Fireblocks Implementation & Key Management Specialist

Job Description

TECHNOGEN, Inc. is a Proven Leader in providing full IT Services, Software Development and Solutions for 15 years.

TECHNOGEN is a Small & Woman Owned Minority Business with GSA Advantage Certification. We have offices in VA; MD & Offshore development centers in India. We have successfully executed 100+ projects for clients ranging from small business and non-profits to Fortune 50 companies and federal, state and local agencies.

Job Title: Fireblocks Implementation & Key Management Specialist

Location: Austin, TX or San Francisco, CA (Hybrid)

Role Summary

We are seeking a Fireblocks Implementation & Key Management Specialist to own the end-to-end deployment, configuration, and operational governance of the Fireblocks platform within our Centralized High-Speed Blockchain Payment Rail. This role is the organizational authority on Fireblocks MPC-CMP key management, institutional wallet architecture, and cryptographic key lifecycle across 1,800+ connected institutions.

You will implement the Fireblocks MPC-CMP protocol delivering 1-round signing (8x faster than generic MPC), architect split private key structures with automatic minute-interval refresh, and integrate Intel SGX hardware enclaves for tamper-resistant key operations. You will design Policy Engine configurations governing transaction authorization, co-signer workflows, and threshold governance for the payment rail.

The role bridges Security Engineering, Blockchain Engineering, and Compliance, ensuring that key management infrastructure meets SOC 2 Type 2, PCI DSS, ISO 27001, and C4 CCSS QSP Level 3 certification standards while sustaining 100K+ TPS throughput with sub-second finality.

Key Responsibilities

Lead the full Fireblocks platform implementation: workspace configuration, API co-signer setup, MPC key generation ceremonies, and HSM integration

Architect and deploy Fireblocks MPC-CMP key management with 1-round signing, split key shares across geographic nodes, and automated key refresh cycles at minute intervals

Configure and manage the Fireblocks Policy Engine: define authorization rules, multi-level approval workflows, transaction velocity limits, and role-based signing thresholds

Integrate Intel SGX enclaves for hardware-isolated key storage and signing operations, ensuring private key material never leaves secure enclave boundaries

Design and execute key generation ceremonies for root keys with multi-sig governance, air-gapped signing environments, and quorum-based recovery procedures

Own the Fireblocks Network topology connecting 1,800+ institutional counterparties: manage workspace listing, API key provisioning, and secure channel establishment

Implement automated key rotation schedules, emergency key revocation workflows, and disaster recovery procedures with RPO=0 targets

Integrate Fireblocks SDK with the Hyperledger Fabric endorsement layer: map Fabric MSP identities to Fireblocks vault accounts and signing policies

Build and maintain audit trails for all key operations: signing events, policy changes, key rotations, and access control modifications for regulatory evidence

Conduct Fireblocks-specific penetration testing, red team simulations, and chaos drills including co-signer node failures and key shard loss scenarios

Collaborate with the Security & Cryptography Engineer on ZK-proof anchoring workflows and cross-chain signing requirements for Ethereum bridge operations

Serve as primary liaison with Fireblocks customer success and engineering teams for platform upgrades, vulnerability disclosures, and custom integration support

Produce and maintain operational runbooks, key management policies, and compliance documentation for SOC 2 / ISO 27001 audit evidence

Required Qualifications

7+ years in security engineering or key management, with 3+ years hands-on Fireblocks platform deployment and administration

Deep expertise in Fireblocks MPC-CMP protocol: vault account architecture, API co-signer configuration, workspace policy management, and Fireblocks SDK integration

Strong understanding of MPC threshold signing schemes: MPC-CMP, GG18/GG20, FROST - protocol mechanics, security assumptions, and operational trade-offs

Experience designing and executing cryptographic key ceremonies: air-gapped environments, Shamir Secret Sharing, quorum procedures, and hardware token integration

HSM integration experience: Thales Luna, AWS CloudHSM, Azure Dedicated HSM, or equivalent enterprise-grade hardware security modules

Intel SGX/TDX enclave programming or integration experience: enclave lifecycle management, remote attestation, and sealed storage

PKI infrastructure: X.509 certificate lifecycle, CA hierarchy design, mTLS provisioning, and automated certificate rotation

Regulatory compliance implementation: SOC 2, PCI DSS, ISO 27001, and blockchain-specific frameworks (C4 CCSS QSP)

Proficiency in Go, Python, or Node.js for Fireblocks SDK integration, automation scripting, and key management tooling

BS/MS in Computer Science, Cryptography, or Information Security

Preferred Qualifications

Fireblocks Certified Implementation Partner (FCIP) designation or equivalent Fireblocks platform certification

Experience integrating Fireblocks with Hyperledger Fabric, Stellar Network, or other permissioned blockchain frameworks

Knowledge of FIPS 140-2/3 Level 3/4 compliance requirements for cryptographic modules

Travel Rule protocol implementation for cross-border compliance (IVMS 101, OpenVASP, or TRP)

Published research or open-source contributions in applied cryptography or MPC protocols

Financial services regulatory background: GLBA, FFIEC, Reg SP, or equivalent institutional custody frameworks

CISSP, CISM, CEH, or GIAC GREM certification

Prior custody or prime brokerage technology experience at a financial institution or digital asset custodian

Technical Skills Required

Fireblocks Platform

MPC-CMP Protocol, Policy Engine, API Co-Signer, Workspace Admin, Fireblocks SDK, Network Topology

Key Management

HSMs (Thales/AWS/Azure), Key Ceremonies, Multi-sig Governance, Key Rotation, FIPS 140-2/3

Cryptography

Threshold Signing (MPC-CMP, FROST), ZK-Proofs, Merkle Trees, PKI/X.509, mTLS, SGX Enclaves

Blockchain Integration

Hyperledger Fabric MSP, Stellar Network, Ethereum Signing, Cross-chain Bridge Protocols

Compliance Frameworks

SOC 2 Type 2, PCI DSS, ISO 27001, C4 CCSS QSP L3, Travel Rule / IVMS 101

Languages & Tools

Go, Python, Node.js, Fireblocks SDK, OpenSSL, AWS KMS, Azure Key Vault

Identity & Access

PKI / X.509, Certificate Rotation, mTLS, OAuth 2.0 / JWT, RBAC Policy Design

Observability

Audit Log Pipelines, SIEM Integration, SOC Operations, Incident Response Runbooks