First, make sure you need encryption for the data at rest.  The easy answer is "sure! I want that! It's more secure!" but there are management costs that come along with using encryption, specifically key management. If you want to encrypt, the security of the ciphertext is only as secure as the process you use to manage and distribute and update the keys. So make sure you need it. 

If using an asymmetric algorithm for crypto, the sender encrypts with a public key. 

The receiver decrypts using the private key, that the receiver alone possesses. 

The algorithms for RSA hybrid encryption are pretty standard and easy to use in just about any programming language.  So you'd need an implementation of that, on either end.  If you're encrypting from within an Integration, then you probably want to use a Cloud Run service, or somehting like that, running some Python or Java logic that does the crypto.  Then upload the resulting file via SFTP .  The receiver is responsible for decrypting (not your job I suppose).