Associate Director IT Security Engineering

Pay and Benefits:

• Lead the design, build, and operationalization of the enterprise PQC CBOM (Crypto Bill of Materials) covering:
  • Certificates, keys, algorithms, protocols, HSM usage, and cryptographic dependencies
  • On‑prem, cloud, hybrid, and third‑party platforms
• Establish CBOM as an authoritative inventory for cryptographic assets and ownership
• Drive PQC readiness assessments, risk classification, and remediation prioritization
• Define crypto‑agility strategies aligned with NIST PQC standards and transition timelines
• Partner with vendors and internal platform teams to assess and track PQC migration readiness
• Experience in enterprise PKI architecture and strategy (internal CAs, public CAs, hybrid models)
• Solid Experience in certificate lifecycle management (discovery, issuance, renewal, revocation, automation)
• Govern and modernize TLS / mTLS, Code‑signing certificates, S/MIME, device and workload certificates
• Drive automation for certificate operations and eliminate manual, high‑risk processes
• Provide technical leadership across:
  • Asymmetric and symmetric cryptography
  • Key management systems (KMS)
  • Hardware Security Modules (HSMs)
  • Tokenization and secrets management
• Ensure cryptographic controls meet regulatory, audit, and resiliency requirements
• Partner with IAM automation teams to embed crypto controls into IaC and CI/CD pipelines
• Work closely with network and infrastructure teams on:
  • TLS inspection, ingress/egress security
  • Secure protocols (TLS, SSH, IPSec, VPN)
  • Ensure cryptographic consistency across Cloud platforms, SaaS and third‑party integrations
• Establish cryptographic governance models, policies, and standards
• Provide executive‑level reporting on:
  • PQC readiness
  • Cryptographic risk exposure
  • CBOM coverage and maturity
• Lead and mentor senior engineers and architects across crypto and IAM domains
• Act as the enterprise SME and thought leader for PQC, PKI, and cryptographic risk

Talent Needed for Success

• 12+ years in cybersecurity, cryptography, PKI or IAM
• Proven experience leading large‑scale PKI or cryptographic transformation programs
• Hands‑on experience building or operating crypto inventories, discovery, or governance platforms
• Strong expertise in:
  • PKI architectures and CA operations
  • Certificate lifecycle management platforms
  • Cryptographic algorithms (RSA, ECC, hybrid, PQC concepts)
  • Key management, HSMs, tokenization
  • Solid understanding of NIST PQC standards, quantum threat models, TLS, SSH, IPSec, mTLS, and secure network protocols
  • Experience integrating cryptography with Cloud platforms, CI/CD pipelines and Infrastructure‑as‑Code (IaC)
• Ability to lead cross‑functional teams across security, network, cloud, and application domains
• Strong stakeholder management and executive communication skills
• Experience driving security programs in regulated or highly controlled environments
• Familiarity with CBOM / SBOM / HBOM concepts and standards.
• Experience with enterprise certificate management tools
• Experience with Power BI / analytics for security reporting
• Experience with datawarehouse tools will be an advantage.

To maintain strong alignment between IT and the business, we are bringing together all Solutions-focused teams under a unified technology organization, IT Solutions. The newly-formed IT Solutions department combines Application Development and Enterprise Application Support functions, allowing us to leverage synergies to support the Solutions business lines.