HSM Engineer

Role: HSM Engineer

Location:

Omaha NE / Phoenix AZ (5 Days Onsite) Duration:
Long term Contract

Experience:

8 Years

Employment Type:

Must work on Next Gen Software Solutions LLCs W2 Position Summary

HSM Engineer role will be responsible for designing, deploying, configuring and maintaining Hardware Security Modules used to protect sensitive cryptographic keys and perform secure cryptographic operations. This role ensures the security, availability, and compliance of cryptographic infrastructure in alignment with industry standards, security policies and regulatory requirements.

• HSM Administration & Operations
• Deploy, configure and manage HSM devices (e.g. Thales, Entrust, Futurex, Utimaco)
• Maintain and update HSM inventory to ensure up-to-date tracking.
• Submit firewall request to allow network traffic between HSM and client systems.
• Manage HSM partitioning, remote administration and auditing functions.
• Conduct firmware and software upgrades while maintaining operational continuity.
• Ensure HSM configurations meet compliance standards (PCI‑DSS, PIN, HIPAA, GDPR, ISO 27001, etc.).
• Monitor for unauthorized access or anomalies in cryptographic operations.
• Participate in internal and external security audits.
• Work with development and infrastructure teams to integrate cryptographic services into business applications.
• Troubleshoot HSM integration issues with applications, APIs and security services.
• Implement automated monitoring and alerting for HSM performance and health.
• Respond to cryptographic security incidents and investigate root causes.
• Provide on-call support for HSM‑related issues and outages.

• Bachelor's degree in Computer Science, Information Security or related field (or equivalent experience).
• 3–5 years of experience in HSM administration and/or cryptographic operations.
• Hands‑on experience with HSM vendors such as Thales, Entrust, Futurex, Utimaco or Safe Net.
• Strong understanding of PKI, digital certificates, TLS/SSL and key management practices.
• Familiarity with security standards:
  FIPS 140‑2/140‑3, NIST SP 800 series, PCI‑DSS.
• Experience with scripting languages (Python, Power Shell, Bash) for automation.

• Cloud HSM experience (AWS Cloud
  
  HSM, Azure Key Vault Managed HSM, GCP Cloud HSM).
• Certification such as CISSP, CISM, CCSP or vendor‑specific HSM certification.
• Experience with hardware cryptography in payment systems, banking or government environments.
• Knowledge of secure application development and API security.

• Strong problem‑solving and analytical skills.
• Ability to work under pressure in high‑security environments.
• Excellent communication and documentation skills.
• Ability to collaborate with cross‑functional teams.

May require occasional travel for HSM installation or maintenance.

On‑call rotation for 24/7 HSM support.

Secure lab environment for key ceremonies and cryptographic operations.

Next Gen Software Solutions is a trusted provider of IT staffing and consulting services dedicated to empowering businesses with cutting‑edge technology solutions and exceptional talent. We specialize in delivering tailored IT consulting services, innovative software solutions and connecting businesses with highly skilled IT professionals. Founded and led by a dedicated U.S. Army soldier, Next Gen Software Solutions is deeply rooted in the core values of integrity, discipline, commitment and experience‑principles that guide every aspect of our operations.

Next Gen Software Solutions LLC is an Equal Opportunity Employer. We are committed to fostering an inclusive and diverse workplace where all employees and applicants are treated with respect and dignity. We do not discriminate based on race, color, religion, sex (including pregnancy, sexual orientation or gender identity), national origin, age, genetic information, veteran status or any other legally protected characteristic under applicable federal, state or local laws.