CTO - Infrastructure Security Architect (Secret & Identity Management)

  • location

    New York

  • sector:

    Technology, Cyber Security

  • job type:


  • Contact:

    Bradley Boughton

  • Email:

  • job ref:


  • published:

    6 months ago

  • expiry date:


The CTO Office is the future-looking technical arm. We envision, design and prototype the next generation infrastructure, hardware and applications that interface in all aspects of the company including financial products, broadcast and media, data centers, internal IT and our global network. We are passionate about what we do.

As a member of the Security Analytics and Identity Architecture team, you will help design ways to securely identify services in a variety of environments, ranging from public cloud through to private data centers. You will also address challenges around secret management and how services in a variety of environments can manage and verify identities, while containing impact in the event of compromise. You will develop a strategy for an internal public key infrastructure, focusing on making these technologies standards-driven, interoperable and accessible to engineers across the firm. 

What's in it for you: 

Our team focuses on the critical aspects necessary to securely bring services to hundreds of thousands of customers every day. Working with multiple internal teams and external partners, you'll design, develop, and improve our customer-facing security services, supporting engineers rapidly delivering new products in a variety of infrastructure environments. You will influence the selection of technologies used to build BeyondProd and similar kinds of zero-trust infrastructure.

We'll trust you to: 

  • Take a technical leadership role in defining strategies for service and user identity management 
  • Foster developing technology to make cryptographic primitives and secret management technologies available to our engineers 
  • Help build out our technical product road map and define best practices for these technologies, working with partners in our CISO’s office as well as in Engineering
  • Identify security vulnerabilities, guiding developers and engineers in addressing these issues - Provide requirements to both internal development teams and external vendor, and foster a culture of security consciousness across Engineering and Product teams.
You'll need to have: 
  • 5+ years of experience developing and deploying security-related infrastructure technologies
  • 7+ years of hands-on programming experience in C/C++ and exposure to other programming languages like Go, Java and Javascript.
  • Understanding of cryptographic protocols and trade-offs that need to be made in various environments
  • Understanding of Hashicorp Vault, AWS Secrets Manager, Azure Key Vault and other secret management technologies, both for public cloud and on-premise applications
  •  A strong UNIX systems background 
  • A hands-on, teamwork-oriented approach, focused on building consensus and managing through influence. 
We'd love to see:
  • Understanding of the challenges operating trusted infrastructure in public cloud environments, as well as on-premises.
  • Practical experience with cryptography and key management, as well as understanding threats facing embedded device security
  • Experience managing secret key material in HSMs, when appropriate
  • Exposure to technologies like SPIFFE, OPA and some of the fledgling implementations of these technologies.