Technical Consultant

EXCLUSIVE NETWORKS | Introduction

Exclusive Networks is the global cybersecurity go-to-market specialist that provides partners and end-customers with a wide range of services and product portfolios. With offices in over 45 countries and the ability to serve customers in over 170 countries, we combine deep local expertise with the scale and delivery of a single global organization.

Our best-in-class vendor portfolio is carefully curated with all leading industry players. Our services range from managed security to specialist technical accreditation and training and capitalize on rapidly evolving technologies and changing business models. For more information visit www.exclusive-networks.com.

At Exclusive Networks, we are passionate about making a difference. That means delivering the best to our ecosystem, shaping a prosperous and trusted digital world, and helping our people to realize their full potential.

DUTIES AND RESPONSIBILITIES | About the role

Professional or technical pre-sales, engineering, or technical management role focusing on the Thales Data Security Portfolio, the duties and responsibilities center around architectural design, deployment lifecycle management, compliance enforcement, and technical validation.

The primary responsibilities are broken down by key Thales core platforms below:

As the Technical Consultant, you will:

Core Hardware Security Modules (HSM) Management

• Deployment & Provisioning: Architecting, initializing, and configuring Thales Luna Network HSMs (such as the Luna T-Series) and payShield 10K payment processing HSMs to establish a secure hardware Root of Trust.
• Role Administration: Defining and enforcing strict multi-person segregation of duties (M of N quorum schemas). Overseeing the initialization of appliance-level and partition-level administrative boundaries, including HSM Security Officer (SO) and Partition Security Officer (PO) environments.
• Lifecycle & Maintenance: Managing firmware upgrade paths, evaluating risk mitigation strategies for firmware rollbacks, and establishing backup-and-restore topologies ensuring cloning domains match across network and backup HSM nodes.
• Application Integration: Developing or validating client-side integration via standard APIs like PKCS#11, Microsoft CNG, and Java (JCA/JCE) using tools like LunaCM and the Crypto Command Center (CCC) for centralized graphical provisioning.

2. Enterprise Key Management & Data Protection

• Centralized Key Orchestration: Designing and maintaining enterprise key storage fabrics leveraging the CipherTrust Data Security Platform (CDSP) and CipherTrust Manager.
• Lifecycle Orchestration: Automating the creation, storage, rotation, auditing, and destruction of encryption keys across heterogeneous systems, local datacenters, and multi-cloud infrastructure (BYOK/HYOK).
• Granular Access Control: Setting and monitoring cryptographic access policies, verifying that administrative workloads are strictly separated from raw data access parameters.
• Data-at-Rest Protection: Implementing CipherTrust connectors (Transparent Encryption, Application Data Protection, Tokenization) to guard sensitive databases, file systems, and storage arrays.

3. Compliance, Regulatory Alignment & Security Architecture

• Regulatory Framework Mapping: Consulting on data sovereignty and privacy requirements—such as India's Digital Personal Data Protection (DPDP) Act 2023, GDPR, HIPAA, and PCI-DSS—and matching them directly to Thales tokenization, masking, and HSM logging configurations.
• Audit and Security Readiness: Configuring unified logging, tracking, and alerting metrics within the platform to provide automated, tamper-evident audit trails for regulatory compliance officers.
• Crypto Agility & Future Proofing: Introducing quantum-resistant architectures by leveraging Functionality Modules (FMs) inside Luna HSMs to safely prototype and implement early Post-Quantum Cryptography (PQC) or custom algorithms.

4. Technical Pre-Sales & Solution Engineering

• PoC Execution & Validation: Designing and proving out complex Proof-of-Concepts (PoCs) showing secure transaction flows, automated high-throughput scaling, or secure database migration.
• Technical Advisory: Collaborating with enterprise infrastructure architects, cloud security engineering squads, and C-level stakeholders to present risk mitigation strategies, overcome performance bottlenecks, and map business security requirements into concrete technical topologies.

QUALIFICATIONS AND EXPERIENCE | About you

The ideal Technical Consultant :

We are seeking an experienced HSM & Data Security Engineer with strong expertise in Thales Hardware Security Modules (Luna HSM / payShield 10K) to support enterprise security, cryptography, and payment security implementations.

Key Requirements

Experience

• 3–8 years in Information Security, Data Security, Cryptography, or HSM administration
• Hands-on experience with Thales Luna HSM and/or payShield 10K
• Experience in BFSI, banking, government, or payment security environments preferred

Technical Expertise

• HSM deployment, installation, configuration, and troubleshooting
• Key lifecycle management, HA setup, backups, DR, firmware upgrades
• Payment HSM experience (LMK, ZMK, TMK, PVK, CVK, BDK, ATM/POS integrations)
• Strong knowledge of PKI, SSL/TLS, encryption, digital certificates, and key management
• Linux (RHEL/CentOS/Ubuntu) and Windows Server
• Networking fundamentals (TCP/IP, DNS, firewalls)

Preferred Exposure

• Thales CipherTrust / SafeNet solutions
• Cloud HSM (AWS, Azure, GCP)
• PKI platforms (ADCS, EJBCA, DigiCert)
• Banking/payment security projects

Certifications (Nice to Have)

• Thales Luna / payShield / CipherTrust
• CISSP, CISM, CEH, Security+
• PCI PCIP
• Cloud security certifications (AWS / Azure / GCP)

Soft Skills

• Strong troubleshooting and analytical skills
• Good communication and client-facing ability
• Ability to work independently and in teams
• Documentation and solution design experience
• Willingness to travel for deployments/support

WHO ARE EXCLUSIVE NETWORKS? | Why work for us

We are people focused and strongly believe that talent empowers us to continue our dynasty of disruption and growth in the future. Our Mission is to drive the transition to a totally trusted digital world for all people and organizations. Visit our website www.exclusive-networks.com.

We are proud to be an Equal Opportunity Employer. We are committed to the recruitment and hiring of individuals from diverse backgrounds and experiences, as we believe this strengthens our ability to develop superior solutions, make informed decisions, and better serve our valued customers. We do not discriminate against individuals on the basis of race, religion, color, national origin, gender, sexual orientation, disability status, or any similar characteristic. Employment decisions are made solely on the basis of qualifications, merit, and business need. Please click here to review our Diversity and Inclusion Policy for further information.

We care about your data: please click here to read our Recruitment Data Protection Policy prior to applying, and therefore sharing your data with us.

If you think the open position you see is right for you, we encourage you to apply!
Our people make all the difference in our success.