Lead Information Security Analyst Cryptography and PKI
Top focus
Lead Information Security Analyst – Cryptography & PKI Governance Wells Fargo is back in the office collaborating for fabulous outcomes. This role is in the office three days a week and work from home two days a week. There are no visa sponsorships or visa transfers for this role.
About this role: Wells Fargo is seeking a highly experienced Lead Information Security Analyst to serve as a technical leader and subject matter expert in cryptography, Public Key Infrastructure (PKI), digital certificate lifecycle management, and enterprise cryptographic governance.
This role requires a seasoned cryptography professional with significant hands-on experience in enterprise PKI, encryption, certificate lifecycle management, and key management. The successful candidate will be expected to operate as a recognized subject matter expert, provide technical leadership, and drive strategic initiatives across a complex enterprise environment.
This role provides strategic direction, risk oversight, and technical expertise across the firm's cryptographic ecosystem to help protect critical systems and data. The ideal candidate will bring deep expertise in encryption technologies, certificate management, cryptographic controls, and regulatory requirements within large financial institutions.
This individual will drive governance, risk management, automation, and modernization initiatives while partnering across cybersecurity, infrastructure, architecture, engineering, and application teams
In This Role, You Will
- Serve as a lead SME for enterprise cryptography, encryption technologies, PKI, certificate lifecycle management, and key management practices.
- Provide technical leadership for digital certificate governance across the enterprise.
- Partner with application, infrastructure, cloud, and security engineering teams to design secure cryptographic solutions and resolve complex technical challenges.
- Develop and maintain cryptographic policies, standards, governance frameworks, and control requirements.
- Assess cryptographic implementations and conduct risk assessments involving certificate management, key management, encryption controls, and trust architectures.
- Support audit, regulatory, and risk management activities related to cryptographic controls.
- Monitor emerging cryptographic threats and evaluate readiness for evolving standards, including Post-Quantum Cryptography (PQC).
- Provide expertise related to Hardware Security Modules (HSMs), including architecture, deployment, key custody, and operational controls.
- Lead initiatives to improve certificate discovery, inventory management, governance, and lifecycle automation.
- Evaluate and optimize certificate lifecycle management platforms including Venafi, DigiCert, HSMs, and related technologies.
- Analyze cryptographic, certificate, and asset datasets to identify risk trends, compliance gaps, and improvement opportunities.
- Design automation solutions, dashboards, and reporting capabilities that improve governance visibility and operational efficiency.
- Leverage approved AI-assisted tools to enhance analysis, reporting, and investigations.
- Mentor cybersecurity professionals and influence enterprise cryptographic strategy, roadmaps, and modernization efforts.
- Required Qualifications: 7+ years of experience in Information Security, Cryptography, PKI, Encryption, Key Management, or related cybersecurity disciplines within the financial services industry.
- Deep expertise in Public Key Infrastructure (PKI) and Digital Certificate Lifecycle Management.
- Strong knowledge of cryptographic principles, algorithms, encryption technologies, and key management processes.
- Experience supporting enterprise-scale certificate lifecycle management programs.
- Experience managing and governing certificate discovery and automation platforms such as Venafi, Keyfactor, DigiCert, or similar technologies.
- Strong understanding of Hardware Security Modules (HSMs), including deployment architectures, key protection mechanisms, and operational controls.
- Experience developing and implementing cryptographic policies, standards, governance frameworks, and control requirements.
- Strong understanding of regulatory, audit, and compliance requirements applicable to cryptographic controls within financial institutions.
- Experience conducting cryptographic risk assessments and remediation planning.
- Experience analyzing large datasets to identify risk exposure, policy non-adherence, and operational improvement opportunities.
- Demonstrated ability to solve complex cybersecurity challenges through scalable and sustainable solutions.
- Strong written and verbal communication skills with the ability to communicate effectively with technical teams, risk partners, auditors, and executive leadership
Desired Qualifications
- Expertise in emerging cryptographic standards and Post-Quantum Cryptography (PQC) readiness planning.
- Experience with cloud-native cryptographic services and enterprise key management solutions.
- Experience designing and implementing governance automation solutions.
- Experience with enterprise analytics and visualization platforms such as MS Power Platform, Tableau and ServiceNow Platform Analytics.
- Experience with configuration management and asset inventory platforms, including ServiceNow CMDB and Venafi datasets.
- Knowledge of AI-assisted automation, large language models, and workflow integration capabilities.
- Experience leading enterprise-wide cybersecurity initiatives and influencing strategic technology decisions.
- Relevant industry certifications such as CISSP, CCSP, CISM, CRISC, GCLD, GDSA, GLEG, GPCS, GCSA, GCLA, or vendor-specific PKI and cryptography certifications.
- Job Expectations: Act as the primary technical escalation point for complex cryptographic and PKI-related issues.
- Drive initiatives that improve cryptographic risk posture, governance maturity, automation, operational resilience, and audit readiness.
- Influence enterprise architecture and technology decisions involving cryptographic controls and trust services.
- Build strong partnerships across Cybersecurity, Technology Infrastructure, Architecture, Engineering, Risk, Audit, and Regulatory teams.
- Translate complex cryptographic concepts into actionable business and risk decisions.
- Pay Range Reflected is the base pay range offered for this position.
- Pay may vary depending on factors including but not limited to demonstrated examples of prior performance, skills, experience, or work location.
- Employees may also be eligible for incentive opportunities. $119,000.00 - $206,000.00 Benefits Wells Fargo provides eligible employees with a comprehensive set of benefits, many of which are listed below.
- Visit Benefits - Wells Fargo Jobs for an overview of the following benefit plans and programs offered to employees.
- Health benefits 401(k) Plan Paid time off Disability benefits Life insurance, critical illness insurance
- accident insurance Parental leave Critical caregiving leave Discounts and savings Commuter benefits Tuition reimbursement Scholarships for dependent children Adoption reimbursement Posting End Date: 30 Jul 2026 * Job posting may come down early due to volume of applicants.
- We Value Equal Opportunity Wells Fargo is an equal opportunity employer.
- All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran
- any other legally protected characteristic.
- Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company.
- They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance)
- includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues
- making sound risk decisions.
- There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit’s risk appetite and all risk and compliance program requirements.
- Applicants with Disabilities To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo .
- Drug and Alcohol Policy Wells Fargo maintains a drug free workplace.
- Please see our Drug and Alcohol Policy to learn more.
- Wells Fargo Recruitment and Hiring Requirements: a.
- Third-Party recordings are prohibited unless authorized by Wells Fargo. b.
- Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.