Cryptographic Engineer Jobs in Raleigh, NC (NOW HIRING)

Job Summary:
Red Hat is the world’s leading provider of enterprise open source software solutions, and they are seeking a Senior Product Security Engineer specialized in Cryptography. The role involves owning and executing key cryptographic modernization initiatives, acting as a consultant for product teams, and driving portfolio-wide adoption of cryptographic practices.
Responsibilities:
• Act as the primary technical owner for auditing Go-based cryptographic implementations within OpenShift and container runtimes (CRI-O, Podman). You will identify and resolve cryptographic discrepancies where containerized applications fail to correctly leverage the host's FIPS or PQC providers.
• Act as the primary technical owner responsible for continuing the implementation and integration of Red Hat's cryptographic inventory tools (e.g., Crypto Scanner).
• You will partner with the Principal Product Security Engineer to define and implement scanner policies for detecting cryptographic assets in our build pipelines.
• You will work directly with pipeline and data teams to integrate these tools and produce a sustainable Cryptographic Bill of Materials (CBOM).
• You will partner with product teams to integrate Merkle Tree Certificate support within the portfolio’s unified security fabric.
• Serve as the primary go-to technical consultant for product teams (like OpenShift, Ansible, and Middleware) navigating cryptographic migrations (e.g., PQC, FIPS).
• You will consult directly with engineers to help them audit their code, understand their dependencies (e.g., python-cryptography), and build migration plans that align with the portfolio-wide policy.
• You will enable other teams by creating documentation, best-practice guides, and office hours to scale your expertise.
• Define the functional requirements for and partner on the integration of new cryptographic tools, such as runtime instrumentation for core libraries.
• You will track and manage critical cryptographic dependencies across the portfolio, working with RHEL Security and other teams to resolve blockers and ensure the successful, sequential delivery of modern crypto capabilities.
Qualifications:
Required:
• Deep, hands-on experience in Go and Python is required.
• Ability to audit cryptographic implementations in Go and Python and understand their interaction with core C-based libraries (OpenSSL, NSS, libcrypto).
• Broad knowledge in applied cryptography (PKI, TLS, digital signatures).
• Strong understanding of modern cryptographic challenges, including Post-Quantum Cryptography (PQC).
• Strong understanding of OCI specifications and how container runtimes interact with cryptographic hardware (HSMs) or kernel-level providers.
• Proven experience owning and delivering complex, cross-team technical projects from design to completion.
• Ability to move from a technical deep-dive with a developer to a strategic roadmap discussion with a Product Manager.
• A track record of building relationships across teams and acting as a recognized go-to person.
• Strong analytical skills to diagnose complex dependencies and technical blockers in a large-scale software portfolio.
Preferred:
• Previous experience contributing to or maintaining core cryptographic libraries or security-focused Go projects.
• Familiarity with SPIFFE/SPIRE or Sigstore/Cosign.
• Experience with Merkle Tree implementations or binary-level runtime analysis.
• Familiarity with FIPS validation processes in virtualized/containerized environments.
Company:
Red Hat is a software company that offers enterprise open-source software solutions. It is a sub-organization of IBM. Founded in 1993, the company is headquartered in Raleigh, USA, with a team of 10001+ employees. The company is currently Late Stage.