IT stack engineer / Key Manager

Giesecke+Devrient makes the lives of billions of people around the world more secure. We create trust in the digital age with integrated security technologies in three business areas: Digital Security, Financial Platforms and Currency Technology. We have been a reliable partner for our customers for over 170 years with our innovative solutions for SecurityTech! We are an international technology group and traditional family business with over 14,000 employees in 40 countries. Creating Confidence is our path to success. Trust is the basis of our co-operation within G+D.

At G+D Mobile Security we are looking for an IT stack engineer / Key manager. This is a combined role responsible for the secure administration, processing, and lifecycle management of cryptographic keys and digital certificates across the organization’s systems, products, and customer solutions. This role ensures the confidentiality, integrity, and availability of sensitive data by applying best practices in key management, supporting compliance with international security and quality standards, and coordinating with multiple internal teams to ensure security-aligned operations.

The position plays a critical role in guaranteeing the correct processing of customer-provided data and keys, supporting card configuration and personalization processes, and ensuring adherence to corporate and regulatory requirements.

Apart from key management activities, this role is part of IT stack team and for that reason it's also responsible for system adminstrartion tasks.

Key Responsibilities

• Oversee the generation, distribution, rotation, renewal, and revocation of cryptographic keys and digital certificates.
• Ensure proper exchange, secure handling, and processing of keys and certificates with customers and internal stakeholders.
• Maintain, operate, and update key management systems, including Key Stations, Key Admin tools, Hardware Security Module (online/offline), and supporting software.
• Monitor, audit, and document key usage, inventories, and access logs to ensure compliance with internal policies and regulatory frameworks (e.g., GDPR, PCI DSS, PCI CPP, Common Criteria).
• Conduct regular security and quality checks (e.g., quarterly safe checks, tamper inspections) on hardware security modules.
• Document key management policies, procedures, workflows, and guidelines.
• Participate in internal and external security audits, demonstrating and explaining the end-to-end key management process.
• Communicate and coordinate with cross-functional teams, including Product Management, R&D, IT, Customer Project Managers, and Compliance teams.
• Deliver training and guidance to internal teams on secure key handling and management practices.
• Ensure operational compliance with corporate and customer-specific standards (ISO 27001, ISO 9001, ISO 14001, PCI DSS, GMSA SAS SM, GMSA SAS UP, etc.).
• Setup and operate virtualizatin layer, including Vmware, VMs.
• Setup and operate hardware, including HSM, servers.
• Setup and operate operative systems.
• Manage physical and logical access to configuration items.
• Plan and execute changes, including coordination, planning and notification about changes.

Typical Activities

• HSM integration: Operation and maintenance of Hardware Security Modules (HSM) and Key Management Systems.
• Key Lifecycle Management: Management of the entire lifecycle of cryptographic keys (creation, distribution, rotation, locking, deletion)
• Certificate management: Provisioning and administration of SSL/TLS certificates for internal and external systems.
• Incident Response: Support for security incidents related to keys or certificates.
• Policy & Compliance: Ensuring compliance with security policies, standards (e.g. ISO 27001, PCI DSS, GSMA Security Accreditation Scheme) and regulatory requirements.
• Documentation: Creation and maintenance of guidelines, processes and technical documentation
• Perform health checks and maintenance of infrastructure
• Timely and accurarte time reporting
• IT infrastucture activities. Operative system, Hardware setup (mainly HSMs) and virtualization layers.
• Support data base administrators.

Qualifications

• Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent professional experience).
• Experience in digital key management, cryptography, PKI, or IT security operations.
• Familiarity with key management systems and tools (e.g., AWS Key Management Service, Microsoft Azure Key Management, Hardware Security Modules).
• Solid understanding of encryption algorithms, digital certificates, secure protocols, and cryptographic standards.
• Strong organizational skills with excellent attention to detail and documentation accuracy.
• Ability to work independently and collaboratively across multiple departments.
• Knowledge of regulatory, compliance, and quality frameworks (e.g., GDPR, PCI DSS, ISO standards) is a strong plus.
• Experience in operations of virtualization layer, hardware, operating systems and monitoring.

What’s great about working with us:

• Culture and diversity: Join a people oriented environment with different nationalities and a great team spirit, flat hierarchies (everyone speaks to everyone). Equal Opportunity Employer and LGBT+ friendly.
• Global Collaboration: Work collaboratively with stakeholders around the globe.
• Career Development: Benefit from continuous training, coaching, and talent development programs.
• Social Benefits: flexible compensation (transport tickets, training, private insurance), etc.
• Canteen: take a break with our breakfast and lunch service: chose between a wild range of menus, salad desk, and sandwiches service. Nicely prices!
• Work-Life Balance: Flexible working hours with the option for remote work (M-Th 8.30 – 17.30 and Fri 8.30 – 15.30; 3 days of remote work).
• Location: Sant Joan Despí. Easy communication by public transport.

Privacy Notice
The personal data you provide will be processed to manage your application in accordance with the GDPR and our Privacy Policy, available at Data Privacy | G+D.

$$ We are an equal opportunity employer! We promote diversity in all its forms and create an inclusive work environment, free from prejudice, discrimination and harassment, in which all employees feel a sense of belonging. We warmly welcome all applications regardless of gender, age, race or ethnic origin, social and cultural background, religion, disability and sexual orientation. 

 $$ HR Team Spain $$ seleccion.gdi@gi-de.com $$ $$ $$ https://career5.successfactors.eu/career?company=gieseckede&career_job_req_id=26276&career_ns=job_application