Cryptography Engineer

Our requirements

• Strong understanding of classical and applied cryptography, including how cryptographic mechanisms are used in real software systems
• Hands-on experience implementing, reviewing, or validating cryptographic mechanisms such as symmetric encryption, asymmetric encryption, hashing, KDF, MAC/HMAC, encryption modes, TLS, or transport-layer security.
• Solid programming background with the ability to read, analyze, and critique code across different technologies and codebases.
• Experience reviewing security findings, validating remediation proposals, or assessing the correctness of cryptographic implementations.
• Good understanding of secure software engineering practices, modern development workflows, and production systems.
• Experience with complex systems, data migrations, system migrations, encryption migration, re-encryption, key rotation, or similar security-sensitive changes.
• Experience with data migrations, system migrations, encryption migration, re-encryption, key rotation, or similar security-sensitive transitions.
• Strong analytical mindset, attention to detail, and ability to document findings, assumptions, risks, and recommendations clearly.
• Fluency in Polish and advanced English communication skills, with the ability to take a stand and be held accountable for technical decisions.

Optional

• Experience with static code analysis tools, SAST, repository scanning, or remediation workflows.
• Experience writing or refining Semgrep / OpenGrep / CodeQL rules.
• Hands-on experience with HSM, KMS, secrets management, or enterprise key management platforms.
• Experience with blockchain, ZK, protocol engineering, smart contracts, or high-assurance software.
• Familiarity with post-quantum or quantum-resistant cryptography concepts.
• Experience evaluating AI-generated code or AI-generated remediation outputs.
• Experience working in customer-facing technical roles or consulting environments.

Your responsibilities

• Analyze cryptographic issues detected in code by automated tools and security workflows, and assess whether they are valid, complete, and correctly classified.
• Review cryptographic implementations across different programming languages, identifying weak algorithms, misconfigurations, incorrect assumptions, and insecure usage patterns.
• Validate proposed remediations, including AI-generated fixes, to ensure they meet cryptographic and systems security standards.
• Improve detection and remediation quality by documenting edge cases, recurring patterns, false positives, and recommendations for tooling improvements.
• Create or adjust detection rules, including Semgrep/OpenGrep rules, for identifying cryptographic patterns and potential risks.
• Support engineering teams in encryption-related migrations across databases, filesystems, networks, and interconnected systems.
• Analyze complex repositories to understand how cryptography is used, how systems are built, and how changes may impact security and stability.
• Work with customer engineering teams and internal specialists to assess cryptographic posture, explain risks, and recommend practical next steps.
• Collaborate with cryptographers, software engineers, systems engineers, AI/LLM researchers, and product teams.
• Maintain clear documentation of findings, assumptions, risks, and action plans to support repeatable analysis and continuous improvement.

About the project

This is how we organize our work

What we offer

• Stable, long-term, full-time collaboration.
• Remote work within Poland and flexible working hours.
• High engineering culture with a focus on growth and learning.
• Multinational teams.
• Benefits: Private medical care, Multisport card, and workation (work for a week from Barcelona or elsewhere).

Benefits

• sharing the costs of sports activities
• private medical care
• remote work opportunities
• integration events

Rite NRG sp. z o.o.