Cryptographic Key Management Operations Lead – Vice President
| Company | State Street |
|---|---|
| Location | London, UK, Austin, TX, USA, Berwyn, PA, USA, Princeton, NJ, USA, Paterson, NJ, USA, Quincy, MA, USA, Dublin, Ireland |
| Salary | $130000 – $205000 |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Senior, Expert or higher |
Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, Information Security, or related field or equivalent work experience.
- 8+ years of experience in key management operations, cryptographic security, or information security within a financial institution or other regulated environment.
- Strong expertise in cryptographic key lifecycle management, including symmetric and asymmetric encryption, PKI, and HSMs (Hardware Security Modules).
- Experience with enterprise key management solutions (AWS KMS, Azure Key Vault, HashiCorp Vault, OCI KMS)
- Familiarity with financial security regulations and standards, such as PCI DSS, FIPS 140-2/3, and NIST guidelines.
- Security certifications such as CISM, CISSP, CCSP, and AWS Security Specialty.
- Experience with post-quantum cryptography (PQC) readiness and emerging cryptographic frameworks.
- Experience with JIRA and Confluence.
Responsibilities
- Lead and manage a team of Key Management Engineers, providing guidance, mentoring, and technical leadership to ensure effective cryptographic key lifecycle management.
- Oversee the daily operations and security of cryptographic key management, ensuring compliance with financial industry regulations e.g. (PCI DSS, GDPR, FIPS 140-2/3).
- Drive the secure generation, storage, distribution, rotation, revocation, and retirement of encryption keys across cloud, on-premises, and IoT environments.
- Monitor and respond to key management incidents, such as key compromise, expiration, or policy violations, ensuring timely remediation and risk mitigation.
- Collaborate with security, cloud, infrastructure, and DevSecOps teams to integrate cryptographic services into enterprise applications, infrastructure and IoT security frameworks.
- Optimize and automate key management processes, leveraging APIs, key management platforms (KMS), security orchestration tools, and infrastructure-as-code (IaC) methodologies.
- Ensure high availability and reliability of key management services to support secure transactions and data protection.
Preferred Qualifications
- Develop and maintain detailed documentation of key management processes, procedures, and operational workflows.
- Provide reporting and analysis on key usage, compliance, performance metrics, and risk exposure to senior leadership and auditors.
- Stay up to date with emerging cryptographic technologies, security threats, and regulatory changes, ensuring that key management practices evolve accordingly.