Our client, is seeking a high-caliber Lead Software Engineer to head the development of their core cryptographic engine.
This engine is a high-performance, cross-platform C/C++ library that delivers mission-critical data encryption, tokenization, key management, HSM integration, and payment-terminal security for Tier-1 banks, major retailers, and healthcare organizations worldwide. The product compiles and ships across a vast matrix of operating systems—including Linux, Windows, macOS, AIX, Solaris, HPE NonStop, and IBM z/OS.
...
This is a technical leadership role requiring deep systems-level C/C++ development. You will be a hands-on "player-coach"—writing substantial production code, establishing engineering best practices, driving architectural design reviews, and acting as a senior escalation authority for complex cross-platform and mainframe-integrated defects.
Position Type: 6-Month Contract
Location: Hybrid / Office-Based (On-site presence required at the Richmond Hill, ON office location)
Advantages
High-Impact Cryptographic Ownership: Take technical ownership of an elite, enterprise-grade security system used globally by major financial infrastructures.
Extreme Platform Breadth: Work across an ultra-rare matrix of computing platforms, including POS terminals, Linux/Windows cloud instances, HPE NonStop, and legacy IBM mainframes.
Modern Toolchain Transition: Drive cutting-edge mainframe modernization work, utilizing modern VS Code-based developer toolchains to interface with legacy architectures.
Strategic Future Focus: Pioneer the organization's security roadmap for post-quantum cryptographic algorithm readiness (ML-KEM, ML-DSA) and FIPS 140 compliance.
Responsibilities
Technical Leadership & Architecture
Engineering Culture: Set coding standards, comprehensive testing strategies, and a rigorous peer code-review culture across the global engineering squad.
End-to-End Feature Design: Lead product features from original requirement mapping through strict API design, implementation, and multi-platform qualification testing.
Build Optimization: Manage the cross-platform compilation and packaging strategy utilizing CMake, GitLab CI, Jenkins pipelines, artifact promotion, and secure code signing.
DevSecOps Ingestion: Embed automated static analysis, security vulnerability scanning, and dependency management tools directly into the unified CI pipeline.
Technical Escalation: Serve as the final escalation authority for customer defects involving cryptographic correctness, hardware security module (HSM) integrations, and platform authorization frameworks.
Hands-on Full-Stack & Core Systems Engineering
Cryptographic Engineering: Implement and refine complex symmetric/asymmetric ciphers, format-preserving encryption (FPE), key wrapping algorithms, message authentication codes, and TLS configurations in C and C++.
Multi-Language Interop Bindings: Own the Java SDK layer—managing both pure-Java modules and components that interface with the native C library through cross-language runtime boundaries (JNI interop).
Mainframe Engineering (IBM z/OS Core): Partner with the team's mainframe specialists to build, maintain, and support the product's IBM z/OS port. Write portable code across the IBM xLC/C++ compiler, HLASM assembly interfaces, and COBOL callable boundaries via JCL build configurations and SMP/E installation packages.
Systems Consulting: Engage directly with client-side z/OS Systems Programmers to troubleshoot runtime issues, TLS hygiene, and SAF/RACF/ACF2 authentication security integrations.
Qualifications
Essential Criteria ("What Excellent Looks Like")
Expert C/C++ Systems Development: 8+ years of professional experience writing highly portable, maintainable C/C++ source code across disparate compilers, architectures, and platforms, with deep knowledge of avoiding undefined behaviors.
Operating System Depth: Deep foundational understanding of OS memory management, dynamic linking, shared-library design, multi-threading models, and process isolation across at least two platforms (e.g., Linux, Windows, AIX).
Applied Cryptography & Standards: Hands-on experience implementing public-key cryptography, symmetric ciphers, key management structures, and custom TLS/SSL configurations.
Native Interoperability Boundaries: Proven experience owning native interoperation boundaries in production, managing strict memory ownership and error-propagation boundaries between cross-language bindings.
Build Systems & Pipelines: Demonstrated mastery maintaining CMake configurations across multi-compiler environments, combined with direct ownership of designing multi-stage CI/CD delivery pipelines.
Java Mastery: Robust production-quality Java experience with the ability to diagnose JVM runtime and interop integration failures.
Highly Preferred Technical Assets
C# / .NET Profile: Strong background in .NET Standard library design, native interop wrappers, and NuGet packaging.
HSM Integrations: Direct, referenceable experience deploying PKCS#11 or Hardware Security Module SDKs (e.g., Thales Luna, nCipher nShield, Atalla).
Post-Quantum Cryptography (PQC): Familiarity with the NIST PQC standards trajectory and upcoming algorithm frameworks (ML-KEM, ML-DSA, SLH-DSA).
Payment Domain Knowledge: Practical familiarity with banking standards such as ISO 8583, EMV, PCI-DSS P2PE, and terminal-to-host key exchange mechanisms.
IBM z/OS Environment Familiarity: Prior experience or strong architectural familiarity with JCL, HLASM, xLC/C++, SMP/E packaging, TSO/ISPF, and the z/Architecture 31-bit/64-bit addressing models. (A strong systems C/C++ programmer with a passionate interest in non-POSIX environments will be considered).
HPE NonStop Infrastructure: Experience or interest in the Guardian/OSS shell, TAL/pTAL programming, and C cross-compilation configurations.
Summary
If you are a premier Systems Engineer who thrives on low-level memory allocation, deep cryptographic mathematics, and cross-platform architecture compilation from Linux to the Mainframe, this Richmond Hill mandate offers a phenomenal technical stage. Bring your C/C++ expertise, multi-language interop skills, and technical leadership to an elite data security squad today!
