Halian - Security Architect - Luxembourg
Halian
- Luxemburg
- Unbefristet
- Vollzeit
- Define KMS functionality and design clean interactions with classical KMS functionality as part of the software architecture definition.
- Design secure KMS architecture based on selected TEE platforms and HSM, including internal and external interfaces.
- Design static and dynamic software architecture for specific KMS functionality running in TEE, addressing software-software and software-hardware interfaces.
- Identify key specific KMS functionalities to be prototyped and executed within TEE.
- Analyze standardized protocols for key management and KMS interaction, focusing on KMIP and PKCS, and select the most suitable protocol.
- Analyze available TEE-enabling platforms, with a focus on AMD and ARM, and select the most appropriate for the application.
- Analyze COTS Key Management and HSM solutions from leading European providers, selecting the HSM solution meeting requirements.
- Implement TEE with selected key-specific KMS functionalities and test interfaces with selected HSM solution.
- Derive a blueprint for formal specification of secure KMS design and properties, or an actual formal specification of a chosen subset of key functionality.
- Analyze the implementation of Blockchain technology to facilitate traceable authenticated key negotiations and auditable key synchronization.
- Produce implementation of prototype based on design, or formally verified implementation with mathematical guarantees.
- Perform validation testing of selected key specific KMS functionalities implemented in TEE, focusing on interaction with HSM, and report findings.
- Test implemented functionality in TEE and interaction with HSM in overall network setup to test interaction between secure KMS and terrestrial Quantum Key Distribution (QKD) infrastructure.
- Bachelor's or Master's degree in Computer Science, Information Security, or related field.
- Proven experience in designing and implementing secure architectures for cryptographic systems.
- Expertise in Trusted Execution Environments (TEE), Hardware Security Modules (HSM), and network security protocols.
- Strong understanding of cryptographic principles and key management best practices.
- Familiarity with standardized protocols such as KMIP and PKCS.
- Experience with Blockchain technology and its application in secure key negotiations.
- Excellent problem-solving skills and attention to detail.
- Effective communication and collaboration abilities.
- Ability to work independently and within a team in a fast-paced environment.
ICTJob