Senior Cloud Security & Cryptography Engineer
The Opportunity:
As a Cloud Cryptographic/Key Management Engineer you will develop solutions to operate in a large-scale infrastructure cloud environment securely supporting Special Operations Command Europe (SOCEUR) Hybrid Threat Action Platform (HTAP). These solutions will facilitate the deployment of software-defined networking, advanced security controls, and cryptographic capabilities to enable cloud usage to be flexible and highly secure. This position will ensure their solutions meet the highest cryptographic standards. Specialize in cryptographic solutions, key management, and enterprise security platforms for critical data security services. You will engineer and develop solutions supporting web and mobile applications, machine learning, and big data, with a strong emphasis on cryptographic integrity and security.
Responsibilities:
Build foundational backend services used by Cloud customers and internal Google systems to secure, rotate, and manage cryptographic keys (e.g., Cloud Key Management Service).
Work across all layers of the production stack, from high-level, customer-facing Cloud APIs down to low-level operating systems and physical hardware.
Architect and scale HSM (Hardware Security Module) backed services to meet strict enterprise compliance and high-availability requirements.
Design cryptographic and secret management solutions, manage key lifecycles, and handle encryption schemes (e.g., Customer-Managed Encryption Keys or External Key Managers).
Design and deploy environments like Confidential VMs and Trusted Execution Environments (TEEs) to protect data while it is in use.
Design robust, reliable data-centric security and authentication protocols across global, hyper-scale cloud data centers. Implement Client-Side Encryption (CSE) for Google Workspace and ensure mutually authenticated TLS 1.3 communications.
Qualifications:
Required:
Active Top Secret/SCI
BS in Computer Science, or equivalent practical experience in data structures and software security.
8+ years of industry experience in software development or cloud infrastructure engineering.
5+ years of advanced proficiency in general-purpose languages like Python, C, C++, Java, or Go.
5+ years’ experience designing and developing large-scale, distributed infrastructure or highly secure operating environments.
5+ years’ experience with cryptographic algorithms, Public Key Infrastructure (PKI), TLS/SSL, authentication protocols, and threat modeling.
3+ years of Google Cloud Identity, OAuth/SAML, Keycloak, and Google Workspace SSO integration.
Strong programming proficiency in languages such as C++, Go, or Python.
At least 3 years of experience in security and cryptographic engineering
At least 3 years of experience in Agile team roles supporting security and cryptographic projects
At least 3 years of experience with PKI, Key Management, and certificate lifecycle processes
GCP Professional Cloud Security Engineer certification
GIAC Python & Cryptography (GPCS / GCIP) certification
CCSP (Certified Cloud Security Professional) certification
CISA (Certified Information Systems Auditor) certification.
Desired:
4+ years of experience implementing scalable cloud applications and platform services utilizing cryptographic controls
4+ years of experience using Terraform to codify security and cryptographic infrastructure configurations
4+ years of network or operating system administrative experience focused on security hardening.
FIPS 140-2/3 validation processes and managing keys in a multi-level security environment, including policies for key generation and rotation.
What You Can Expect:
A culture of integrity.
At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation.
An environment of trust.
CACI values the unique contributions that every employee brings to our company and our customers - every day. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.
A focus on continuous growth.
Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy.
Pay Range:
There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.
Since this position can be worked in more than one location, the range shown is the national average for the position.
The proposed salary range for this position is:
$114,600-$252,100CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.
More jobs at Caci
- Intermediate Software Engineer — King George, VA, US
- Program Finance Analyst — Aberdeen Proving Ground, MD, US
- Network/SATCOM Engineer — St. Louis, MO, US
- Test Automation & DevOps Engineer — Chantilly, VA, US
Similar roles
- Principal Engineer, Firmware Security at Micron
- Senior Cyber Cryptographic Engineer at Capitalone
- Lead Cyber Cryptographic Engineer at Capitalone
- Sentinel - Information Assurance Engineer (level 2 or 3) - 18789 at Ngc