We are seeking an experienced Cryptographic Key Management Professional to support the end-to-end lifecycle management of cryptographic keys across various environments. This role ensures the secure generation, distribution, rotation, revocation, and retirement of encryption keys while maintaining compliance with regulatory and security policies.
Key Responsibilities:
* Support daily operations and security of cryptographic key management, ensuring compliance with financial industry regulations such as PCI DSS, GDPR, and FIPS 140-2/3.
* Drive secure generation, storage, distribution, rotation, revocation, and retirement of encryption keys across cloud, on-premises, and IoT environments.
* Maintain availability, integrity, and security of key management infrastructure, troubleshooting incidents and ensuring adherence to SLAs.
* Collaborate with security, cloud, infrastructure, and DevSecOps teams to integrate cryptographic services into enterprise applications, infrastructure, and IoT security frameworks.
This role requires close collaboration with security, IT, cloud, infrastructure, and application teams to maintain the availability, reliability, and security of key management services, supporting business-critical operations and financial transactions. We value professionals who can drive operational excellence and automation to enhance key lifecycle processes.
Requirements:
* Bachelor's degree in Computer Science, Cybersecurity, Information Security, or related field or equivalent work experience.
* 3+ years of experience in key management operations, cryptographic security, or information security within a financial institution or other regulated environment.
* Strong expertise in cryptographic key lifecycle management, including symmetric and asymmetric encryption, PKI, and HSMs (Hardware Security Modules).
* Experience with enterprise key management solutions (AWS KMS, Azure Key Vault, HashiCorp Vault, OCI KMS).
Additional requirements include familiarity with financial security regulations and standards, such as PCI DSS, FIPS 140-2/3, and NIST guidelines, as well as experience with IoT device security and embedded encryption techniques. Security certifications such as CISM, CISSP, CCSP, and AWS Security Specialty are also desirable. Experience with post-quantum cryptography (PQC) readiness and emerging cryptographic frameworks is a plus.