Cryptographic Architect

Bank of America Chicago, IL 2019-03-14

Job Description:

The Cyber Security Technology (CST) function within Global Information Security is responsible for innovation and architecture, engineering, solutions and capabilities development, deployment maintenance and support of information technology security controls. The CST team is also responsible for the management of the program/project management teams.

The Cryptography Architect will be a functional member of the Cyber Security Technology (CST) Cryptography Domain and will act as a point of contact providing guidance on Cryptographic topics, policies, controls, and topics which are new in the media/have media focus.

As a Cryptography Architect your main responsibilities will include:
o Develop an understanding of the Bank and Industry risks, with a specific slant to Cryptography, and key Management.
o Work independently in providing Cryptographic architectural reviews, design and guidance for the Bank
o Provide advisory and oversight for changes to Cryptographic and Key Management based Standards and Baselines.
o Work in collaboration with GIS Peers supporting them in their activities and helping them continue to provide Defense in Depth Information Security over sight.
o Establish and maintain a network of stakeholders and partners.
o Act as an escalation point for Cryptography, and PKI questions and best practices.
o Coordinate and remediate ad hoc GIS issues and assist partners to reach a resolution in line with GIS baselines and standards.
o Keep up to date with Cryptographic risks and emerging threats.
As a Cryptography Architect your essential skills will include:
o Have a natural desire and curiosity to learn about new cryptographic concepts/processes, threats and Vulnerabilities
o Have a natural ability to think ‘outside of the box’, and want to design and lead the Industry
o Good understanding of algorithms ranging from symmetric, a-symmetric, hashes, and random number generators
o Have a good understanding of PKI including the Certificate lifecycle, Certificate Practice Statements and Certificate Policies
o Be aware of industry approved/recognized algorithms verses proprietary/non-approved.
o Experience with Key split, derivation and distribution models.
o Be familiar with all aspects of the Key lifecycle including storage
o Good knowledge of Hardware Security Modules verses Software based modules, and the FIPS 140-2 certification.
o Have a good understanding of cryptography based protocols including external communications, data storage, authentication and data transfer.
o Have a good understanding of where Cryptography fits within the wider spectrum of Information Security.
o Have a desire to share knowledge and assist Peers in their understanding
o Have an ability to communicate at all levels