PKI Security Architect

About the RoleIn today's digital landscape, Public Key Infrastructure (PKI) is the cornerstone of trust—securing communications, protecting identities, and ensuring data integrity across the most critical systems. As cyber threats evolve, so must this core security infrastructure. At the forefront of this transformation is the emergence of quantum computing, a technological breakthrough that will pose a significant risk to current cryptographic systems. To safeguard against the future threats posed by quantum computing, we are embarking on a critical journey to transition to post-quantum cryptography (PQC), ensuring our PKI infrastructure remains secure, resilient, and future proof.

We are looking for a highly skilled and experienced PKI Security Architect to join our Cryptography Centre of Excellence and play a pivotal role in this strategic transformation. In this function, you will design the security and cryptographic evolution of our PKI infrastructure, ensuring its architecture remains secure, robust, and scalable, to fulfil our future business needs. This is a unique opportunity to contribute to the future of digital trust, shaping the transition to the next generation of cryptography, while ensuring strong governance of our PKI systems in a rapidly changing technological landscape.

If you're passionate about Public Key Infrastructure, cryptography, and eager to make impact, at the heart of a strategic transformation, to the future of cybersecurity, we want you to be part of this exciting journey.

What to expect

• Define a broad enterprise PKI strategy and reach alignment across the organization.
• Design the security architecture for a state-of-the-art and future-proof PKI infrastructure, with adequate Certificate Authority (CA) topology, PKI technology, certificate lifecycle management tools and other components.
• Lead the strategic transition of the PKI infrastructure to Post-Quantum Cryptography (PQC), ensuring that cryptographic systems are designed with cryptographic agility in mind.
• Closely collaborate with the IT and Operations teams in charge of deploying and operating the PKI infrastructure.
• Oversee critical PKI processes such as root key ceremonies and other essential CA processes to maintain the integrity and trust of our PKI systems. Develop and maintain detailed documentation of PKI processes.
• Ensure proper governance framework, certificate policies and practices statement are implemented and maintained.
• Define and implement robust and reliable incident, response, and recovery procedures. 
• Ensure compliance with relevant regulations and industry standards. Support internal and external audit reviews.
• Act as PKI centre of expertise, providing specialized knowledge and guidance on all aspects of PKI systems.
• Keep abreast with the latest trends, technologies, and industry best practices and serve as a key advisor.

What you need to be successful

• Master’s degree in information technology, computer science, cybersecurity, or a related field.
• Over 10 years of professional experience, of which at least 3 years with proven track records in designing, deploying, managing, or auditing PKI infrastructures.
• Expertise in classic and post quantum cryptography, asymmetric algorithms (RSA, ECC, ECDH, ML-KEM, ML-DSA), and related protocols and standards (TLS, IPSec, S/MIME, CMS, XMLDsig…).
• Strong PKI expertise, including on digital certificates (X.509), public/private key, digital signature, non-repudiation, certificate revocation lists, key management, hardware security modules, ...
• Hands-on experience with Certification Authority and certificate lifecycle management solutions, such as Microsoft CA, Entrust, Venafi, AppViewX, Keyfactor or OpenSSL.
• Experience in developing, implementing, and managing PKI governance frameworks, policies and procedures (eg. policy management authority, certificate policies and practices statement, …).
• In-depth knowledge of PKI-relevant industry regulations and compliance standards.
• Excellent communication skills, with the ability to articulate complex technical concepts to non-expert audience.
• Drive and dynamism, with a strong result-orientation are also critical to your future success.

              

              

What we offer

We put you in control of career

We give you a competitive package

We help you perform at your best

We help you make a difference

We give you the freedom to be yourself

              

We give you the freedom to be yourself. We are creating an environment of unique individuals – like you – with different perspectives on the financial industry and the world. An environment in which everyone’s voice counts and where you can reach your full potential regardless of age, background, culture, colour, disability, gender, nationality, race, religion, sexual orientation, or veteran/military status.