What happened to all the /. posts about how there is an excess of qualified U.S. candidates and companies asking to raise the H1-B cap are just trying to pay people less?
Anyway, OP's problem is one I think is very common when you're actually looking for someone really good. Even if crypto or security is not the primary job, a senior architect/developer/designer will be able to do a much better job knowing about crypto and security for the same reasons such a person would do a much better job knowing about multi-threading or cache behaviors. Knowledge and skill in those areas will ensure the design and code starts out in a better state than otherwise. In today's increasingly security-conscious world even the most basic of applications and devices need team and project leads to consider security as a fundamental aspect of development.
A lot of answers to this post are basically stating security considerations are not important to the job or the questions are too specific. I disagree with that. (Although I do think it would be OK for people to make a few mistakes around details in an interview as long as they demonstrated proper understanding.)
Maybe a candidate does know how to set up a web site to use HTTPS instead of HTTP. Does that same candidate know why certain cipher suites should not be used? And that really only secures the public network communication. What ensures user passwords are not easily accessed while in use and not just while at rest? How do you protect sensitive keys, symmetric or private, like the one used to encrypt user data?
If you're putting together something super simple and turnkey like a personal blog then maybe you can get by just following examples you read online. But if you're actually developing a new application or device then your solutions will need to be customized to your needs and capabilities. And that's not something you can copy/paste out of a Google search.