IT Governance Specialist

Job Title: IT Governance Specialist

Location: 100% Remote

Duration: Long Term (Extendable)

Must Have

• Advanced Encryption Standard (AES)
• Agile Project Management
• Hardware Security Modules (HSM)
• PKI Certificate Management
• See must haves in job description

Nice To Have

JOB DESCRIPTION

Position Summary:

Our highly regulated enterprise relies on a mix of on-prem, cloud, and hybrid encryption platforms to protect customer and corporate data. We need a hands-on security professional who can translate encryption into practical guidance, coach stakeholders, and drive consistent use of approved encryption services across the Bank. The primary responsibility of this position will be governance of the processes, and platforms that make encryption work at scale while providing guidance to consumers of Bank encryption technologies.
Primary Responsibilities:

• Plan, prioritize, and track governance initiatives; produce status dashboards and executive readouts.
• Track program risks and issues to closure
• Create reference architectures so application and tech owners choose approved solutions within their scope.
• Build a catalog of on-prem PKI, cloud KMS, tokenization, TDE, and related services.
• Draft and maintain enterprise encryption standards aligned with common industry benchmarks and audit requirements
• Publish concise explainers, demos, and FAQs for new and existing application owners.
• Run application onboarding sessions that explain key-management lifecycles, HSM/KMS options

Must Have Requirements:

• Project management experience
• Proven experience in PKI management and digital certificate lifecycle management.
• Strong understanding of cryptographic principles and security protocols.
• Excellent problem-solving skills and attention to detail.
• Effective communication and collaboration skills.

Nice to Have Requirements:

• Experience working in a Financial Institution or other heavily regulated industry with a concentration on risk reduction
• Familiarity with PCI Requirements
• Familiarity with Privacy Regulations

Qualifications:

• Degree or equivalent work experience in related discipline (Data Management, Computer Science, Information Technology, etc.)
• Solid understanding of certificate lifecycles, key-custodian duties, and cryptographic best practices
• Experience implementing PKI and enterprise key-management platforms (ex. Microsoft AD CS, Entrust, AWS KMS, HashiCorp Vault)
• Demonstrated ability to write security standards/policies and explain technical concepts to non-technical audiences.
• Proven project-coordination and organizational skills, including the ability to manage multi-work-stream efforts, dependencies, and metrics.