Cipher Governance

Job Description

This role will lead efforts in identifying, tracking, and remediating weak encryption ciphers and protocols across our organization. This role is critical in supporting remediation plans for finding by managing a project that identifies non-compliant cryptographic implementations and coordinates with the appropriate stakeholders to get them in compliance. Key Responsibilities: Weak Encryption Analysis and Remediation: Identify and assess weak encryption algorithms, cipher suites and protocols used across enterprise application and infrastructure. Work on releases to remain up to date with strong and compliance cipher suites, protocols along with replacing weak encryption mechanism with strong industry-recommended alternatives (eg TLS 1.2/1.3, AES-256, SHA-256). Monitor and audit encryption practices for compliance with regulatory standard (eg NIST, PCI-DSS, HIPPA, ISO 27001). Conduct encryption Risk Assessment and implement mitigation strategies. Configure TLS/SSL protocols and cipher suites to ensure secure communication across networks and applications. Document encryption policies, standards, and technical procedures for internal and external compliance audits. Provide encryption solutions for cloud platforms such as AWS, Azure and Google cloud. Mandatory skills PKI, Cipher Governance Desired/ Secondary skills PKI, Cipher Governance