Full-Time Hardware Security Module (HSM) Administrator Based in Cincinnati, OH
- Configure and maintain product settings, including Bank Identification Number (BIN) and Product Account Number (PAN) range assignments and mapping of token ranges to real PAN ranges.
- Configure and manage entities (issuers, domains, PAN/token ranges, requestors, card profiles, institutions, processing checks etc.).
- Manage Data Prep and Host Card Emulation (HCE) Configurations and User Rights Module Configurations.
- Provides operational and triage support for issuers incidents, including problems related to encryption, cryptography, and PAN-token mapping.
- Support Identification and Verification (ID&V) methods and related confidence levels.
- Responsible for understanding STE product and appropriately configuring product settings according to issuer needs.
- Administers cryptographic keys to facilitate transactions and create, store and manage keys of clients and vendors; collaborates on internal and client initiated digital certificates projects.
- Define standards for cryptographic key management and align storage and transmission methods to security best practices, including compliance with Payment Card Industry (PCI-DSS).
- Manage issuer data migrations both internally and from existing (3rd party) TSPs to TCH’s STE, including movement and syncing of cryptographic keys.
- Create and manage User Administration Access and Key Manager Administration processes and documentation.
- Performs end-to-end encryption of all client and vendor data in support of implementations.
- Stay abreast of all industry changes to ensure advancements are adopted as applicable.
- Assist on-boarding team with configuration issues when working with the HSM and provide technical support and technical training.
- Maintain, integrating and support new cryptographic applications and/or systems procedures and enhancements as part of implementation planning.
- Experience with PCI-HSM configuration.
- Minimum experience with Payments industry standards (PCI-DSS, ANSI, ISO, EMVCo, DUKPT).
- Experience with regulations and compliance related to PCI-DSS and FIPS 140-2 relating to debit and credit services.
- Minimum experience in a technical operations area of a financial institution, including an understanding of Card Services, debit/credit card processing and other card operations activities.
- Minimum experience with Card, Electronic Funds Transfer (EFT) and PIN networks and associated Payment Hardware Security Module (HSM) management.
- Familiar with EMV specifications and processes, both from an issuer and a merchant perspective.
- Familiar with payment network tokenization standards, both from an issuer and a digital/mobile wallet point of view.
21 total views, 1 today