Implement and maintain the enterprise cryptographic strategy, ensuring alignment with security, compliance, and business objectives
Define and maintain key lifecycle management processes and procedures, including key generation, rotation, revocation, and decommissioning for cloud, on-premises, and IoT environments
Support the deploy of centralized Key Management Systems (KMS), including cloud-native KMS (AWS KMS, Azure Key Vault, OCI KMS), and enterprise HSMs
Ensure robust data encryption methodologies are applied to data stored in databases, applications, and IoT connected devices
Collaborate with cloud security and DevSecOps teams to integrate encryption and key management into CI/CD pipelines and Infrastructure as Code (IaC) deployments
Develop IoT encryption frameworks to secure IoT devices
Support the integration of encryption solutions into applications, databases, cloud services, IoT platforms, and enterprise infrastructure
Collaborate with application security, infrastructure, and DevSecOps teams to embed cryptographic security controls into software development and deployment processes
Support post-quantum cryptography (PQC) readiness by evaluating and preparing for emerging threats to encryption security
Ensure compliance with NIST 800-57, PCI DSS, FIPS 140-2/3, ISO 27001, GDPR, FFIEC, and IoT security (NIST 800-183, ETSI EN 303 645)
Developing governance frameworks for encryption and cryptographic key management, including policies for key storage, access control, logging, and auditing
Conduct risk assessments, vulnerability testing, and security reviews for cryptographic implementations, IoT ecosystems, and cloud security controls
Act as a key stakeholder in security audits, regulatory assessments, and IoT security standardization efforts
Provide Technical support and training to internal teams on encryption best practices, cloud security, and IoT security
Stay ahead of advancements in cryptographic algorithms, quantum computing risks, and emerging IoT security frameworks
Drive innovation in encryption automation, integrating key management with DevSecOps, and Infrastructure as Code (IaC)

Requirements

multiyear (>4 years) experience within Cybersecurity including SecOps, Cloud Security, and secure architecture
Bachelor's Degree in Computer Science/Engineering, related discipline, or equivalent work experience
Certifications such as CISSP, CISM, AWS Security Specialty, HashiCorp Certified Vault Associate or CCSK
Strong proficiency in Python, PowerShell, Bash, or Java
Understanding of cryptographic algorithms (AES, RSA, ECC), hardware security modules (HSMs), and secure key storage practices
Experience working in financial institutions or other highly regulated industries
Hands-on Experience with key management systems (Fortanix, ASW KMS, Azure Key Vault, OCI KMS)
Experience with Kubernetes, Terraform, Ansible, Chef, and CI/CD automation.

Benefits

our retirement savings plan (401K) with company match
insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages
paid-time off including vacation, sick leave, short term disability, and family care responsibilities
access to our Employee Assistance Program
incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans)
eligibility for certain tax advantaged savings plans

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cryptographic strategykey lifecycle managementdata encryption methodologiesIoT encryption frameworkspost-quantum cryptographyrisk assessmentsvulnerability testingsecurity reviewscryptographic algorithmssecure key storage practices

Soft Skills

collaborationtechnical supporttraininginnovation

Certifications

CISSPCISMAWS Security SpecialtyHashiCorp Certified Vault AssociateCCSK