Cryptographic Key Management Operations Lead, Vice President, Hybrid
State Street is seeking an experienced Cryptographic Key Operations Lead to oversee the end-to-end lifecycle management of cryptographic keys across cloud, on-premises, infrastructure, and IoT environments.
Role Overview
This role ensures the secure generation, distribution, rotation, revocation, and retirement of encryption keys while maintaining compliance with regulatory and security policies. The Key Operations Lead will also manage and mentor a team of Key Management Engineers, driving operational excellence and automation to improve key lifecycle processes.
Responsibilities
1. Lead and manage a team of Key Management Engineers, providing guidance, mentoring, and technical leadership for cryptographic key lifecycle management.
2. Oversee daily operations and security of cryptographic key management, ensuring compliance with industry regulations such as PCI DSS, GDPR, and FIPS 140-2/3.
3. Drive the secure generation, storage, distribution, rotation, revocation, and retirement of encryption keys across various environments.
4. Monitor and respond to key management incidents, ensuring timely remediation and risk mitigation.
5. Collaborate with security, cloud, infrastructure, and DevSecOps teams to integrate cryptographic services into enterprise applications and frameworks.
6. Automate key management processes leveraging APIs, KMS platforms, security orchestration tools, and infrastructure-as-code methodologies.
7. Ensure high availability and reliability of key management services to support secure transactions and data protection.
Qualifications & Skills
* Bachelor's degree in Computer Science, Cybersecurity, or related field, or equivalent experience.
* 8+ years in key management operations, cryptographic security, or information security within regulated environments.
* Expertise in cryptographic key lifecycle management, including symmetric/asymmetric encryption, PKI, and HSMs.
* Experience with enterprise key management solutions such as AWS KMS, Azure Key Vault, HashiCorp Vault.
* Knowledge of financial security regulations and standards (PCI DSS, FIPS, NIST).
* Security certifications like CISM, CISSP, CCSP, AWS Security Specialty.
* Experience with post-quantum cryptography (PQC) and emerging cryptographic frameworks.
* Familiarity with JIRA, Confluence, and related tools.
Additional Details
Travel up to 25% may be required. This role can be performed in a hybrid model, balancing remote and on-site work.