Role Summary
• We are seeking a Cryptography Subject Matter Expert (SME) with strong DevOps and DevSecOps engineering capabilities to design, automate, and operate cryptographic and certificate-based security services across hybrid and cloud environments. The role will focus on secure-by-design CI/CD pipelines, infrastructure automation, certificate lifecycle management, and security control integration, supporting large‑scale enterprise platforms.
• The ideal candidate will combine hands‑on DevOps engineering with deep understanding of cryptographic services (PKI, certificates, keys, secrets) and will work closely with application, cloud, security, and compliance teams.
Key Responsibilities
Cryptography & Security Engineering
• Act as SME for cryptographic services, including PKI, certificate lifecycle management, key management, and trust models.
• Design and implement secure certificate issuance, rotation, renewal, and revocation processes across platforms.
• Support cryptographic controls aligned to enterprise security standards and regulatory requirements.
• Provide advisory support on encryption, TLS, secrets handling, and cryptographic best practices.
DevOps / DevSecOps
• Design, build, and maintain CI/CD pipelines with embedded DevSecOps controls.
• Integrate security scanning tools (SAST, SCA, DAST, container scanning, IaC scanning) into pipelines.
• Automate security and cryptography‑related workflows using Python/Bash scripting.
• Implement Infrastructure as Code (IaC) using Terraform and Ansible for secure, repeatable deployments.
Cloud, Containers & Platforms
• Deploy and secure workloads on cloud platforms (AWS/Azure/GCP).
• Implement and manage Kubernetes and Docker environments with security best practices.
• Support container security, secrets management, and secure service-to-service communication.
Automation & Operations
• Build security automation for certificate management, compliance checks, and operational monitoring.
• Collaborate with platform and SRE teams to improve reliability, scalability, and security posture.
• Participate in incident response, root cause analysis, and remediation related to cryptographic or platform issues.
Collaboration & Governance
• Work closely with application teams, security architects, cloud engineers, and compliance stakeholders.
• Produce and maintain technical documentation, runbooks, and design artefacts.
• Support audits, risk assessments, and security reviews where cryptographic controls are in scope.
Primary Skills (Mandatory)
• Strong DevOps engineering experience
• CI/CD pipeline design and implementation (GitHub, Jenkins or equivalent)
• Infrastructure as Code (Terraform, Ansible)
• Python and Bash scripting for automation
• Kubernetes and Docker
• Hands‑on experience with cloud platforms (AWS / Azure / GCP)
• DevSecOps controls and security automation
• Strong understanding of secure SDLC
Secondary / Desirable Skills
• PKI and Certificate Management platforms (e.g., enterprise CA, certificate lifecycle tools)
• Security scanning and policy enforcement integration
• Web technologies and application architecture exposure
• Networking and network security fundamentals (TLS, load balancers, proxies, firewalls)
• IAM / Secrets management exposure (preferred)
Experience & Qualifications
• 610+ years of experience in DevOps / Platform / Security Engineering roles
• Proven experience working in large enterprise or regulated environments (BFSI preferred)
• Strong problem‑solving skills with an automation‑first mindset
• Ability to operate independently as an SME while collaborating across teams