Cryptography Asset and Threat Management Lead - Insurance
Posted Today by Lorien
Negotiable
Inside
Remote
City of London
Summary: The Cryptography Asset and Threat Management Lead will oversee cryptography threat and risk management for a global insurance client on a 6-month contract. This role requires expertise in cryptographic protocols and risk assessment within complex enterprise environments. The position is remote and classified as inside IR35.
Key Responsibilities:
- Manage cryptography threat and risk within a complex enterprise environment.
- Identify and assess weak or misconfigured cryptographic configurations.
- Analyze crypto-related threats and develop actionable remediation plans.
- Operate and interpret outputs from cryptographic discovery and threat scanning tools.
- Work with cryptographic technologies in cloud and hybrid environments.
- Conduct code reviews to identify cryptographic weaknesses.
- Develop and manage security controls to SOC2 standards.
- Oversee certificate life cycle management and associated tooling.
- Ensure compliance with cryptography-related regulatory frameworks.
Key Skills:
- Experience in cryptography threat and risk management.
- Knowledge of cryptographic protocols and key management best practices.
- Ability to analyze threats and create remediation plans.
- Experience with cryptographic discovery and threat scanning tools.
- Familiarity with cloud environments like Azure, AWS, GCP, and OCI.
- Understanding of code review techniques for cryptographic weaknesses.
- Experience with SOC2 standards and audit readiness.
- Knowledge of certificate life cycle management.
- Familiarity with regulatory frameworks like NIST and GDPR.
Salary (Rate): undetermined
City: City of London
Country: United Kingdom
Working Arrangements: remote
IR35 Status: inside IR35
Seniority Level: undetermined
Industry: IT
Cryptography Asset and Threat Management Lead - Insurance
We are currently recruiting for a Cryptography Asset and Threat Management Lead to join one of our Global Insurance Clients on a 6 month contract.
Please note, this role is Inside IR35 and remote working.
Skills & Experience:
- Experience in cryptography threat and risk management within a complex enterprise environment.
- Knowledge of cryptography, related protocols, and key management best practices, including the ability to identify and assess weak, deprecated, or misconfigured cryptographic configurations.
- Experience analysing crypto-related threats and translate findings into actionable remediation plans for asset owners, with attention to detail and appropriate technical accuracy.
- Experience operating or interpreting outputs from cryptographic discovery, inventory, or threat scanning tools (eg CBOM tooling, or equivalent).
- Experience working with cryptographic and key management technologies and libraries in cloud and hybrid environments such as Azure, AWS, GCP and OCI, pipelines, and with software development teams.
- Familiarity with code review techniques relevant to identifying cryptographic weaknesses in application code or infrastructure-as-code.
- Experience developing and managing security related controls and processes to SOC2 standards, ensuring ongoing audit-readiness.
- Understanding of certificate life cycle management, including X.509 certificate operations, renewal processes, and associated tooling.
- Familiarity with relevant cryptography related regulatory and industry frameworks and standards including NIST, FIPS 140, IETF, ISO/IEC 27001, DORA, and GDPR.
If this role is of interest to you and would lilke to know more, please apply now!
Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy.
