Cryptography Engineer, Vice President

Cryptography Engineer, Vice President Who we are looking for The Cryptography Engineer, Vice President will serve as a senior member of the Global Cybersecurity organization responsible for the design, engineering, automation, and operation of enterprise cryptographic services.

This role will lead the implementation and support of Public Key Infrastructure (PKI), certificate lifecycle management, key management solutions, and cryptographic security controls across the enterprise. The successful candidate will partner with application, infrastructure, cloud, security, and architecture teams to deliver secure, scalable, and automated cryptographic services that support the firm's security, regulatory, and operational requirements.

This position requires a strong combination of engineering expertise, operational leadership, and strategic thinking to modernize cryptographic capabilities, reduce risk, and support the organization's cryptographic agility and post-quantum readiness initiatives.

What you will be responsible for As a Cryptography Engineer, VP you will: Design, implement, and operate enterprise PKI platforms, Certificate Authorities (CAs), and trust services. Manage the lifecycle of digital certificates including issuance, renewal, revocation, monitoring, and discovery.

Lead the engineering and adoption of certificate automation technologies including ACME, EST, SCEP, and API-based integrations. Design and maintain enterprise key management solutions and cryptographic controls supporting applications, infrastructure, cloud platforms, and machine identities.

Partner with application and infrastructure teams to onboard systems to enterprise PKI and certificate management services. Engineer secure solutions for code signing, SSH certificates, workload identities, and machine-to-machine authentication.

Drive migration from legacy and unmanaged certificates to enterprise-standard certificate management platforms. Develop automation solutions that improve operational efficiency, scalability, and compliance. Support cloud cryptography integrations with Azure, AWS, and other strategic technology platforms.

Participate in security architecture reviews to ensure cryptographic controls meet corporate standards and industry best practices. Monitor cryptographic risks, identify control gaps, and implement remediation plans. Support audit, compliance, regulatory, and risk management activities related to cryptography and PKI.

Produce operational metrics, risk indicators, and reporting for senior management and governance forums. Contribute to the firm's post-quantum cryptography (PQC) strategy and cryptographic agility initiatives. Document standards, procedures, architectures, and operational practices.

Provide technical leadership and mentoring to engineers and project teams. What we value These skills will help you succeed in this role Deep understanding of Public Key Infrastructure (PKI) and X.509 certificate technologies. Strong knowledge of cryptographic algorithms, protocols, and security architectures.

Experience managing enterprise Certificate Authorities and certificate lifecycle platforms. Experience with certificate automation technologies and machine identity management. Knowledge of Hardware Security Modules (HSMs), key management systems, and cryptographic controls.

Experience supporting cloud-native security services within Azure and AWS environments. Experience integrating security controls into DevOps and CI/CD pipelines. Strong understanding of authentication, identity, and access management concepts.

Knowledge of regulatory and industry standards including NIST, PCI-DSS, FFIEC, and related security frameworks. Strong troubleshooting, analytical, and problem-solving skills. Ability to communicate effectively with technical and executive stakeholders.

Education & Preferred Qualifications Bachelor's degree in Computer Science, Engineering, Information Security, or related field. 7+ years of experience in Cybersecurity, Cryptography, PKI, or Security Engineering. 5+ years of experience designing and operating enterprise PKI and certificate management solutions.

Professional certifications such as CISSP, CCSP, GIAC, Security+, or equivalent are preferred. Experience with KeyFactor, DigiCert, Microsoft ADCS, Venafi, Sectigo, or similar platforms is highly desirable. Experience with cryptographic agility and post-quantum cryptography initiatives is preferred.

Why this role is important to us Cryptography forms the foundation of trust across the enterprise. This role is responsible for securing digital identities, protecting sensitive information, enabling secure communications, and ensuring compliance with internal and external security requirements.

As State Street continues its modernization, automation, and post-quantum readiness journey, this position will play a critical role in advancing the enterprise cryptography strategy and securing the firm's future digital ecosystem. Salary Range: $120,000 - $202,500 Annual The range quoted above applies to the role in the primary location specified.

If the candidate would ultimately work outside of the primary location above, the applicable range could differ. Employees are eligible to participate in State Street’s comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee Assistance Program; incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans); and, eligibility for certain tax advantaged savings plans.

For a full overview, visit https://hrportal.ehr.com/statestreet/Home . About State Street Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.

We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you’ll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most.

Join us in shaping the future. As an Equal Opportunity Employer, we consider all qualified applicants for all positions without regard to race, creed, color, religion, national origin, ancestry, ethnicity, age, disability, genetic information, sex, sexual orientation, gender identity or expression, citizenship, marital status, domestic partnership or civil union status, familial status, military and veteran status, and other characteristics protected by applicable law.

Discover more information on jobs at StateStreet.com/careers Read our CEO Statement Job Application Disclosure: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment.

An employer who violates this law shall be subject to criminal penalties and civil liability.