Senior Security Consultant, Cryptographic Service Management
We’re building a relationship‑oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what’s right for our clients.
What You’ll Be DoingAs a Senior Consultant, Cryptographic Service Management, you will join CIBC’s Information Security department to play a critical role in shaping and evolving the enterprise‑wide cryptographic strategy. This position focuses on ensuring the security and resilience of CIBC’s cryptographic services, including Hardware Security Modules (HSMs), key management, x.509 certificates, Public Key Infrastructure (PKI), cryptographic standards, and preparing for the Post‑Quantum Cryptography (PQC) era.
Your work will directly contribute to protecting Our Bank, Our Clients, and Our Employees by embedding security into the lifecycle of applications and data across the enterprise. You will act as a liaison between technology and business teams, serving as a subject matter expert (SME) for all things cryptography. You will also provide strategic insights, report on service performance using KPIs and KRIs, and ensure the department’s cryptographic services align with enterprise goals and industry best practices.
- Cryptographic Expertise:
Manage and oversee the development and maintenance of strategic roadmaps for the domain of Data Security, leveraging deep knowledge of cryptographic technologies, including HSMs, key management, x.509 certificates, PKI, and cryptographic standards. Collaborate with various stakeholders to gather requirements, develop business cases, and lead subsequent projects (including POCs) to support the strategy. Maintain a continuous improvement mindset, evaluating and implementing new cryptographic technologies such as Post‑Quantum Cryptography to address emerging threats and enhance the security of the domain.
Provide guidance on the secure design, implementation, and operation of cryptographic services across the enterprise. Direct the review, development, testing, and implementation of cryptographic security plans, products, and control techniques - Communication and Leadership:
Build and present documentation to executive management and leadership teams, effectively conveying complex cryptographic concepts, strategies, and the benefits of proposed security programs. Provide awareness and training to application development teams on cryptographic services, data protection, and industry best practices. Assess business needs against potential risks and communicate recommendations to enhance the organization’s information security landscape. Demonstrate exceptional collaboration and stakeholder management skills to drive alignment across diverse teams. - Advisory and Relationship Management:
Act as a trusted advisor within the broader team, influencing application development, operational, and infrastructure teams to integrate cryptographic security controls into their design, and product delivery. Stay abreast of the latest threat landscape, proactively assessing emerging threats and their impact on organizational security posture. Maintain relationships with peers from other banks and manage vendor relationships for security services and tools within the Cryptographic Services domain. - Analytical and Security Knowledge:
Define and report on KPIs and KRIs to measure cryptographic service performance and risk. Apply strong problem‑solving skills to analyze complex security challenges and propose effective solutions. Demonstrate a thorough understanding of enterprise security frameworks, data protection, risk management principles, and regulatory requirements and industry standards related to cryptographic security. Act as a security ambassador, advocating for cryptographic best practices and influencing infrastructure and application design activities.
You’ll Succeed
- Cryptographic Expertise:
Manage and oversee the development and maintenance of strategic roadmaps for the domain of Data Security, leveraging deep knowledge of cryptographic technologies, including HSMs, key management, x.509 certificates, PKI, and cryptographic standards. Collaborate with various stakeholders to gather requirements, develop…
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search: