Jobs · Massachusetts

Senior Product Security Engineer - Cryptography

Red Hat · Lowell, MA · 3 days ago
Hybrid$131k–$217k/yrFull-time

What You Will Do

  • Container Cryptography Audits & Strategy:
    • Act as the primary technical owner for auditing Go-based cryptographic implementations within OpenShift and container runtimes (CRI-O, Podman).
    • Identify and resolve cryptographic discrepancies where containerized applications fail to correctly leverage the host's FIPS or PQC providers.
    • Partner with the Principal Product Security Engineer to define and implement scanner policies for detecting cryptographic assets in our build pipelines.
    • Work directly with pipeline and data teams to integrate these tools and produce a sustainable Cryptographic Bill of Materials (CBOM).
  • Act as the Portfolio's Crypto Enablement Partner:
    • Partner with product teams to integrate Merkle Tree Certificate support within the portfolio’s unified security fabric.
    • Consult directly with engineers to help them audit their code, understand their dependencies (e.g., python-cryptography), and build migration plans that align with the portfolio-wide policy.
    • Create documentation, best-practice guides, and office hours to scale your expertise.
  • Drive Foundational Crypto Integration and Dependency Management:
    • Define the functional requirements for and partner on the integration of new cryptographic tools, such as runtime instrumentation for core libraries.
    • Track and manage critical cryptographic dependencies across the portfolio, working with RHEL Security and other teams to resolve blockers and ensure the successful, sequential delivery of modern crypto capabilities.

What You Will Bring

  • Multi-Language Technical Expertise: Deep, hands-on experience in Go and Python is required. Must be able to audit cryptographic implementations in these languages and understand their interaction with core C-based libraries (OpenSSL, NSS, libcrypto).
  • Applied Cryptography and PKI: Broad knowledge in applied cryptography (PKI, TLS, digital signatures). Strong understanding of modern cryptographic challenges, including Post-Quantum Cryptography (PQC).
  • Container & Cloud-Native Security: Strong understanding of OCI specifications and how container runtimes interact with cryptographic hardware (HSMs) or kernel-level providers.
  • Project Ownership: Proven experience owning and delivering complex, cross-team technical projects from design to completion. Can move from a technical deep-dive with a developer to a strategic roadmap discussion with a Product Manager.
  • Collaborative Leadership: A track record of building relationships across teams and acting as a recognized go-to person. Able to enable others to succeed.
  • Problem Solving: Strong analytical skills to diagnose complex dependencies and technical blockers in a large-scale software portfolio.

Bonus Skills

  • Previous experience contributing to or maintaining core cryptographic libraries or security-focused Go projects.
  • Familiarity with SPIFFE/SPIRE or Sigstore/Cosign.
  • Experience with Merkle Tree implementations or binary-level runtime analysis.
  • Familiarity with FIPS validation processes in virtualized/containerized environments.

Pay & Benefits

The salary range for this position is $131,420.00 - $216,870.00. Actual offer will be based on your qualifications.

Annual salary is one component of Red Hat’s compensation package. This position may also be eligible for bonus, commission, and/or equity.

For positions with Remote-US locations, the actual salary range for the position may differ based on location but will be commensurate with job duties and relevant work experience.

Similar jobs

Cryptography Engineer

Valiant SolutionsUnited States· 1 wk ago
RemoteEngineering$145k–$165k/yrapply on careers-valiantsolutions.icims.com