utilized within the application for Issuers and by Vendor applications
  • Research and recommend Cryptographic changes within application to ensure advancement and adoption in the applications with compliance with industry standards
  • Define and implement cryptographic algorithms to mitigate unauthorized disclosure or modification of sensitive data while in storage or during transmission
  • Perform specialized third party application level key management such as, Member Request Tool for MasterCard, PGP key generation, distribute and manage their rotation schedule
  • Focal point for all DEV and QC, BT and Production third party keystore creation, testing and key related technical debt which are postponed or rescheduled because of competing priorities
  • Provide Cryptographic support for Real-Time Payments key management and which involves bulletin generation, key generation and distribution
  • Provide Key Management support for Secure Token Exchange Program which include Key Profile Management, profile updates and new import and export procedure requirements
  • Participate in annual PCI DSS, PCI TSP audits and remediation’s as directed by appropriate leadership
  • Monitor Key Management activities and collaborate with Quality Control to advice on transaction processing calls and defects

Performance Standards:

  • Performance is evaluated annually
  • Must stay current with standards as they pertain to PGP, PKI, and KMS configurations
  • Must have a strong and diverse technical skill set
  • Must be able to identify problem areas and implement required solutions

Physical Demands and Work Environment:

Work is generally sedentary in nature, but may require standing and walking. The working environment is generally favorable. Lighting and temperature are adequate, and there are no hazardous or unpleasant conditions caused by noise, dust, etc. Work is generally performed within an office environment, with standard office equipment available.

Apply Below*:

  • A letter of interest describing your experience and interest in the position
  • Your resume
  • Names and contact information of three references, or three letters of reference

* Please submit a single application per position.

Submit Your Resume