Principal Information Security Engineer

Enterprise Cryptographic Engineer

I have a brand new day rate contract opportunity with a payments client of mine based in Waterloo. It is a 12-month initial contract with a requirement to be onsite 3 days per week. The ideal candidate will already have a LTD company set up.

This persons role will be to design, implement, and govern cryptographic solutions across a complex, security‑critical environment. The ideal candidate is a certified security practitioner with deep expertise in modern and emerging cryptographic technologies, financial‑grade security standards, and enterprise‑scale key management. This role requires a hands‑on engineer who can operate confidently in a fast‑paced, multicultural organisation.

Key Responsibilities

• Design, implement, and maintain enterprise‑grade cryptographic systems aligned with industry standards (IETF, ANSI, ISO, NIST).
• Develop and support financial cryptography solutions, including PIN security, P2PE, and EMV‑based systems.
• Evaluate, integrate, and operationalise post‑quantum cryptography , including all relevant FIPS‑approved algorithms .
• Architect and manage secure key management systems, including financial key schemes and lifecycle processes (ANSI TR‑31, ANSI TR‑34).
• Implement and maintain PKI (Public Key Infrastructure) , including certificate management aligned with X.509 / RFC 5280 standards.
• Provide expert guidance on cryptographic controls, secure protocols, and compliance requirements.
• Collaborate with cross‑functional teams to embed cryptographic best practices into enterprise applications and infrastructure.
• Produce high‑quality documentation, technical designs, and security assessments.
• Act as a subject‑matter expert for cryptography across the organisation.

Required Skills & Experience

• Cryptographic frameworks and standards: IETF, ANSI, ISO, NIST
• Financial cryptography: PIN security, P2PE, EMV
• Post‑quantum cryptography: FIPS‑approved PQC algorithms
• Key management standards: ANSI TR‑31, ANSI TR‑34, X.509, RFC 5280
• Strong hands‑on experience with PKI (Public Key Infrastructure) and enterprise certificate management.
• Deep understanding of symmetric and asymmetric cryptography, secure protocols, HSMs, and key lifecycle management.
• Ability to design and implement secure, scalable cryptographic architectures in enterprise environments.
• Proven experience working with security engineering, architecture, or cryptography teams.
• Fluent in English with excellent communication skills, capable of working effectively in a multicultural environment.

For more information, please feel free to reach out to imran.jiwo@nicollcurtin.com or message me on LinkedIn.