Senior HSM Engineer - General purpose and Payments

Senior Information Security Engineer/ HSM Engineer (HSM / Payments Cryptography)Location: Atlanta, GA (On-site)Years of Experience: 5+ YearsNote: Looking for Citizens/Green Card holders only.About the roleSenior Information Security Engineer will lead the design, implementation, operation, and governance of enterprise Hardware Security Module (HSM) platforms, with a primary focus on Thales Luna HSMs and Thales pay Shield 10. This role is critical to ensuring the security, availability, and compliance of cryptographic services supporting payment processing, identity, encryption key lifecycle management, and regulatory requirements.Key ResponsibilitiesOwn end-to-end lifecycle management of Thales Luna Network HSM and pay Shield 10 platforms (provisioning, configuration, patching, upgrades, and decommissioning).Ensure high availability, resilience, and secure operations for mission-critical payment and cryptographic workloads.Define and enforce key-management policy (generation, storage, rotation, backup, recovery, and destruction) with dual control.Lead break-glass and physical safe access procedures, including secure custody of HSM artifacts.Manage pay Shield 10 integrations for PIN processing, EMV, tokenization, and transaction cryptography.Support integrations with payment processors, core banking platforms, and internal applications.Drive compliance with PCI DSS, PCI PIN, and related security requirements for payment cryptography.Lead audits, risk assessments, and evidence collection for cryptographic controls and HSM usage.Develop and maintain SOPs, runbooks, and architecture documentation for HSM services and cryptographic controls.Provide technical leadership and mentoring to engineers and operations partners; collaborate across Infrastructure, Cloud, AppDev, IAM, Payments, and Compliance.Manage vendor relationships with Thales (support engagements, roadmap alignment, and renewals).Required QualificationsBachelor’s degree in computer science, Information Security, Engineering, or related field (or equivalent experience).8+ years in information security, cryptography, or infrastructure security.5+ years managing Thales Luna HSM platforms.3+ years with Thales pay Shield in payment processing environments (pay Shield 10 preferred).Strong foundation in cryptography, key lifecycle management, and dual-control processes; working knowledge of PCI DSS / PCI PIN.Experience operating HSMs in highly regulated, 24/7 production environments.Preferred QualificationsExperience with cloud-connected or hybrid HSM deployments (on‑prem + cloud).Familiarity with Thales HSMs, key vaults, or enterprise KMS solutions.Experience with EMV, PIN translation, tokenization, or payment switch integrations.Industry certifications preferred:CISSP, CISM, or CISAPCI Professional (PCIP)Thales HSM or pay Shield certifications