Cryptography Asset and Threat Management Lead - Insurance
We are currently recruiting for a Cryptography Asset and Threat Management Lead to join one of our Global Insurance Clients on a 6 month contract.
Please note, this role is Inside IR35 and remote working.
Skills & Experience:
- Experience in cryptography threat and risk management within a complex enterprise environment.
- Knowledge of cryptography, related protocols, and key management best practices, including the ability to identify and assess weak, deprecated, or misconfigured cryptographic configurations.
- Experience analysing crypto-related threats and translate findings into actionable remediation plans for asset owners, with attention to detail and appropriate technical accuracy.
- Experience operating or interpreting outputs from cryptographic discovery, inventory, or threat scanning tools (e.g. CBOM tooling, or equivalent).
- Experience working with cryptographic and key management technologies and libraries in cloud and hybrid environments such as Azure, AWS, GCP and OCI, pipelines, and with software development teams.
- Familiarity with code review techniques relevant to identifying cryptographic weaknesses in application code or infrastructure-as-code.
- Experience developing and managing security related controls and processes to SOC2 standards, ensuring ongoing audit-readiness.
- Understanding of certificate lifecycle management, including X.509 certificate operations, renewal processes, and associated tooling.
- Familiarity with relevant cryptography related regulatory and industry frameworks and standards including NIST, FIPS 140, IETF, ISO/IEC 27001, DORA, and GDPR.
If this role is of interest to you and would like to know more, please apply now!
