Cryptographic Key Operations Lead
We are seeking an experienced Cryptographic Key Operations Lead to oversee the end-to-end lifecycle management of cryptographic keys across cloud, on-premises, infrastructure and IoT environments.
This role ensures the secure generation, distribution, rotation, revocation, and retirement of encryption keys while maintaining compliance with regulatory and security policies. Additionally, the Key Operations Lead will manage and mentor a team of Key Management Engineers, driving operational excellence and automation to enhance key lifecycle processes.
This role requires close collaboration with security, IT, cloud, infrastructure, and application teams to maintain the availability, reliability, and security of key management services, supporting business-critical operations and financial transactions.
This role can be performed in a hybrid model, where you can balance work from home and office to match your needs and role requirements.
* Lead and manage a team of Key Management Engineers, providing guidance, mentoring, and technical leadership to ensure effective cryptographic key lifecycle management.
* Oversight of daily operations and security of cryptographic key management, ensuring compliance with financial industry regulations e.g. (PCI DSS, GDPR, FIPS 140-2/3).
* Drive the secure generation, storage, distribution, rotation, revocation, and retirement of encryption keys across cloud, on-premises, and IoT environments.
* Monitor and respond to key management incidents, such as key compromise, expiration, or policy violations, ensuring timely remediation and risk mitigation.
* Collaborate with security, cloud, infrastructure, and DevSecOps teams to integrate cryptographic services into enterprise applications, infrastructure and IoT security frameworks.
* Optimize and automate key management processes, leveraging APIs, key management platforms (KMS), security orchestration tools, and infrastructure-as-code (IaC) methodologies.
* Ensure high availability and reliability of key management services to support secure transactions and data protection.
What We Value
Develop and maintain detailed documentation of key management processes, procedures, and operational workflows.
Provide reporting and analysis on key usage, compliance, performance metrics, and risk exposure to senior leadership and auditors.
Stay up to date with emerging cryptographic technologies, security threats, and regulatory changes, ensuring that key management practices evolve accordingly.
Education & Preferred Qualifications
Bachelor's degree in Computer Science, Cybersecurity, Information Security, or related field or equivalent work experience.
8+ years of experience in key management operations, cryptographic security, or information security within a financial institution or other regulated environment.
Strong expertise in cryptographic key lifecycle management, including symmetric and asymmetric encryption, PKI, and HSMs (Hardware Security Modules).
Experience with enterprise key management solutions (AWS KMS, Azure Key Vault, HashiCorp Vault, OCI KMS)
Familiarity with financial security regulations and standards, such as PCI DSS, FIPS 140-2/3, and NIST guidelines.
Security certifications such as CISM, CISSP, CCSP, and AWS Security Specialty.
Experience with post-quantum cryptography (PQC) readiness and emerging cryptographic frameworks.
Experience with JIRA and Confluence.
Additional Requirements
Travel up to 25% may be required