Worldpay is a global payments leader powering international commerce with deep fintech expertise and a shared passion for our customers. Whether in-store, online, or on a mobile device, we process over 40 billion transactions annually and offer more than 300 payment methods supporting 126 currencies across 146 countries. It’s the perfect place for exceptional people to take their careers to the next level.
A World of Opportunity
We’re turbo-charging our industry by nurturing the fintech experts needed to help our customers prosper. We don’t try to ride the winds of change. We create them. We’re proud to be shaping the future of payments by supporting the growth and development of our colleagues. We provide opportunities to learn and the flexibility needed to get the job done. We strive to hire the best and to create a climate where curiosity is king. So, wherever you join us around the world, we’ll empower you to fulfill your potential. If this is the kind of career experience you’re looking for, we invite you to apply today.
The Cryptography & Key Management Product Manager will be responsible for defining and owning the overall Product strategy, architecture and delivery for our global payment and general purpose cryptography systems, hardware security modules, etc. This includes: implementation of payment crypto systems (HSMs), consolidation of existing disparate HSM vendor products into an enterprise standard system, developing a streamlined remote administration, management, monitoring and key injection capability, developing an enterprise shared decryption service, upgrading and uplifting the systems to support newer payment crypto standards, PCI regulations, protocols and algorithms, and overseeing a small team of cryptography engineers across the globe.
- Solid understanding of Product Management and Product Ownership, Agile practices and methodologies.
- Solid understanding of security, encryption, authentication, key management and applied cryptography
- Knowledge of cryptographic algorithms, protocols, implementation and standards (e.g., AES, CMS, DES/TDES, Diffie-Hellman, DNSSEC, ECC, IBE, Kerberos, IPsec, OpenSSL, RSA, SHA, SSL/TLS and ANSI, IETF, NIST, FIPS, PKCS, PKI)
- Ideal candidate will have possessed a CTGA certification
- Solid hands-on working knowledge of Hardware Security Modules such as Thales Payshields, Luna EFTs, etc.
- Thorough understanding of Key Bundling TR-31.
- Thorough understanding of DUKPT (AES & TDES), PCI PIN and PCI P2PE encryption key management
- Thorough familiarity with ESO/KIF responsibilities.
- Thorough understanding of applicability for Asymmetric cryptography vs Symmetric cryptography.
- Thorough understanding of hardware cryptography certifications.
- Experience using PKCS#11 a plus
- Experience with POS & terminals is a nice to have.
- FIPS 140-2 and PCI PTS knowledge is a plus
- Knowledge of Regulations such as GDPR, PSD2, NY DFS is a plus
- Experience and/or Knowledge with payment tokenization is a plus
- Strong background and experience in architecting data security products.
- Expert understanding of algorithms ranging from symmetric, a-symmetric, hashes, and random number generators.
- Experience with Key split, derivation and distribution models.
- Good working knowledge of all aspects of the Key lifecycle including storage
- Have a deep understanding and experience architecting cryptography-based protocols including external communications, data storage, authentication and data transfer.
- Have a good understanding of PKI including the Certificate lifecycle, Certificate Practice Statements and Certificate Policies
- Show a natural desire and curiosity to learn new cryptographic concepts/processes.
- Bachelor’s degree in one of the STEM fields
- Minimum of 3-5 years of experience in data encryption, key management, payment crypto solutions engineering
- Demonstrated ability to convert theoretical security concepts into production.
- Exhibiting professional maturity, personal integrity, and excellent interpersonal skills
- Strong work ethic, self-starter who is creative with a ‘can-do’ attitude
- Quick learner with strong attention to detail
- Candidate must be comfortable leading in a fast-paced team environment, and possess very good communications skills.
- Excellent business acumen with a strong ability to map business requirements to technical solutions.
- Good writing and presentation skills with ability to multi task
- Experience in making informed decisions with limited information.
- Excellent quantitative and analytical problem solving skills
- Global awareness; experience with and conscious/aware of local, regional, cultural challenges
- Develop crypto product (HSMs) strategy, roadmap and features to implement
- Consolidate existing disparate HSM vendor products into an enterprise standard system
- Develop a streamlined remote administration, management, monitoring and key injection capability
- Develop an enterprise shared decryption service
- Upgrade and uplift legacy systems to support newer payment crypto standards, protocols and algorithms
- Oversee a small team of cryptography engineers across the globe.
- Prioritize tasks and escalate issues timely to leadership, and should drive decisions to be made in an informed and quick manner
- A key strategic theme for the organization around these capabilities is Automation and the candidate has to have and drive the vision, and look for opportunities to automate
- Perform Security Architecture, Design, Implementation and Operations tasks
- Work in a virtual team environment where other team members are scattered across the globe and are in different time zones.
- Be open to jump into troubleshooting calls during incidents and help team members and customers to resolve burning issues and outages, even during off hours if needed
- Occasional travel will be required to different sites for installation and configuration work, or meet with extended team members and leaders.
All the above duties and responsibilities are essential job functions for which reasonable accommodation will be made. All job requirements listed indicate the minimum level of knowledge, skills and/or ability deemed necessary to perform the job proficiently. This position description is not to be construed as an exhaustive statement of duties, responsibilities or requirements. Employees may be required to perform any other job-related instructions as requested by their leader, subject to reasonable accommodation.