Data Security Engineer

Summary

Join Vattenfall IT as a Data Security Engineer and contribute to our journey towards fossil freedom. This role focuses on enhancing our security organization by improving operational security within our delivery units. You will be a key member of the Security Operations Team (SecOps), specializing in data encryption and key management. Your responsibilities include designing, implementing, and managing cryptographic key management services, collaborating with cross-functional teams, and ensuring the secure management of cryptographic keys. This position offers a fast-developing international working environment and opportunities for professional growth within a leading energy company.

Requirements

• Proven experience in designing, implementing, operating, and managing on-premise and/or cloud-based IT systems (appliances, e.g. HSM, Azure key Vault, VPN, FW) and related IT services
• Familiarity with HSM (e.g. Hardware Security Modules, TPM, TEE, smartcards) technologies and their integration
• Strong understanding of cryptographic concepts, standards and tools (encryption, digital signatures, authentication, X.509/PKI) and related protocols (e.g., SSL/TLS, KMIP, PKCS#11)
• Knowledge of security best practices and compliance standards (e.g., FIPS 140-2, GDPR, HIPAA)
• Excellent problem-solving and very good analytical and conceptual skills
• Strong and effective communication and collaboration skills
• Independent, structured and systematic way of working and enjoy working in a team in an interdisciplinary environment
• Very good written and spoken English, knowledge of German is also an advantage
• Willingness to undertake occasional business trips

Responsibilities

• Define and implement encryption and key management processes to ensure the security of data in transit and at rest
• Develop and maintain cryptographic key management policies and procedures
• Collaborate with cross-functional teams to integrate cryptographic systems into applications, platforms, and infrastructure
• Operate, manage and improve the existing cryptographic key management core infrastructure
• Define and maintain Hardware Security Module (HSM) security policies and procedures
• Monitor and troubleshoot issues related to cryptographic systems and key management processes
• Develop, test and maintain disaster recovery plans for cryptographic systems and key management processes
• Stay informed about recent developments on new cryptographic technologies and assess their applicability to the organization
• Provide technical guidance and training to other team members on cryptographic systems and key management processes
• Participate in audits and compliance assessments related to cryptographic systems and key management processes
• Participation in SecOps daily activities, projects, initiatives
• Implementation of security improvements and mitigations
• Helping to define security baselines and initiate changes
• Support the line organization with execution and broaden IT Security knowledge

Preferred Qualifications

Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) are a plus

Benefits

• Excellent primary and fringe benefits
• Great work atmosphere
• Hybrid working
• Excellent work-life balance
• Good remuneration
• Attractive employment conditions
• Opportunities for personal and professional growth