Big ID-Thales Cipher - Consultant

About Atos

Atos is a global leader in digital transformation with c. 78,000 employees and annual revenue of c. € 10 billion. European number one in cybersecurity, cloud and high-performance computing, the Group provides tailored end-to-end solutions for all industries in 68 countries. A pioneer in decarbonization services and products, Atos is committed to a secure and decarbonized digital for its clients. Atos is a SE (Societas Europaea) and listed on Euronext Paris.

The purpose of Atos is to help design the future of the information space. Its expertise and services support the development of knowledge, education and research in a multicultural approach and contribute to the development of scientific and technological excellence. Across the world, the Group enables its customers and employees, and members of societies at large to live, work and develop sustainably, in a safe and secure information space.

Responsibilities:

• Design and implement data obfuscation strategies using Thales CipherTrust Tokenization, FPE, and Data Masking modules.

• Define and build reusable obfuscation templates and policies based on data classification, sensitivity, and business use cases.

• Apply obfuscation to PII, PCI, and other regulated data across databases, applications, files, APIs, and cloud services.

• Install, configure, and administer CipherTrust Manager, DSM, and related connectors.

• Develop and deploy integration patterns with enterprise systems (e.g., Oracle, SQL Server, Kafka, Snowflake, Salesforce, AWS, Azure).

• Automate policy deployment and secret rotation using APIs, CLI, or scripting tools (e.g., Ansible, Terraform, Python, Shell).

• Work with or integrate secondary data protection tools (e.g. DLP, IRM, MIP etc.)

• Design, deploy, and manage PKI systems, including root and subordinate certificate authorities (CAs).

• Manage digital certificate lifecycles for users, devices, and services.

• Ensure secure storage and access controls for encryption/decryption and signing keys.

• Enable cross-platform key management and policy consistency for hybrid and multi-cloud environments.

• Align obfuscation patterns with internal data protection standards, classification schemes, and regulatory frameworks (GDPR, CCPA, DORA, SEBI, etc.).

• Provide obfuscation logs and audit evidence to support security assessments, audits, and compliance reviews.

• Implement monitoring and alerting for obfuscation control failures, anomalies, or unauthorized access attempts.

• Create detailed technical documentation, SOPs, and configuration guides.

• Train internal engineering teams and application owners on how to securely integrate with obfuscation services.

• Collaborate with data governance, security architecture, and DevSecOps teams to drive secure-by-design initiatives. Knowledge, Skill, Experience Required:

Required:

• 3–6 years of hands-on experience with Thales CipherTrust Data Security Platform (Tokenization, DSM, FPE, Masking).

• Strong knowledge of data protection concepts: tokenization (deterministic and random), pseudonymization, static/dynamic masking, and encryption

. • Experience integrating obfuscation solutions with databases (Oracle, SQL, PostgreSQL, etc.), enterprise apps, and data pipelines.

• Proficiency in scripting and automation tools: Python, Shell, REST APIs, Ansible, CI/CD pipelines.

• Familiarity with key management, HSM integration, and data access policies.

Beneficial:

• Thales Certified Engineer / Architect – CipherTrust • CISSP, CISA, CDPSE, or CIPT will be a binus

• Cloud Security Certification (e.g., AWS Security Specialty, Azure SC-300)

Personal Characteristics:

• Strong analytical and problem-solving mindset

• Ability to work independently in a fast-paced, global enterprise environment

• Excellent documentation and communication skills

• Comfortable collaborating with cross-functional teams (App Dev, Security, Compliance, Data Governance)

• Experience supporting enterprise data security transformations and data-centric protection strategies

#LinkedIN