Sr. Lead Infrastructure Engineer - HSM Management

We are seeking a highly skilled Senior Infrastructure Engineer with deep expertise in infrastructure architecture, system design, and Hardware Security Module (HSM) management, specifically with Thales and FutureX platforms. The ideal candidate will play a key role in designing, implementing, and maintaining secure, scalable, and resilient infrastructure solutions to support critical business services, with a focus on payments and cryptographic operations. 

Key Responsibilities 

• Lead the architecture, design, and documentation of complex HSM and cryptographic infrastructure, ensuring alignment with business, resiliency, and security requirements.
• Design and implement HSM solutions (Thales and FutureX), including deployment, configuration, integration, and lifecycle management.
• Develop and maintain detailed architectural diagrams, system documentation, and operational runbooks.
• Collaborate with cross-functional teams to define infrastructure standards, best practices, and security controls.
• Oversee the migration, upgrade, and consolidation of HSM infrastructure, ensuring minimal disruption and maximum security.
• Provide expert guidance on cryptographic key management, secure storage, confidential computing, and compliance with industry standards (e.g., PCI DSS, FIPS).
• Troubleshoot and resolve infrastructure and HSM-related issues, performing root cause analysis and implementing corrective actions, leveraging tools such as Splunk.
• Participate in risk assessments, audits, and incident response activities related to infrastructure and HSM environments.
• Mentor junior engineers and contribute to the continuous improvement of infrastructure processes and capabilities.
• Apply domain knowledge of payment processes and business resiliency to infrastructure design and operations.

• Utilize Infrastructure as Code tools such as Terraform for automation and management.

   

Qualifications

• Bachelor’s or Master’s degree in Computer Science, Information Technology, or related field.
• 7 years of hands on engineering experience with HSMs with expertise in architecture & system design of highly available infrastructure, disaster recovery and business continuity strategies.
• Proficient technical troubleshooting skills with strong Linux/Unix Administration skills and experiences.
• Strong understanding of cryptographic principles, key management, confidential computing, and secure hardware operations.
• Hands-on experience with OpenSSL and certificate-based authentication mechanisms.
• Expertise in public cloud key management and HSMs.
• Proficiency in designing and documenting infrastructure architectures using industry-standard tools.
• Experience with network security, firewalls, and secure room operations and ceremonies is a plus.
• Experience with Splunk for monitoring and troubleshooting.
• Experience with Terraform for infrastructure automation.
• Strong domain knowledge of payment processes and business resiliency.
• Excellent problem-solving, communication, and leadership skills.
• Relevant certifications (e.g., Thales/FutureX HSM certifications) are highly desirable.

#CTC