Lead Security Engineer (Cryptography and Threat Modeling)
Indexed description
The primary focus of this engagement is to drive the creation of a cryptographic inventory across all products, with particular attention to FIPS 140-3 compliance. This includes identifying relevant issues, assessing findings, developing mitigation plans, and supporting audit readiness.
In addition, you will work closely with both the Security Team and product engineering teams to facilitate application threat modeling workshops and produce high-quality threat modeling reports.
Deliverables
- A complete crypto inventory for relevant products, including reports related to FIPS 140-3 compliance
- Mitigation plans and progress tracking for FIPS 140-3 cryptographic findings and issues, in collaboration with engineering teams
- Facilitated threat modeling workshops and corresponding reports
- Handover documentation and effective knowledge transfer to the Security Team
Feel free to work remotely from anywhere across Lithuania or connect with colleagues at our Vilnius and Kaunas offices.
Responsibilities
- Drive the creation of a crypto inventory across Signavio products, for example, using IBM QSE and agentic validation
- Review findings and issues related to FIPS 140-3, and define, coordinate, and track mitigation plans together with engineering teams
- Support threat modeling activities for cloud applications by facilitating workshops and producing clear, actionable reports
- Contribute to broader Secure Development and Operations Lifecycle (SDOL) activities within the team, as needed
Requirements
- 5+ years of experience in software security -you have implemented security initiatives end-to-end, not only provided advisory support
- Ability to work independently, take ownership, and drive topics to completion with minimal supervision
- Strong documentation, communication, and stakeholder management skills
- English proficiency at B2 level or higher
Nice to have
- Familiarity with IBM QSE
- Experience in cryptography
- Hands-on experience with agentic AI
- Experience using Jira for task and project tracking
- Prior exposure to security requirements in highly regulated environments, such as FedRAMP
We offer
- Engineering Heritage: Best-in-class experts sharing a culture of engineering excellence and tackling complex engineering challenges for over 30 years
- Advanced Tech Stack: Innovative projects where you can apply or enhance your expertise in Cloud, Data, AI, and other emerging technologies
- World-Class Clients: Work closely with 340+ of the Forbes Global 2000 on creating disruptive solutions that make a global impact
- Professional Growth: Exceptional support for career development with comprehensive resources for upskilling or reskilling in pioneering practices
- GenAI Community: Strong AI competencies with 600+ experts across 55+ locations driving GenAI-enabled transformation journeys
- Entrepreneurial Culture: If you're passionate and dedicated to improving business transformation, we provide the support you need to bring your ideas to life
- Hybrid Setup: The flexibility to work from any location in Lithuania, whether it's your home or our dynamic offices in Vilnius and Kaunas
- Other Benefits: Additional vacation and trust days, private health insurance, Employee Stock Purchase Plan and more
Salary range €4.5K-€6.5K gross, based on your experience and interview results.
EPAM is a leading global provider of digital platform engineering and development services. For over 30 years, our team has helped leading brands navigate the waves of digital transformation, building solutions that help them stay competitive through constant market disruption.With offices in 55+ countries, EPAM has grown in Lithuania to over 1,300+ talented innovators in just 5 years. We foster creativity and unconventional ways of doing things, welcoming like-minded professionals to join us.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search