FULLTIME
Cryptographic System Engineer
DIGITAL TRUST INFRASTRUCTURE INDIA LIMITED
Not specified · onsite · Posted 4d ago
Your match
Sign in to see your match score, skill gaps & tailored resume.
Section · 01
About this role
Company Description Digital Trust Infrastructure India Limited is a deep-technology company building foundational infrastructure for India’s digital economy. The organization focuses on structural gaps in how systems function, developing platforms that address issues before they become systemic crises. Rather than following short-term trends, the company works on long-term, high-impact problems at the intersection of technology and economic systems. Headquartered in India and building for India first, its work is designed to have relevance and impact far beyond national boundaries.
Location: Pune, India
Experience: 5+ Years
Employment Type: Full-Time
About the Role We are seeking an elite Cryptographic System Engineer to architect and build a highly secure platform. You will be responsible for implementing the cryptographic primitives, key management lifecycles, and verification protocols (such as hash chains, digital timestamping, and PKI) that ensure data cannot be tampered with and its origin can always be proven.
Key Responsibilities
- Vault Architecture: Design and implement a highly secure, immutable data storage architecture that guarantees data integrity and confidentiality at rest and in transit.
- Cryptographic Implementation: Integrate advanced cryptographic protocols including asymmetric/symmetric encryption, digital signatures, hashing algorithms (SHA-256, SHA-3), and Merkle trees for tamper-evident data structures.
- Future-Proof Verification: Build verification mechanisms (e.g., trusted timestamping, digital receipt generation) that allow third parties or auditors to independently verify the authenticity and state of data.
- Key Management System (KMS): Design the lifecycle for cryptographic keys, integrating with Hardware Security Modules (HSM) or Trusted Execution Environments (TEE) to ensure private keys are never exposed in plaintext.
- Compliance & Privacy: Ensure the vault's architecture strictly adheres to zero-trust principles and complies with data localization and privacy mandates.
Required Technical Skills
- Systems Security Programming (Min. 5 Years): Deep, hands-on experience in low-level systems security programming and building secure infrastructure.
- PKCS#11 Implementation: Proven ability in writing PKCS#11 provider-level implementations in C/C++ from scratch. You must have written the provider implementation, not just integrated an existing one.
- Secure Memory Handling: Expert understanding of managing memory safely, including explicit memory zeroing and utilizing memory-locked buffers to prevent sensitive data leakage to disk swapping.
- Network Cryptography: Strong, practical working knowledge of the TLS 1.3 protocol suite.
- Backend Development: Proficiency in high-performance, memory-safe languages such as Rust, Go, or modern C++.
- Threat Modeling: Proven ability to conduct cryptographic threat modeling to identify attack vectors such as replay attacks, timing attacks, and key exfiltration.
Good to Have
- Engine Development: Direct experience contributing to or developing OpenSC, SoftHSM, NSS, or custom OpenSSL engines.
- Defense Background: Previous experience working within DRDO or applied defense-level cryptography sectors.
- Ledger Technologies: Experience working with immutable databases (e.g., Amazon QLDB) or secure distributed ledger architectures designed for auditability.
Sourced from linkedin · view original
Let the agent run this one for you.
Tailored resume, auto-apply, and referral lookup — in under 2 minutes.
Section · 02