Cryptographic Software Engineer

Cryptographic Software Engineer

The EndoSec Cryptographic Software Engineer is responsible for designing, developing, and implementing cryptographic algorithms and protocols used in our products. The candidate will collaborate with other engineers and security experts to build secure and efficient systems, contributing to our products and services' ongoing security and privacy.

Key Responsibilities

Cryptographic Development: Design, implement, and optimize cryptographic algorithms and protocols, such as encryption, decryption, digital signatures, hashing, key exchange, and secure multi-party computation.

Security Research: Stay up-to-date with the latest developments in cryptography and cybersecurity and apply relevant research to improve product security and privacy.

Software Integration: Work with hardware engineers to integrate cryptographic solutions into software products, ensuring compliance with security best practices.

Code Review and Testing: Perform code reviews and contribute to security testing to identify vulnerabilities and ensure robust security measures.

Performance Optimization: Focus on optimizing cryptographic code for performance and security, balancing trade-offs where necessary.

Documentation and Standards: Create technical documentation for cryptographic implementations and adhere to industry standards (e.g., NIST, FIPS) and protocols.

Collaboration: Collaborate with other teams (e.g., backend, infrastructure, security, and product management) to ensure the cryptographic components meet the overall system requirements and security goals.

Security Audits: Participate in security audits and code reviews to identify weaknesses, recommend improvements, and ensure secure coding practices are followed.

Position Requirements

• Ability to obtain and maintain a US government security clearance
• Bachelor s degree or higher in Computer Engineering, Mathematics, Engineering, or a related field
• At least three years of experience working with cryptography, secure software development, or related fields
• Familiarity with cryptographic algorithms and protocols (AES, RSA, ECC, SHA, TLS, etc.)
• Familiarity with security protocols (TLS/SSL, IPSec, SSH, etc.)
• Experience with public key infrastructure (PKI), key management, and certificate authorities
• Strong analytical and problem-solving skills, with the ability to manage complex software design issues effectively
• Familiarity with common hardware security standards and certifications (e.g., FIPS 140-2, Common Criteria, ISO/IEC 27001)
• Strong programming skills in Assembly, C/C++, Python, Java
• Strong documentation skills and the ability to convey complex information clearly and effectively
• Collaborative mindset and excellent communication skills to work effectively with cross-functional teams

Preferred Qualifications

• Experience with trusted platform modules (TPM), secure elements, or hardware-based security solutions
• Experience implementing cryptographic libraries (e.g., OpenSSL, Libsodium, or custom solutions)
• Familiarity with low-level firmware development (e.g., BIOS, bootloaders) and secure boot processes
• Experience with regulatory compliance frameworks (e.g., NIST, PCI DSS, etc.)
• Experience with secure software development practices and threat modeling
• Experience with penetration testing tools and frameworks