Cryptography and Networking Consultant

Job Description

Job Title: Cryptography and Networking Consultant Location: Remote (as per project requirements) Employment Type: Contract Reports To: Head of Cybersecurity Consultancy Job Overview: We are seeking a highly skilled Cryptography Consultant specializing in Cryptography Bill of Materials (CBOM) creation and cryptographic audits. The ideal candidate will leverage Static Application Security Testing (SAST) tools to analyze extensive codebases, identify cryptographic vulnerabilities, and help organizations prepare for post-quantum cryptographic challenges. This role will play a critical part in bridging traditional cryptographic practices and future quantum-safe security solutions. Key Responsibilities: CBOM Creation: Employ SAST tools to generate a detailed Cryptography Bill of Materials (CBOM). Design abstract models within SAST tools to represent cryptographic components and adapt these for various application-specific APIs. Catalogue cryptographic libraries and algorithms across diverse codebases to identify high-risk areas. Comprehensive Cryptographic Audits: Conduct in-depth audits of cryptographic algorithms used across on-premises and cloud systems. Develop and execute custom queries in SAST tools to detect legacy cryptographic methods vulnerable to quantum attacks. Provide clear insights into cryptographic dependencies and vulnerabilities within large code repositories. Variant Analysis: Perform multi-repository variant analysis using SAST tools to uncover obscure cryptographic dependencies. Analyse software supply chains, particularly for risks stemming from open-source components and complex dependency structures. Strategic Recommendations for Cryptographic Agility: Deliver actionable recommendations to transition organizations to quantum-resistant cryptography. Collaborate with stakeholders to develop strategic plans for cryptographic agility and resilience. Integration and Continuous Monitoring: Integrate SAST-based auditing into client workflows to ensure continuous compliance with post-quantum cryptographic standards. Establish monitoring processes for new code and periodic reassessments to detect emerging vulnerabilities. Client Engagement & Reporting: Provide detailed and clear reporting on findings, including CBOM, vulnerability assessments, and remediation plans. Communicate complex technical concepts to non-technical stakeholders in an accessible manner. SAST Query Development and Execution: Write and run custom queries within Visual Studio Code using SAST tools. Download and install the required SAST tool extensions in VS Code. Obtain and integrate SAST databases for target open-source projects: Search GitHub.com for relevant open-source projects to research. Download and add the project’s SAST database to VS Code or create one using the tool’s CLI. Clone and utilize the starter workspace provided by the SAST tool to run queries efficiently. Execute queries to identify and report vulnerabilities. Key Qualifications: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Applied Mathematics, or a related field. Proven experience in cryptography, software security analysis, and cryptographic library assessments. Proficiency in SAST tools (or equivalent static analysis tools) for codebase analysis and custom query development. Strong understanding of cryptographic algorithms, including symmetric/asymmetric encryption, hashing, and digital signatures. Familiarity with quantum computing risks and post-quantum cryptographic standards (e.g., NIST PQC algorithms). Experience with analysing large codebases across multiple programming languages (e.g., C, C++, Java, Python). Knowledge of software supply chain security, including open-source dependency management. Strong problem-solving and analytical skills. Excellent written and verbal communication for technical documentation and client reporting. Preferred Skills: Certifications such as CISSP, CCSP, or GIAC Cryptography certifications. Hands-on experience with tools such as SonarQube, SAST tools, or similar. Prior experience with infrastructure and code audits in cloud environments (AWS, Azure, GCP). Exposure to secure coding practices and cryptographic agility frameworks. Why Join Us? Opportunity to work at the forefront of quantum-safe cryptography. Collaborate with leading experts and leverage cutting-edge tools like SAST tools. Flexible work environment with opportunities for professional growth. Contribute to projects that secure the future of global organizations against emerging quantum threats. Benefits: Project-based payments. Remote-friendly working environment. Flexible working How to Apply: Via Linkedin. Equal Opportunity Employer: We welcome candidates from diverse backgrounds and are committed to fostering an inclusive workplace. Show more Show less