Halian - Security Architect - Luxembourg

Halian

  • Luxemburg
  • Unbefristet
  • Vollzeit
  • 1 Monat her
As an international IT services company, Halian have worked hard for 20 years to understand the issues that keep our customers awake at night and to create the answers that make their lives a little easier. Our mission - the goal that's shared by everybody at every level - is “to deliver the best people and technology services in order to help Halian's customers do more; faster, better, and more cost-effectively than ever before." We're able to do things differently because we think and act differently - the Halian Way is based on rapid service and speedy results, and at its heart lie five key values: Partnership, Respect, Intelligence, Dedication, and Energy. Halian has offices in the UK, Luxembourg, Dubai, and Qatar, and have more than 500 employees all over EMEA. We work with some of the world's most ambitious and dynamic organisations, such as Public and European Institutions, Finance, Oil and Gas, Healthcare and Pharmaceuticals, and partner with industry leading hardware and software vendors. When you join Halian, you will help integrate one of our three service lines: Managed Services, Resourcing Services, or Project Services. You are able to deal with a variety of technologies in critical environments, and make a positive contribution to our customers business. In return, Halian will support the development of your career via different programmes already in place. Halian has built a strategy based on confidence with its customers and partners, and it's these strong links that allow Halian to provide you with job offers not often available on the open job market. Each role is a new challenge to take on!Position overviewWe are seeking a highly skilled and innovative Security Architect (KMS) to join our dynamic team. The successful candidate will be responsible for designing, implementing, and testing a secure KMS architecture integrated with Trusted Execution Environments (TEE) and hardware Security Modules (HSM), ensuring robust functionality and adherence to industry standards. This role requires a deep understanding of cryptographic principles, TEE platforms, HSM solutions, and network security protocols.Key responsibilities
  • Define KMS functionality and design clean interactions with classical KMS functionality as part of the software architecture definition.
  • Design secure KMS architecture based on selected TEE platforms and HSM, including internal and external interfaces.
  • Design static and dynamic software architecture for specific KMS functionality running in TEE, addressing software-software and software-hardware interfaces.
  • Identify key specific KMS functionalities to be prototyped and executed within TEE.
  • Analyze standardized protocols for key management and KMS interaction, focusing on KMIP and PKCS, and select the most suitable protocol.
  • Analyze available TEE-enabling platforms, with a focus on AMD and ARM, and select the most appropriate for the application.
  • Analyze COTS Key Management and HSM solutions from leading European providers, selecting the HSM solution meeting requirements.
  • Implement TEE with selected key-specific KMS functionalities and test interfaces with selected HSM solution.
  • Derive a blueprint for formal specification of secure KMS design and properties, or an actual formal specification of a chosen subset of key functionality.
  • Analyze the implementation of Blockchain technology to facilitate traceable authenticated key negotiations and auditable key synchronization.
  • Produce implementation of prototype based on design, or formally verified implementation with mathematical guarantees.
  • Perform validation testing of selected key specific KMS functionalities implemented in TEE, focusing on interaction with HSM, and report findings.
  • Test implemented functionality in TEE and interaction with HSM in overall network setup to test interaction between secure KMS and terrestrial Quantum Key Distribution (QKD) infrastructure.
Qualifications
  • Bachelor's or Master's degree in Computer Science, Information Security, or related field.
  • Proven experience in designing and implementing secure architectures for cryptographic systems.
  • Expertise in Trusted Execution Environments (TEE), Hardware Security Modules (HSM), and network security protocols.
  • Strong understanding of cryptographic principles and key management best practices.
  • Familiarity with standardized protocols such as KMIP and PKCS.
  • Experience with Blockchain technology and its application in secure key negotiations.
  • Excellent problem-solving skills and attention to detail.
  • Effective communication and collaboration abilities.
  • Ability to work independently and within a team in a fast-paced environment.

ICTJob