Cryptography Engineer

Rite NRG is an outsourcing technology company focused on empowering businesses through innovative software solutions. The company emphasizes strong partnerships and delivering impactful results for clients.

• Strong understanding of classical and applied cryptography and its use in real software systems.
• Hands-on experience implementing, reviewing, or validating cryptographic mechanisms such as symmetric/asymmetric encryption, hashing, KDF, MAC/HMAC, encryption modes, TLS, or transport-layer security.
• Solid programming background with ability to read, analyze, and critique code across different technologies and codebases.
• Experience reviewing security findings, validating remediation proposals, or assessing correctness of cryptographic implementations.
• Good understanding of secure software engineering practices, modern development workflows, and production systems.
• Experience with complex systems, data migrations, system migrations, encryption migration, re-encryption, key rotation, or similar security-sensitive changes.
• Strong analytical mindset, attention to detail, and ability to document findings, assumptions, risks, and recommendations clearly.
• Fluency in Polish and advanced English communication skills, with accountability for technical decisions.

Nice to have:

• Experience with static code analysis tools, SAST, repository scanning, or remediation workflows.
• Experience writing or refining Semgrep / OpenGrep / CodeQL rules.
• Hands-on experience with HSM, KMS, secrets management, or enterprise key management platforms.
• Experience with blockchain, ZK, protocol engineering, smart contracts, or high-assurance software.
• Familiarity with post-quantum or quantum-resistant cryptography concepts.
• Experience evaluating AI-generated code or AI-generated remediation outputs.
• Experience working in customer-facing technical roles or consulting environments.

• Analyze cryptographic issues detected in code by automated tools and security workflows, assessing their validity, completeness, and classification.
• Review cryptographic implementations across different programming languages to identify weak algorithms, misconfigurations, incorrect assumptions, and insecure usage patterns.
• Validate proposed remediations, including AI-generated fixes, ensuring compliance with cryptographic and systems security standards.
• Improve detection and remediation quality by documenting edge cases, recurring patterns, false positives, and tooling improvement recommendations.
• Create or adjust detection rules, including Semgrep/OpenGrep rules, for identifying cryptographic patterns and potential risks.
• Support engineering teams in encryption-related migrations across databases, filesystems, networks, and interconnected systems.
• Analyze complex repositories to understand cryptography usage, system construction, and security/stability impact of changes.
• Collaborate with customer engineering teams and internal specialists to assess cryptographic posture, explain risks, and recommend practical next steps.
• Work with cryptographers, software engineers, systems engineers, AI/LLM researchers, and product teams.
• Maintain clear documentation of findings, assumptions, risks, and action plans to support repeatable analysis and continuous improvement.

Only candidates located in Poland are eligible for this remote position.