Greetings!
Our client is the world's largest credit union with over 10 million members, over $149 billion in assets, and over 23,000 employees.
Our client Navy Federal Credit Union is seeking an HSM Engineer – Cybersecurity Engineering-15345-Onsite in Vienna, VA/Pensacola, FL. You seem to have a rock-solid profile and your overall background seems to be a great match for the position.
Please review the below information for clarity on the position description.
Description:
Location: 100% onsite Vienna, VA/Pensacola, Florida (Onsite – 40 hours per week)
Note: Remote work is not permitted for this role.
Must be able to work inside a secure room environment and adhere to physical access policies
Position Summary:
We are seeking a highly skilled and motivated HSM Engineer to join our Cybersecurity Engineering team. This role will support the implementation, management, and operational oversight of Hardware Security Modules (HSMs) and related cryptographic systems. The ideal candidate will have extensive experience working with data encryption technologies, secure key management, and enterprise-scale infrastructure.
The engineer will also support secure room operations, including physical device handling, inventory control, and chain-of-custody protocols. This is a hands-on, onsite role located in Pensacola, FL, requiring physical presence for secure room access and compliance activities.
Primary Responsibilities:
Research, evaluate, design, implement, and maintain HSM-based security solutionsSupport secure room operations, including device handling, physical access control, and chain-of-custody managementImplement encryption solutions for data at rest and in transit, including TDE for databases (Oracle, SQL Server, etc.)Administer and maintain Hardware Security Modules (Futurex, Thales, Entrust, etc.)Develop and document processes for HSM lifecycle management, key ceremonies, and system hardeningSupport cryptographic key management systems (KMS) and key lifecycle practicesRespond to incidents, perform troubleshooting, and contribute to secure operational uptimeMaintain strong documentation, inventory control records, and asset tracking within the secure environmentCollaborate with cross-functional teams to stand up new security solutions and ensure alignment with compliance standardsDevelop and maintain technical diagrams, SOPs, and procedural documentationMonitor systems and implement alerting mechanisms for operational awarenessParticipate in audits, access reviews, and operational process assessments
Required Qualifications:
5+ years of experience in cybersecurity, system engineering, or HSM managementStrong experience with encryption solutions (data at rest/in transit, TDE, TLS, etc.)Experience with HSMs and cryptographic infrastructure in large enterprise environmentsSolid understanding of encryption, key management, and cryptographic ciphersHands-on experience with Windows and Unix/Linux operating systemsFamiliarity with virtualized environments and server managementExperience supporting daily operations in a highly secure, regulated environmentWorking knowledge of ServiceNow, Microsoft Office, and Excel (complex formulas and charting)Experience with physical security tools, including safes, access control systems, and video surveillanceExperience with chain of custody protocols and physical asset controlStrong procedural writing skills and experience with process documentationConceptual understanding of network architecture, firewalls, and subnets
Preferred Qualifications:
CISSP or other cybersecurity certification (preferred, not required)Experience with Key Management Systems (KMS) and key lifecycle platformsFamiliarity with tools like Venafi, CipherTrust, or CodeSign ProtectKnowledge of integrity monitoring, alerting, and operational security toolingBackground in supporting regulated environments (e.g., PCI DSS, NIST, FFIEC)