Senior PKI & Cryptography Architect; Nokia NCM​/NCLM & Thales HSM

Position: Senior PKI & Cryptography Architect (Nokia NCM/NCLM & Thales HSM)
Location: Bengaluru

We are seeking a highly experienced  Senior Data Security Consultant  to serve as the Subject Matter Expert (SME) and Solution Architect for enterprise cryptography, Public Key Infrastructure (PKI), and data protection solutions within the Data Protection / Data Security Tower.
The ideal candidate will lead end-to-end architecture, implementation, governance, and optimization of encryption and key management frameworks supporting a Managed Security Services (MSS) program. This role requires deep hands-on expertise in Nokia cryptographic platforms, HSM integration, and regulatory compliance within Saudi cybersecurity frameworks.

Key Responsibilities
Define and lead the  enterprise PKI and cryptographic key management strategy , ensuring alignment with MSS objectives and national regulatory frameworks including National Cybersecurity Authority (NCA) and Communications, Space & Technology Commission (CST).
Architect and design  multi-tier PKI environments using Nokia NCM and Nokia NCLM (MANDATORY).
Lead implementation and lifecycle management of  Hardware Security Modules (HSM) , specifically  Thales HSM (MANDATORY) , ensuring secure key generation, storage, rotation, and high availability.
Evaluate and oversee readiness of  Quantum Key Distribution (QKD)  technologies and next-generation encryption frameworks.
Establish governance frameworks for:
Cryptographic algorithm selection
Key lifecycle management
Certificate hierarchy design
Cryptographic resilience and policy enforcement
Conduct security architecture reviews, audits, and compliance assessments aligned with:
ISO 27001
NCA Cybersecurity Controls
CST regulatory frameworks
Collaborate with Infrastructure, Identity & Access Management, and End-User Device towers to ensure secure interoperability across hybrid environments.
Lead Proof of Concepts (PoCs) for advanced cryptographic solutions and quantum-resistant encryption standards.
Provide expert technical leadership, mentor engineering teams, and ensure full audit readiness of all data protection systems.
Mandatory Requirements (Non-Negotiable)
Candidates  must meet all  of the following criteria:
Minimum  8+ years of experience  in PKI design, cryptographic architecture, and enterprise data protection operations.
Hands-on expertise in Nokia NCM and Nokia NCLM platforms (MANDATORY).
Proven experience implementing and managing  Thales HSM solutions (MANDATORY).
Strong experience designing PKI for hybrid and enterprise-scale infrastructures.
In-depth knowledge of:
Cryptographic algorithms (RSA, ECC, SHA-2/3, AES, etc.)
Certificate Authority (CA) hierarchy design
Key lifecycle management
Quantum-safe cryptographic principles
Experience working within Saudi cybersecurity compliance frameworks:
NCA
CST
Experience supporting ISO 27001-aligned audit programs.
Preferred Certifications
Nokia NCM / NCLM Expert Certification
Thales Certified Architect (or equivalent HSM certification)
CISSP-ISSAP
CCSP
ISO 27001 Lead Implementer
Educational Qualifications
Bachelor’s or Master’s degree in Cybersecurity, Information Assurance, Computer Science, or a related discipline.
Shift Coverage
8×5 operational coverage (morning and evening shifts)
On-call rotation for P1 and P2 incidents
Reporting Line

Reports to:

Data Protection / Data Security Tower Lead
Tools & Platforms (Mandatory Exposure)
Nokia NCM
Nokia NCLM
Thales HSM
Quantum Key Distribution (QKD) Systems
Certificate Lifecycle Management Platforms
Cryptographic Audit & Compliance Tools

Seniority Level
Mid-Senior level
Industry
IT Services and IT Consulting

Employment Type

Full-time
Job Functions
Information Technology
Skills
PKI
Cryptography
Hardware Security Module (HSM)
Key Management
Encryption
Information Security
Certificate Management
Data Security
ISO 27001