Description*** This role is located in Pittsburgh PA ONLY ****** Hybrid 3 days a week in Office***Job Description Summary:The Cryptographic Services Engineer Expert will independently lead and perform Data Protection engineering activities of building, configuring, troubleshooting, integrating and administrating Data Protection technologies and will support one or more of the following core technologies or services related to Encryption, Secure Data Transmission, Key Management, Certificate Management, Public Key Infrastructure (PKI) Administration, Tokenization, Cloud Security, Security Metrics/Reporting, and line of business consultation and governance.Duties & Responsibilities:Serve as a Subject Matter Expert (SME) and ambassador for Huntington encryption technologies.Assist in the design, implementation, and delivery of comprehensive key management, certificate management, tokenization & other Data Protection technologies, including work estimation and consultative validation of technical feasibility and principles, in coordination with defined enterprise goals.Establish policies and processes for Encryption Key Management and Certificate Lifecycle Management based on industry standards & best practices.Collaborate with cross-functional stakeholder(s) other engineers and managers to assist in comprehension of key management and encryption policy requirements, the development and testing of these policies, and successful deployments into various production environments.Perform ongoing review and analysis of cryptographic frameworks and remediation workflows including testing and implementation of Post-Quantum encryption technologies and algorithms across our technology landscape.Author documentation for cryptographic policies, system configuration, procedures, workflows, and architectural patterns related to cryptography.Configure, deploy, and manage encryption services related to Hardware Security Module (HSM) Appliances, Public Key Infrastructure (PKI), and Encryption Key Management systems.Maintain and Troubleshoot operations, protocols, and create reports to monitor ongoing performance of teams cryptographic technologies.Independently lead execution of both scheduled engineering build/configuration events as well as incident(break/fix) events to include participation in rotating on-call 24x7 support.Basic Qualifications:Bachelor's Degree (Computer Science, Information Security, or a relevant field).7 years IT or Information Security Engineering experience (Military service may qualify).3 years experience in configuring, monitoring and managing HSM/Key Management Technology (Gemalto, SafeNet, Thales, FutureX, nShield, Utimaco).Preferred Qualifications:Expert Proficiency in various cryptographic related tools and hardware within a Financial Services environment (Certificate Management tools, Active Directory Certificate Services, Tokenization, OpenSSL, PGP, Venafi, Hashicorp, KeyFactor).Experience with Java, SQL, Powershell and/or Python including interpreting & authoring queries/scripts.Expert and hands-on working knowledge of two or more of the following: Networking Design and Operations (OCI Model, TCP/IP, Interconnecting Network Devices, SSH, SSL/TLS Encrypted Communications, X.509 Certificate Management, Kerberos, Active Directory, SFTP, SCP, HTTP/HTTPS, KMIP/NAE, SCEP/EST, NDES, OCSP, TLS/Cipher Suites).Expert proficiency with leading troubleshooting moderately complex IT Infrastructure/Server/Networking issues.Expert proficiency with leading technical system maintenance (Patch management, configuration management, design documentation management).Familiarity with Cloud Encryption Services (Amazon KMS, Azure Key Vault, Google Cloud Key Management).Advanced knowledge in following Cyber Security Concepts: (Vulnerability Management, Network Security, Logging and Event Monitoring, Data Loss Prevention, Identity Access Management, Threat Intelligence, Penetration testing, IT Risk Management, Endpoint Security).IT Certification: CISSP; CEH; CompTIA Network+, A+, Security+ or equivalent; ITIL Fundamentals; Cisco’s CCNA, CCNP; GIAC; ISC2; Microsoft MCP (Microsoft Certified Professional) or advanced Microsoft certification; Cloud Security Practitioner/Professional.Other Working Conditions7x24 on-call support rotation may be required.Occasional travel may be required (