Jobs · Information Technology · California

Senior Distributed Systems & Cryptography Engineer (contract)

Wells Fargo · Concord, CA · 1 mo ago
Information Technology$70–$75/hrContract

Key Responsibilities

  • MPC Protocol Implementation: Architect and implement high-performance threshold signature schemes (specifically DKLS23 or similar) for ECDSA key generation and signing.
  • Confidential Computing Architecture: Design and build services that run inside Trusted Execution Environments (TEEs), specifically targeting AMD SEV-SNP and Intel TDX via Confidential Containers (CoCo).
  • Attestation Framework: Implement the RATS (Remote ATtestation procedureS) architecture (RFC 9334) to ensure that no key share is released until the requesting node proves its hardware and software integrity to a Key Broker Service.
  • Hardware Security Integration: Design "Cold Ceremony" workflows that integrate offline hardware tokens as offline Key Encryption Keys (KEKs) for disaster recovery and deep storage.
  • Secure Enclave Development: Write and optimize memory-safe code (Rust/Go) that operates on key material exclusively within encrypted memory regions, ensuring zero leakage to the host OS or hypervisor.
  • Policy-to-Cryptography Binding: Design mechanisms to cryptographically bind business logic approvals (e.g., WebAuthn assertions) directly to the MPC signing session, eliminating the gap between "approval" and "execution".

Qualifications

  • Strong experience in systems-level engineering within distributed environments
  • Proven track record building or operating distributed systems at scale
  • Expert-level proficiency in: Go (orchestration, services), Rust (cryptographic and memory-safe components)
  • Experience working in high-bar engineering environments
  • Strong core engineering fundamentals (data structures, concurrency, systems design)
  • Experience collaborating across engineering teams and influencing technical direction
  • Applied Cryptography
  • Deep experience with threshold cryptography, MPC, or related protocols
  • Ability to implement cryptographic research papers (e.g., GG20) from scratch
  • Confidential Computing
  • Hands-on experience with: AMD SEV-SNP, Intel SGX/TDX, Confidential Containers (CoCo)
  • Strong understanding of attestation flows, measurements, and memory encryption
  • Familiarity with RATS architecture, Key Broker Services (KBS), and Attestation Services
  • Experience integrating OIDC, WebAuthn, or FIDO2
  • Security Architecture
  • Proven experience designing zero-trust / untrusted infrastructure systems
  • Domain Expertise
  • Experience in digital assets, crypto infrastructure, custody platforms, or high-security fintech environments (preferred over traditional banking)
  • Exposure to CNCF Trustee or similar attestation frameworks

Similar jobs