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
This posting is for existing and upcoming vacancies.
show more
Our client, is seeking a high-caliber Lead Software Engineer to head the development of their core cryptographic engine.
This engine is a high-performance, cross-platform C/C++ library that delivers mission-critical data encryption, tokenization, key management, HSM integration, and payment-terminal security for Tier-1 banks, major retailers, and healthcare organizations worldwide. The product compiles and ships across a vast matrix of operating systems—including Linux, Windows, macOS, AIX, Solaris, HPE NonStop, and IBM z/OS.
This is a technical leadership role requiring deep systems-level C/C++ development. You will be a hands-on "player-coach"—writing substantial production code, establishing engineering best practices, driving architectural design reviews, and acting as a senior escalation authority for complex cross-platform and mainframe-integrated defects.
Position Type: 6-Month Contract
Location: Hybrid / Office-Based (On-site presence required at the Richmond Hill, ON office location)
Advantages
High-Impact Cryptographic Ownership: Take technical ownership of an elite, enterprise-grade security system used globally by major financial infrastructures.
...
Extreme Platform Breadth: Work across an ultra-rare matrix of computing platforms, including POS terminals, Linux/Windows cloud instances, HPE NonStop, and legacy IBM mainframes.
Modern Toolchain Transition: Drive cutting-edge mainframe modernization work, utilizing modern VS Code-based developer toolchains to interface with legacy architectures.
Strategic Future Focus: Pioneer the organization's security roadmap for post-quantum cryptographic algorithm readiness (ML-KEM, ML-DSA) and FIPS 140 compliance.
Responsibilities
Technical Leadership & Architecture
Engineering Culture: Set coding standards, comprehensive testing strategies, and a rigorous peer code-review culture across the global engineering squad.
End-to-End Feature Design: Lead product features from original requirement mapping through strict API design, implementation, and multi-platform qualification testing.
Build Optimization: Manage the cross-platform compilation and packaging strategy utilizing CMake, GitLab CI, Jenkins pipelines, artifact promotion, and secure code signing.
DevSecOps Ingestion: Embed automated static analysis, security vulnerability scanning, and dependency management tools directly into the unified CI pipeline.
Technical Escalation: Serve as the final escalation authority for customer defects involving cryptographic correctness, hardware security module (HSM) integrations, and platform authorization frameworks.
Hands-on Full-Stack & Core Systems Engineering
Cryptographic Engineering: Implement and refine complex symmetric/asymmetric ciphers, format-preserving encryption (FPE), key wrapping algorithms, message authentication codes, and TLS configurations in C and C++.
Multi-Language Interop Bindings: Own the Java SDK layer—managing both pure-Java modules and components that interface with the native C library through cross-language runtime boundaries (JNI interop).
Mainframe Engineering (IBM z/OS Core): Partner with the team's mainframe specialists to build, maintain, and support the product's IBM z/OS port. Write portable code across the IBM xLC/C++ compiler, HLASM assembly interfaces, and COBOL callable boundaries via JCL build configurations and SMP/E installation packages.
Systems Consulting: Engage directly with client-side z/OS Systems Programmers to troubleshoot runtime issues, TLS hygiene, and SAF/RACF/ACF2 authentication security integrations.
Qualifications
Essential Criteria ("What Excellent Looks Like")
Expert C/C++ Systems Development: 8+ years of professional experience writing highly portable, maintainable C/C++ source code across disparate compilers, architectures, and platforms, with deep knowledge of avoiding undefined behaviors.
Operating System Depth: Deep foundational understanding of OS memory management, dynamic linking, shared-library design, multi-threading models, and process isolation across at least two platforms (e.g., Linux, Windows, AIX).
Applied Cryptography & Standards: Hands-on experience implementing public-key cryptography, symmetric ciphers, key management structures, and custom TLS/SSL configurations.
Native Interoperability Boundaries: Proven experience owning native interoperation boundaries in production, managing strict memory ownership and error-propagation boundaries between cross-language bindings.
Build Systems & Pipelines: Demonstrated mastery maintaining CMake configurations across multi-compiler environments, combined with direct ownership of designing multi-stage CI/CD delivery pipelines.
Java Mastery: Robust production-quality Java experience with the ability to diagnose JVM runtime and interop integration failures.
Highly Preferred Technical Assets
C# / .NET Profile: Strong background in .NET Standard library design, native interop wrappers, and NuGet packaging.
HSM Integrations: Direct, referenceable experience deploying PKCS#11 or Hardware Security Module SDKs (e.g., Thales Luna, nCipher nShield, Atalla).
Post-Quantum Cryptography (PQC): Familiarity with the NIST PQC standards trajectory and upcoming algorithm frameworks (ML-KEM, ML-DSA, SLH-DSA).
Payment Domain Knowledge: Practical familiarity with banking standards such as ISO 8583, EMV, PCI-DSS P2PE, and terminal-to-host key exchange mechanisms.
IBM z/OS Environment Familiarity: Prior experience or strong architectural familiarity with JCL, HLASM, xLC/C++, SMP/E packaging, TSO/ISPF, and the z/Architecture 31-bit/64-bit addressing models. (A strong systems C/C++ programmer with a passionate interest in non-POSIX environments will be considered).
HPE NonStop Infrastructure: Experience or interest in the Guardian/OSS shell, TAL/pTAL programming, and C cross-compilation configurations.
Summary
If you are a premier Systems Engineer who thrives on low-level memory allocation, deep cryptographic mathematics, and cross-platform architecture compilation from Linux to the Mainframe, this Richmond Hill mandate offers a phenomenal technical stage. Bring your C/C++ expertise, multi-language interop skills, and technical leadership to an elite data security squad today!
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
This posting is for existing and upcoming vacancies.
show more