Cryptography Specialist

Job Description

To provide expertise and support on the cryptographic environments for the Bank and provide advice into the Cryptography strategy for the Bank whilst adhering to key and certificate management processes compliance and controls.

Hello Future Cryptography Specialist

Welcome to FNB, the home of the #changeables. We design for the shapeshifters and deliver products and services that make us incredibly proud of people that make it happen.

Are you someone who can:
Have a working understanding of the following competency with 3- 5 years applied experience in key management and cryptography as the primary responsibility.
- Access Control Systems and Methodology
- Telecommunications and Network Security
- Security Management Practices
- Key management and Cryptography
- knowledgeable of PKI concepts, designs and practices and hands-on experience with:

- Certificate Authority Administration
- Certificate enrolment process
- Active Directory Certificate services
- Hands-on skill with Microsoft Certificate Services and its related components
- Working knowledge of Active Directory and its integration with Microsoft PKI
- Knowledgeable of cryptographic process and concepts (symmetric/asymmetric cryptography, secure hash, digital signatures) and hands on experience with:

- Bank card issuing process
- Bank card acquiring process
- Key injection Facility process
- Bank card Embossing
- EMV key Process
- Key management & Cryptography consulting, administration, and support experience.
- Excellent written and verbal communication skills
- Extremely detail orientated
- Standby/ Callout
- Afterhours work
- Excellent diagnostic and problem-solving skills
- Monitor and manage security logs
- Business Continuity Planning (BCP) and (DRP)
- Physical Security
- Regulatory and mandatory standards.
- Systems analysis and design
- Programming skills (where relevant)
- Systems development life cycle
- RACF
- TSO
- TCP/IP
- SFTP
- MFT
- Smartcard Technology
- Card personalisation (P3)
- MS Windows
- Linux (Suse)
- IPSEC
- SSL / TLS
- Standards (FIPS, ANSI, ISO, PKCS, etc)
- Public Key Infrastructure
- IBM - DKMS
- IBM- TKE
- SWIFT Net
- Venafi
- Secure Data (Tokenisation)

Hardware
- IBM crypto
- POS Devices
- ATM EPP
- Thales
- Safenet
- nCipher
- Futurex

Role responsibility
- Establish and maintain cryptographic solutions design and architecture, for new and existing systems.
- Assist with the evaluation, design and delivery of major new Cryptography security technologies across FRG
- Using technical experience and knowledge of the business and processes, produce innovative solutions designed to improve the Group’s information security posture, increase operational efficiencies and reduce operational costs
- Drive continuous improvement of Security services by reviewing the performance of existing processes.
- Manage the installation, commissioning and configuration of specialist cryptographic devices.
- Drive the development and provision of security mechanisms to ensure successful disaster recovery.
- Provide guidance to the junior team members on day-to-day support of existing systems as per service levels agreements
- Perform Key Management with best practices followed throughout the key life cycle
- Creating and maintaining of Cryptographic keys and to provide hands-on Key management support (24/7) of existing systems.
- Investigate and encourage automation for recurring tasks
- Conducting investigations related to Key Management problems / Incidents and take corrective action as per change management processes
- Identify, create and maintain Key Management processes and procedure documentation
- Identify, and document process of monitoring and management tools
- Drive and keep abreast of cryptographic compliance requirements.
- Implement and manage PKI by configuring hardware to ensure secure issuing of all certificates
- Initiate and participates in special projects as required
- Maintenance of Cryptography Service Catalogue, and ensure that services are of high quality, relevant, and cost-effective.
- Collaborate with the Information Technology teams in the various Business areas and with the security teams i.e. Risk and Governance / Cybersecurity / ISO.
- Liaise and manage the relationship with Business Unit Third Party Information Security teams, to establish cryptographic links.
- Liaise with Cryptography solution providers/ Vendors
- Decommission Crypto Hardware Infrastructure by removing the logical keys, clearing the database and memory in the event of new hardware or to replace faulty infrastructure
- Assist virtual teams of security and technical specialists to integrate existing Crypto security technologies that have been independently deployed into different business units, ensuring the delivery of a single, high-quality, cost-effective solution
- Maintain the Crypto information security technology strategy, showing appreciation for the challenges presented by different business units and geogr