Senior Consultant, Cryptographic Service Management

About The Position

Requirements

• 8 years of experience in cryptographic security concepts.
• Implemented cryptographic solutions and methodologies to ensure the secure design of applications and the protection of sensitive data.
• Been a key contributor to, or have led, cryptographic security initiatives such as encryption of data (at rest, in transit, and in use), as well as key management and cryptographic controls.
• Strong understanding of data governance, data privacy, and regulatory requirements related to cryptography.
• Passion for cryptographic security, vulnerability management, and adherence to industry cryptographic standards and best practices.
• Ability to identify needs and contribute to governance initiatives by bringing expertise gained in the cryptography field around practical security governance, including the development of CIBC policies, standards, procedures, and guidelines.
• Technical expertise in support of all activities, processes, procedures, and tools related to cryptographic services.
• Experience with key and certificate management systems, protocols, processes, as well as cryptographic hardware such as Hardware Security Modules (HSMs).
• CISSP, CISA, or CISM designation and are in good standing.
• Degree or diploma in Computer Science, Engineering, or a related field.
• Relationships and networks are essential to success.
• Inspire outcomes by sharing your expertise.
• Details matter. Notice things that others don't.
• Critical thinking skills help to inform your decision-making.
• Values matter to you. Bring your real self to work, and live our values: trust, teamwork, and accountability.

Nice To Haves

• Readiness for the Post-Quantum Cryptography (PQC) era.
• Experience with cloud, on-prem, containerized, and legacy application stacks.
• Experience with APIs, service accounts, authentication and authorization models (e.g., mTLS, OAuth), secrets management, CI/CD and IaC tooling, and operational monitoring.
• Experience with Public Key Infrastructure (PKI) and Certificate Authorities (CA).

Responsibilities

• Manage and oversee the development and maintenance of strategic roadmaps for the domain of Data Security, leveraging deep knowledge of cryptographic technologies, including HSMs, key management, X.509 certificates, PKI, and cryptographic standards.
• Collaborate with various stakeholders to gather requirements, develop business cases, and lead subsequent projects (including POCs) to support the strategy.
• Maintain a continuous improvement mindset, evaluating and implementing new cryptographic technologies such as Post-Quantum Cryptography to address emerging threats and enhance the security of the domain.
• Provide guidance on the secure design, implementation, and operation of cryptographic services across the enterprise.
• Direct the review, development, testing, and implementation of cryptographic security plans, products, and control techniques.
• Demonstrate deep, hands-on knowledge of system and application integration patterns required to operationalize cryptographic services and certificate automation at scale.
• Lead and support integrations between enterprise platforms, PKI/CA/key services, KMIP, IAM, network and infrastructure services, and diverse application stacks (cloud, on-prem, containerized, legacy).
• Define integration requirements and technical designs for key and certificate discovery, enrollment, renewal, rotation, revocation, and policy enforcement.
• Understand and guide the use of APIs, service accounts, authentication and authorization models (e.g., mTLS, OAuth), secrets management, CI/CD and IaC tooling, and operational monitoring to enable resilient automated certificate lifecycle management.
• Troubleshoot integration issues across application, middleware, and infrastructure layers to remove blockers and accelerate onboarding.
• Build and present documentation to executive management and leadership teams, effectively conveying complex cryptographic concepts, strategies, and the benefits of proposed security programs.
• Provide awareness and training to application development teams on cryptographic services, data protection, and industry best practices.
• Assess business needs against potential risks and communicate recommendations to enhance the organization’s information security landscape.
• Demonstrate exceptional collaboration and stakeholder management skills to drive alignment across diverse teams.
• Act as a trusted advisor within the broader team, influencing application development, operational, and infrastructure teams to integrate cryptographic security controls into their design and product delivery.
• Stay abreast of the latest threat landscape, proactively assessing emerging threats and their impact on organizational security posture.
• Maintain relationships with peers from other banks and manage vendor relationships for security services and tools within the Cryptographic Services domain.
• Define and report on KPIs and KRIs to measure cryptographic service performance and risk.
• Apply strong problem-solving skills to analyze complex security challenges and propose effective solutions.
• Demonstrate a thorough understanding of enterprise security frameworks, data protection, risk management principles, and regulatory requirements and industry standards related to cryptographic security.
• Act as a security ambassador, advocating for cryptographic best practices and influencing infrastructure and application design activities.

Benefits

• Competitive salary
• Incentive pay
• Banking benefits
• Benefits program
• Defined benefit pension plan
• Employee share purchase plan
• Vacation offering
• Wellbeing support
• MomentMakers, our social, points-based recognition program
• Purpose Day; a paid day off dedicated for you to use to invest in your growth and development