Back

Develop and implement cryptographic methods

URN: TECDT80844
Business Sectors (Suites): IT(Cyber Security)
Developed by: e-skills
Approved on: 2023

Overview

This standard is about developing and implementing cryptographic methods.

Cryptography engineers manage the communications security of an organisation. They secure computer system data sharing by creating algorithms and ciphers to encrypt data. They also analyse existing encryption systems to identify weaknesses and vulnerabilities.

Developing and implementing cryptographic methods involves creating and testing cryptography techniques and implementing encryption solutions to protect organisational data and provide secure data communications. This includes the integration of cryptography into system development processes, and implementing algorithms and ciphers to avoid security gaps. They provide advice and guidance on where cryptography can be used. This also includes responsibility for being the key custodian for any cryptographic keys held.

This standard is for those who need to develop and implement cryptographic methods as part of their duties.

Performance criteria

You must be able to:

  1. Evaluate existing organisational communications protocols to identify vulnerabilities

  2. Design proof of concept cryptographic tools that can be evaluated for security compliance approval

  3. Manage the lifecycle of cryptographic tools and keys from design to retirement in line with organisational procedures

  4. Implement approved cryptographic protocols and algorithms in line with organisational requirements
  5. Provide troubleshooting and technical support to resolve cryptography problems
  6. Plan and schedule when cryptographic keys are replaced in line with organisational procedures
  7. Coordinate staff designated as Key Custodians in line with organisational procedures
  8. Act as a cryptographic key custodian in line with organisational procedures

  9. Communicate with third parties to arrange secure key distribution in line with organisational procedures

  10. Arrange with system owners to implement key changes in line with organisational procedures

  11. Process SSL (Secure Sockets Layer) web encryption security certificate requests from internal customers in line with organisational procedures

  12. Maintain, track, and follow expiry of SSL certificates in line with organisational procedures

  13. Support security compliance audits by collating and presenting cryptographic evidence in line with auditor requests
  14. Produce cryptography technical design specifications and documentation in line with organisational procedures

Knowledge and Understanding

You need to know and understand:

  1. The basic principles of cryptography and its use in a networked systems environment
  2. How to create and decipher codes and encryptions that keep data and communications secure
  3. Different authentication methods including as passwords and certificates
  4. The difference between encoding and encrypting
  5. How to develop and test ciphers and algorithms
  6. How cryptographic security keys work and function to protect data in transit and rest
  7. How to evaluate existing communications protocols to identify vulnerabilities
  8. How to identify and mitigate potential risks associated with implementing cryptographic algorithms
  9. How to develop proof of concept cryptographic tool designs
  10. The steps involved in managing the lifecycle of cryptographic tools and keys
  11. The differences between symmetric and asymmetric cryptography
  12. The main cryptography techniques including Symmetric Encryption Asymmetric Encryption Hashing
  13. Common encryption protocols and software applications used to support these
  14. Industry standard communication protocols
  15. What is meant by Quantum-safe cryptography
  16. How to design and evaluate modifications to common communication protocols to improve security
  17. Common industry standard cryptographic algorithms including DES, 3DES, RSA, RC4
  18. How to design, implement and evaluate new cryptographic protocols and algorithms
  19. The steps involved in developing prototype implementations of quantum-safe communications protocols
  20. How to schedule deployment and configuration of cryptographic tools and equipment
  21. The steps involved in providing troubleshooting and technical support to resolve problems
  22. How to plan and schedule when cryptographic keys need to be replaced
  23. The role of a cypher key custodian
  24. The importance of coordinating staff designated as Key Custodians
  25. The importance of communicating with third parties to arrange secure key distribution
  26. The procedures for working with system owners to implement key changes
  27. The role of SSL security certificates to evidence trustworthy web sites with encryption
  28. How to process SSL security certificate requests from internal customers
  29. The importance of maintaining, tracking SSL certificates following expiry
  30. The importance of supporting compliance audits by collating and presenting evidence as requested
  31. The legislation that applies to cryptography implementation
  32. How to produce cryptography technical design specifications and documentation

Scope/range

Scope Performance

Scope Knowledge

Values

Behaviours

Skills

Glossary

Links To Other NOS

External Links

Version Number

1

Indicative Review Date

2026

Validity

Current

Status

Original

Originating Organisation

ODAG Consultants Ltd.

Original URN

TECDT80844

Relevant Occupations

Information and Communication Technology Professionals

SOC Code

2135

Keywords

Cryptography, encryption, cipher