Location: Phoenix, AZ (Hybrid)
Duration: Long-Term Contract
Client: Amex / Infosys
We are seeking an experienced Hardware Security Module (HSM) Migration Engineer to support the migration of enterprise cryptographic infrastructure. The ideal candidate will play a key role in planning, coordinating, and executing HSM migration activities while ensuring the security, integrity, and availability of cryptographic keys and payment-processing services.
This role requires hands-on experience with HSM administration, cryptographic key management, and migration projects within highly regulated environments such as financial services, banking, or payment processing.
Plan, coordinate, and execute HSM-to-HSM migration activities.
Install, configure, administer, and maintain enterprise HSM environments.
Perform cryptographic key backup, restoration, rotation, replication, and lifecycle management.
Ensure secure migration of cryptographic services with minimal downtime and operational risk.
Support enterprise payment-processing environments and cryptographic infrastructure.
Troubleshoot HSM hardware, software, and cryptographic service issues.
Collaborate with security, infrastructure, networking, application, and operations teams throughout the migration process.
Develop and maintain technical documentation, migration plans, operational procedures, and runbooks.
Ensure compliance with organizational security standards and regulatory requirements.
Participate in migration testing, validation, disaster recovery, and post-migration support.
3–6+ years of hands-on experience supporting enterprise Hardware Security Modules (HSMs).
Proven experience performing HSM-to-HSM migrations.
Experience supporting payment systems, financial services, banking, or other highly regulated environments.
Strong knowledge of enterprise cryptography, encryption, and key management.
Strong Linux and Windows Server administration experience.
Experience troubleshooting enterprise security infrastructure.
Excellent communication, documentation, and problem-solving skills.
Experience with payment-processing environments and card security programs.
Knowledge of:
EMV
PIN Encryption
Tokenization
Transaction Security
Experience with cloud-integrated HSM solutions and hybrid environments.
Knowledge of PCI-DSS, NIST, and information security best practices.
Familiarity with PKI, certificate management, and cryptographic key lifecycle management.
Experience with one or more of the following is highly desirable:
Thales Luna HSM
Entrust nShield
SafeNet Luna
IBM HSM
Futurex
Utimaco
AWS CloudHSM
Azure Managed HSM
Hardware Security Modules (HSM)
Cryptography & Encryption
Key Management
PKI & Certificate Management
Linux Administration
Windows Server
OpenSSL
Bash / PowerShell
PCI-DSS
NIST
Payment Security
Banking Security
Enterprise Infrastructure
Candidates with experience in the following industries are highly preferred:
Banking
Financial Services
FinTech
Payment Processing
Enterprise Security Operations
If you have hands-on experience with HSM migration, enterprise cryptographic infrastructure, and payment security in regulated environments, we'd love to hear from you.