JOIN OUR TEAM

At Levi Nine we are passionate about what we do. We love our work and together in a team we are smarter and stronger. We work in a dynamic and challenging environment with talented and forward-thinking people who are part of creative and innovative teams. We are looking for skilled team players who make change happen. Are you one of these players?

OUR PARTNER:

Our partner, ABN AMRO Clearing, is a global leader in the domain of clearing, offering access to a wide range of listed instruments on markets across the globe.

IT is at the heart of their organization with more than 30 different product teams and 10 different platform teams that are trying to build the best products & services for their customers.

Their presence in important financial centers like Amsterdam, Chicago, Sydney, Singapore, Tokyo Hong Kong, London, Sao Paulo, Frankfurt and Iasi, allows them to effectively serve clients worldwide and maintain close proximity to their diverse customer base.

THE ROLE INVOLVES:

Cyber criminals are getting smarter. Can you keep our data safe?

We are seeking for our partner a highly specialized Data Security SME to help their organization in the strategic design and oversight of their cryptographic policies and standards enhancing the organization's cryptographic governance framework and posture.

The role will ensure their data remains protected (confidentiality, integrity, and availability) throughout its lifecycle by defining guardrails, processes, and procedures for Cryptography, Enterprise Key Management, Public Key Infrastructure, and Certificate Lifecycle Management.

Responsibilities:

• Define, develop, and maintain the enterprise cryptographic standards and guidelines aligned with industry practices such as NIST, ISO 27001, GDPR, FIPS 140-2/3, etc.

• Establish a cryptographic governance framework covering algorithm selection, key strength, usage, and lifecycle controls.

• Define and develop processes/procedures and support design and implementation of encryption strategies for data at rest, in transit, and in use.

• Govern, monitor, and support design, deployment, and management of secure encryption key management solutions across on-premises and multi-cloud environments.

• Define and enforce full lifecycle governance for cryptographic keys, including generation, distribution, storage, key usage and access, rotation, backup, archival, and secure destruction.

• Serve as primary consultant to product/platform/engineering teams during design, integrations, onboarding, and migrations.

• Collaborate with application and infrastructure teams to integrate secure key usage and storage into applications and platforms.

• Govern the end-to-end lifecycle of digital certificates (SSL/TLS, Code Signing, SSH Keys).

• Collaborate with internal teams to enforce TLS standards, proper certificate usage, and secure data encryption strategies.

• Define and establish certificate management processes/procedures, identify infrastructure gaps, and implement process improvements to increase operational reliability.

• Drive and implement automation of certificate management activities to eliminate manual errors and prevent service outages.

• Responsible for conducting and assessing risks associated with cryptographic & key management processes/systems, public key infrastructure (internal/external) and certificate lifecycle management processes/systems.

• Support adoption of crypto agility and readiness for post-quantum cryptography.

• Develop and deliver training and awareness on data security practices.

TECHNICAL PLAYGROUND:

• 5-6 years of experience in the Cybersecurity domain.

• 4-5 proven years of experience of governance in cryptography, key lifecycle management, hardware security modules (HSMs), public key infrastructure, and certificate lifecycle management.

• Deep understanding of symmetric/asymmetric cryptography, post-quantum cryptography, data (at-rest, in-transit, and in-use) encryption, hashing, and digital signatures.

• Proficiency in PKI architecture, OCSP, CRLs, and Root CA, CA hierarchy management.

• Strong governance, risk, and compliance (GRC) mindset.

• Ability to perform security risk assessment and translate complex technical risks and business language.

• Automation mindset: ability to reduce manual operations and suggest automations, preferably hands-on scripting (such as python/go) experience to automate tasks.

NICE TO HAVE:

• Experience with PKI/CLM tools such as Venafi, DigiCert, Sectigo, HashiCorp vault, AppViewX, AWS ACM, AWS KMS, Azure Key Vault, GCp KMS, Google CAS, etc.

• Experience with DevSecOps, Secrets Management, Containerization Security (Kubernetes), OpenShift etc.

• Proven experience in clearing/settlement, banking, or payments environments.

• Certifications: one or more among CISSP, CCSP, CISA, CISM, EC-Council Certified Encryption Specialist (ECES), GIAC Cryptography (GCIP) is highly desirable.

• A keen interest in cyber security and a desire to learn.

• Relevant University degree.

SOFT SKILLS:

• Excellent verbal and written communication skills in English; able to translate technical topics for non-technical audiences.

• Strong instinct (do the right thing), a deep understanding of cybersecurity, particularly in data security domain.

• Strong interpersonal and assertive communication skills, great team member.

• Problem-solving and troubleshooting skills.

• Desire to continuously learn and improve in a complex, rapidly evolving environment.

• Cultural sensitivity when working with diverse nationalities.