Key skills
PythonGoAnsibleOpenShiftAgileLeadershipProduct ManagementCollaboration
About this role
Red Hat is the world’s leading provider of enterprise open source software solutions, and they are seeking a Principal Product Security Engineer to lead their Portfolio Crypto Team. This role involves acting as the chief architect for Red Hat's cryptographic strategy, ensuring compliance, and driving collaboration across product teams to address evolving cryptographic threats.
Responsibilities:
- Serve as Red Hat's senior subject matter expert (SME) on cryptographic strategy, influencing and contributing to upstream communities (e.g., Go, python) and standards bodies (IETF)
- Consult with senior leadership and product architects to resolve complex, cross-portfolio dependencies and ensure strategic alignment
- Own and evolve the Portfolio’s formal cryptographic policy, defining the standards for algorithm use, key lengths, and protocol implementation across all products
- Serve as the central authority for cryptographic compliance strategy, working with the Product teams and Business Unit leaders to align engineering efforts with government and regulatory requirements
- Lead the strategic response to future cryptographic inflection points (e.g., new PQC standards, major breaks)
- Architect and govern the strategy for a common cryptographic API in conjunction with RHEL Security, enabling product teams to consume crypto services in a standardized, crypto-agile way
- Steer collaboration across product teams (OpenShift, Middleware, Ansible, etc.) to gather requirements and drive adoption of centralized, modern cryptographic libraries
- Architect and own the long-term strategy for cryptographic discovery, runtime analysis, and transition management within our products and for our customers
- Define the high-level requirements for our Cryptographic Bill of Materials (CBOM) and runtime auditing tools, partnering with build and platform teams to create a sustainable solution for tracking crypto use and risk across the portfolio
Requirements:
- Deep and broad expertise in applied cryptography (PKI, TLS, digital signatures) and core libraries (OpenSSL, NSS, GnuTLS, go)
- Expert-level understanding of modern cryptographic challenges and protocols, including Post-Quantum Cryptography (PQC)
- Proven experience architecting and driving complex, cross-portfolio technical strategy in a large, matrixed organization
- Demonstrable experience in authoring, evangelizing, and governing technical security policy, especially related to compliance standards like FIPS
- Ability to translate complex cryptographic concepts into actionable plans for engineering, product management, and executive leadership
- Deep knowledge of HSMs/PKCS#11, hardware-based key protection, and standards body participation