Join KPMG's dynamic team of cybersecurity professionals and make a direct impact on enterprise security infrastructure through cutting-edge encryption key management solutions.
KPMG Assignment Select is geared toward independent professionals interested in temporary or project-based work. Our team is composed of highly trained third-party professional individuals who are in the right place, at the right time, with the right skillset.
KPMG is working through its partnership with MBO Partners and is currently seeking a remote contractor in the United States.
Position:
Encryption Key Management Engineer
Role Overview:
We are seeking a skilled Key Management Engineer to join our team, with expertise in the architecture and tools for both symmetric and asymmetric key management, including Public Key Infrastructure (PKI).
This role requires experience managing cryptographic keys for applications, databases, infrastructure, including storage subsystems, and working with cloud-based tools and solutions.
A solid understanding of infrastructure utilizing cryptographic keys, experience with Hardware Security Modules (HSMs), basic development skills in Java and Python, and strong documentation and execution abilities are essential.
Act with integrity, professionalism, and personal responsibility to uphold the firm's respectful and courteous work environment.
Key Responsibilities:
- Design and implement architectures for symmetric and asymmetric key management solutions with a focus on PKI
- Manage and maintain cryptographic key infrastructure services, including key lifecycle management processes from creation to retirement
- Deploy and secure cryptographic keys for applications, databases, infrastructure, and storage subsystems, ensuring adherence to security standards and best practices
- Utilize and configure tools and products for key management, including those used in cloud environments such as AWS KMS, Azure Key Vault, and Google Cloud Key Management Service
- Integrate key management solutions into existing infrastructure, collaborating with cross-functional teams to ensure comprehensive security measures
- Configure, deploy, and manage Hardware Security Modules (HSMs) for secure key storage and operations, utilizing products like Thales, Gemalto, or SafeNet
- Develop scripts and applications using Java and Python to automate key management tasks and processes
- Document key management procedures, policies, and architecture designs to enhance operational efficiency and facilitate effective knowledge transfer
- Conduct regular assessments and audits of cryptographic systems to ensure compliance with industry best practices and standards
- Provide training and guidance to technical teams on key management best practices and security protocols
Qualifications:
- Proven experience in designing and implementing key management solutions, with emphasis on symmetric and asymmetric cryptography, including PKI
- Experience in key lifecycle management processes, involving key creation, distribution, rotation, and revocation
- Demonstrated ability to deploy and secure cryptographic keys for applications, databases, infrastructure, and storage subsystems
- Strong understanding of key management infrastructure and protocols, including HSM configurations and operations
- Experience with cloud-based key management tools like AWS KMS, Azure Key Vault, and Google Cloud Key Management Service
- Basic development skills in Java and Python with the ability to script and automate routine processes
- Hands-on experience with key management tools and products such as Thales HSM, Gemalto HSM, SafeNet, Microsoft Active Directory Certificate Services, OpenSSL, etc.
- Excellent documentation skills, able to produce clear and comprehensive technical documents and user guides
- Strong analytical and problem-solving skills to troubleshoot complex issues
- Demonstrated experience working in environments requiring strict security and compliance standards, familiar with frameworks like NIST, ISO 27001, and CIS
- Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa)
Technical Skills:
- Familiarity with network security concepts and secure communication protocols
- Understanding of cloud security concepts and practices
- Experience with security standards and frameworks (e.g., NIST, ISO 27001)
Preferred Qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field
- Experience with security operations tools and best practices
Benefits:
Work Location:
Remote
Travel:
20% to client site in NY. KPMG will cover the cost of all travel expenses.
KPMG complies with all local/state regulations in regard to displaying pay rate ranges. The pay rate range(s) displayed is/are specifically for those contracted who will perform work in or reside in the location(s) listed below, if selected for the role. Pay is determined based on a variety of factors including market data, ranges, applicant's skills and prior relevant experience, certain degrees and certifications (e.g. JD, technology), and specific location, for example. Additionally, applicants may be required to apply and become employed by a service provider utilized by KPMG, and final pay rate(s) and/or eligibility for additional benefits may be determined by such provider.
KPMG and MBO Partners are equal opportunity employers/contractors. All qualified applicants are considered without regard to race, color, creed, religion, age, sex/gender, national origin, ancestry, citizenship status, marital status, sexual orientation, gender identity or expression, disability, physical or mental handicap unrelated to ability, pregnancy, veteran status, unfavorable discharge from military service, genetic information, or other legally protected status.
Los Angeles County Applicants:
Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Work Location: Remote
