Lead Cryptographic Engineer
Sydney, Australia
Cuscal
Cuscal is a payments & regulated data services provider in Australia. Since 1966 we have enabled banks, corporates and fintechs to better serve and connect with their customers.Company Description
Be the inventor and enabler of our business!
At Cuscal, our tech team are the hands and heart for what we do best. They’re the inventors, the creators, the enablers of our business. They turn ideas into reality. They test. They refine. They perfect.
We are looking for a Lead Cryptographic Engineer, to architect, implement, and manage enterprise-grade cryptographic systems, ensuring the confidentiality, integrity, and availability of sensitive data.
Job Description
What is this role about?
As the Lead Cryptographic Engineer, you will lead the design and deployment of cryptographic solutions, including encryption algorithms, secure key management, and Hardware Security Modules (HSM). By collaborating with cross-functional teams, you will ensure cryptographic standards align with evolving regulatory and security requirements, playing a critical role in safeguarding organisational assets.
Here’s some more insight into what you’ll work on,
- Cryptographic Architecture & Leadership:
- Accountable for drive the design, implementation, and optimization of cryptographic solutions across the enterprise, ensuring robust protection for sensitive data.
- Lead cryptography initiatives, including symmetric/asymmetric encryption, digital signatures, and key management protocols, embedding security by design.
- Responsible for preparing reports for management, audit, and regulatory submissions, highlighting Crypto control efficacy, and incident response performance.
- HSM and Key Management Oversight:
- Architect and manage HSM infrastructures, ensuring secure key generation, storage, rotation, and destruction.
- Lead the deployment of secure key management systems (HSM, KMS) and cryptographic protocols across diverse environments, ensuring compliance with security policies.
- Advanced Encryption & Compliance Alignment:
- Responsible for implementing advanced encryption standards (AES, RSA, ECC) and cryptographic algorithms aligned with regulatory requirements (e.g., PCI DSS, NIST).
- Responsible for encryption strategies are both cutting-edge and compliant with evolving global standards.
- Cryptography Lifecycle Management:
- Oversee the end-to-end cryptographic lifecycle, ensuring secure implementation from design through maintenance.
Qualifications
What can you bring?
- 7+ years of experience in cybersecurity, with a focus on management of cryptographic engineering, incident response, and threat intelligence.
- Extensive experience in cryptographic systems architecture, including deep knowledge of encryption algorithms (AES, RSA, ECC), key management protocols (PKI, HSM), and cryptographic protocols (TLS, IPsec, SSH).
- Proven hands-on experience managing HSMs (e.g., Thales, SafeNet) and KMS solutions across cloud and on-premises environments, ensuring secure key management and cryptographic compliance.
- Hands-on experience with scripting languages (e.g., Python, PowerShell, Bash).
- Strong understanding of advanced exploitation techniques and attack vectors (e.g., buffer overflows, SQL injection, APTs, privilege escalation). Expert at conducting threat modelling (STRIDE, DREAD) and applying countermeasures to mitigate threats.
Additional Information
Why Cuscal?
We are in the rapidly evolving world of payments, and we are committed to providing a diverse and inclusive workplace where the very best talent in Australia chooses to work. We support our colleagues with flexible work arrangements through our hybrid model whilst also offering a wide range of educational, financial, lifestyle, health & wellbeing benefits.
Next Step
If you think this role is the right fit for you, we invite you to apply. Let’s explore who you are and what drives you. We’d love to share our vision for the future of payments sector. Please note candidate screening and interviews may be conducted prior to the closing date of the job advert.
Cuscal does not accept unsolicited resumes from recruitment agencies and search firms. Please do not email or send unsolicited resumes to any Cuscal employee, location or address.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: AES Bash Cloud Compliance Crypto Cryptography Encryption Incident response NIST PCI DSS PKI PowerShell Python RSA Scripting SQL SQL injection SSH Threat intelligence TLS
Perks/benefits: Health care
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.