HSM Cyber Security Engineer

Cybersecurity Engineer - 100% onsite Pensacola, Florida

Remote work is not permitted for this role. Must be able to work inside a secure room environment and adhere to physical access policies

Position Summary:

We are seeking a highly skilled and motivated HSM Engineer to join our Cybersecurity Engineering team. This role will support the implementation, management, and operational oversight of Hardware Security Modules (HSMs) and related cryptographic systems. The ideal candidate will have extensive experience working with data encryption technologies, secure key management, and enterprise-scale infrastructure.

The engineer will also support secure room operations, including physical device handling, inventory control, and chain-of-custody protocols. This is a hands-on, onsite role located in Pensacola, FL, requiring physical presence for secure room access and compliance activities.

Primary Responsibilities:

Research, evaluate, design, implement, and maintain HSM-based security solutions

Support secure room operations, including device handling, physical access control, and chain-of-custody management

Implement encryption solutions for data at rest and in transit, including TDE for databases (Oracle, SQL Server, etc.)

Administer and maintain Hardware Security Modules (Futurex, Thales, Entrust, etc.)

Develop and document processes for HSM lifecycle management, key ceremonies, and system hardening

Support cryptographic key management systems (KMS) and key lifecycle practices

Respond to incidents, perform troubleshooting, and contribute to secure operational uptime

Maintain strong documentation, inventory control records, and asset tracking within the secure environment

Collaborate with cross-functional teams to stand up new security solutions and ensure alignment with compliance standards

Develop and maintain technical diagrams, SOPs, and procedural documentation

Monitor systems and implement alerting mechanisms for operational awareness

Participate in audits, access reviews, and operational process assessments

Required Qualifications:

5+ years of experience in cybersecurity, system engineering, or HSM management

Strong experience with encryption solutions (data at rest/in transit, TDE, TLS, etc.)

Experience with HSMs and cryptographic infrastructure in large enterprise environments

Solid understanding of encryption, key management, and cryptographic ciphers

Hands-on experience with Windows and Unix/Linux operating systems

Familiarity with virtualized environments and server management

Experience supporting daily operations in a highly secure, regulated environment

Working knowledge of ServiceNow, Microsoft Office, and Excel (complex formulas and charting)

Experience with physical security tools, including safes, access control systems, and video surveillance

Experience with chain of custody protocols and physical asset control

Strong procedural writing skills and experience with process documentation

Conceptual understanding of network architecture, firewalls, and subnets

Preferred Qualifications:

CISSP or other cybersecurity certification (preferred, not required)

Experience with Key Management Systems (KMS) and key lifecycle platforms

Familiarity with tools like Venafi, CipherTrust, or CodeSign Protect

Knowledge of integrity monitoring, alerting, and operational security tooling

Background in supporting regulated environments (e.g., PCI DSS, NIST, FFIEC)

The hourly rate range for this position is $60 -$65. Please note that the pay information is a general guideline only. CC Pace considers factors such as (but not limited to) skills, experience, education/certifications, and location when extending an offer.