Cryptography Engineer

About The Position

Requirements

• Strong academic and applied knowledge of classical cryptography
• Background implementing cryptographic mechanisms (symmetric, asymmetric, hashing, KDF, MAC, encryption modes, transport layers)
• Solid programming experience - able to deeply read, analyze, and critique multi-language codebases (compiled and interpreted)
• Experience reviewing and validating cryptographic findings or remediation outputs
• Experience with complex data migrations involving multiple systems
• Understanding of database and file or filesystem re-encryption
• Exceptional attention to detail and passion for correctness and quality
• Proficiency with systems engineering and modern software development practices
• Clear communicator able to explain cryptographic reasoning to technical and non-technical audiences
• Excellent verbal and written communication skills in English

Nice To Haves

• Familiarity with quantum-resistant and post-quantum cryptography concepts is a plus
• Experience writing or refining Semgrep/OpenGrep rules is a plus
• Experience with repository scanning and remediation applications is a plus
• Experience with LLM and agentic software engineering flows is a plus

Responsibilities

• Review, annotate, and validate cryptographic findings produced by static code analysis, automated tooling, and LLM/agentic systems.
• Assess correctness, completeness, severity classification (including quantum‑related severities), and overall quality of cryptographic issues using defined rubrics.
• Identify weaknesses, misconfigurations, or incorrect assumptions in cryptographic implementations across diverse languages and codebases.
• Perform manual and statistical evaluation of detection and remediation performance across many repositories.
• Evaluate AI‑generated remediation outputs and experiment results, ensuring they meet cryptographic and systems‑security quality standards.
• Suggest improvements to remediation workflows, especially in edge cases and statistical outliers.
• Write, refine, and maintain Semgrep/OpenGrep rules to detect cryptographic patterns.
• Improve remediation systems by documenting insights and contributing to iterative AI agent enhancements.
• Assist engineering teams (internal and customer) with encryption migration tasks involving databases, filesystems, networks, or multi‑system upgrades.
• Analyze and support complex data migrations that require coordinated updates across multiple systems.
• Draft action plans, document risks, and ensure the correct stakeholders are involved for successful cryptographic or system‑level transitions.
• Meet with customer engineering teams and technical leaders to assess cryptographic posture using Threat Point and related tools.
• Identify and document gaps in discovery and remediation systems, proposing updates or improvements.
• Communicate cryptographic reasoning clearly to both technical and non‑technical audiences.
• Collaborate closely with cryptographers, systems engineers, LLM/AI researchers, product teams, and other specialists.
• Analyze complex, multi‑language codebases to understand cryptographic usage patterns, build processes, and test suites.
• Judge the performance of grouping, detection, and remediation systems using a mix of statistical analysis and manual inspection.
• Document findings, insights, assumptions, and edge cases with high clarity and precision.
• Contribute to continuous improvement of cryptographic workflows, AI agent reliability, and remediation pipelines.
• Maintain structured, organized notes that enable reproducibility and help drive iterative improvements.

Benefits

• Private health insurance
• 25 days of vacation / PTO
• 7 days of sick leave at 100% pay
• Outstanding referral bonuses
• Paternity leave – 15 days for new dads
• Reduced working hours for the first month after returning from maternity
• Development program (training & conferences, internal knowledge sharing)
• Flexible work environment