Jobs · Engineering · Massachusetts

Cryptography Engineer, Vice President

State Street · Quincy, MA · 6 days ago
Engineering$120k–$203k/yrFull-time

What You Will Be Responsible For

  • Design, implement, and operate enterprise PKI platforms, Certificate Authorities (CAs), and trust services.
  • Manage the lifecycle of digital certificates including issuance, renewal, revocation, monitoring, and discovery.
  • Led the engineering and adoption of certificate automation technologies including ACME, EST, SCEP, and API-based integrations.
  • Design and maintain enterprise key management solutions and cryptographic controls supporting applications, infrastructure, cloud platforms, and machine identities.
  • Partner with application and infrastructure teams to onboard systems to enterprise PKI and certificate management services.
  • Engineer secure solutions for code signing, SSH certificates, workload identities, and machine-to-machine authentication.
  • Drive migration from legacy and unmanaged certificates to enterprise-standard certificate management platforms.
  • Develop automation solutions that improve operational efficiency, scalability, and compliance.
  • Support cloud cryptography integrations with Azure, AWS, and other strategic technology platforms.
  • Participate in security architecture reviews to ensure cryptographic controls meet corporate standards and industry best practices.
  • Monitor cryptographic risks, identify control gaps, and implement remediation plans.
  • Support audit, compliance, regulatory, and risk management activities related to cryptography and PKI.
  • Produce operational metrics, risk indicators, and reporting for senior management and governance forums.
  • Contribute to the firm's post-quantum cryptography (PQC) strategy and cryptographic agility initiatives.

What We Value

  • Deep understanding of Public Key Infrastructure (PKI) and X.509 certificate technologies.
  • Strong knowledge of cryptographic algorithms, protocols, and security architectures.
  • Experience managing enterprise Certificate Authorities and certificate lifecycle platforms.
  • Experience with certificate automation technologies and machine identity management.
  • Knowledge of Hardware Security Modules (HSMs), key management systems, and cryptographic controls.
  • Experience supporting cloud-native security services within Azure and AWS environments.
  • Experience integrating security controls into DevOps and CI/CD pipelines.
  • Strong understanding of authentication, identity, and access management concepts.
  • Knowledge of regulatory and industry standards including NIST, PCI-DSS, FFIEC, and related security frameworks.
  • Strong troubleshooting, analytical, and problem-solving skills.
  • Able to communicate effectively with technical and executive stakeholders.

Similar jobs

Cryptography Engineer

Valiant SolutionsUnited States· 1 wk ago
RemoteEngineering$145k–$165k/yrapply on careers-valiantsolutions.icims.com