← Back to Jobs
Full Time

Principal Security Engineer (Cryptography & PKI) - Cloudflare - San Francisco, CA

Cloudflare

Apply Now
San Francisco, CA
Google Jobs
Posted 11 days ago

About the position

About The Team Join Cloudflare’s Security Architecture Team with the following with the foll focus areas : Strategic Alignment: Translates the Organisations Cyber risk tolerance into specific technical blueprints and implements controls/prescriptive policies in mitigation/managing or remediating these risks Preventative Focus: Focuses on \"shifting left\" to fix architectural flaws before they become bigger risks or cost Technical Consulting: Acts as internal subject matter experts for Procurement (TPRM) and Engineering teams. About the role/ What You’ll Do Provide input on technical security requirements for new infrastructure and engineering initiatives. Assist with documentation and maintenance of the corporate security architecture blueprints. Participate in the design of robust PKI hierarchies (Root CAs, Intermediate CAs, Issuing CAs) and certificate policies, selecting appropriate hardware (HSMs) and software for scalable, secure deployments. Provide security guidance and review of the deployment of encryption solutions across systems, applications, and networks. Provide security guidance and review of the end-to-end lifecycle of cryptographic keys and digital certificates, including generation, secure storage, rotation, usage, backup, revocation and destruction. Conduct analysis of existing encryption and management solutions to find weaknesses and identify gaps. Ensure encryption implementations meet industry standards (e.g., NIST, FIPS) and compliance mandates (e.g., GDPR, HIPAA). Document security requirements and architectural decisions. Assist with defining security policies and standards, enforcing best practices, conducting risk assessments, and ensuring compliance with regulations. Work with CISO, IT teams, developers, and engineers to implement secure designs.

Responsibilities

Provide input on technical security requirements for new infrastructure and engineering initiatives.Assist with documentation and maintenance of the corpo

Apply for this Position