Security Solutions Principal - Cryptography, Key Management & Post-Quantum Readiness

Why WWT?

At World Wide Technology, we work together to make a new world happen. Our important work benefits our clients and partners as much as it does our people and communities across the globe. WWT is dedicated to achieving its mission of creating a profitable growth company that is also a Great Place to Work for All. We achieve this through our world-class culture, generous benefits and by delivering cutting-edge technology solutions for our clients.

Founded in 1990, WWT is a global technology solutions provider leading the AI and Digital Revolution. WWT combines the power of strategy, execution and partnership to accelerate digital transformational outcomes for organizations around the globe. Through its Advanced Technology Center, a collaborative ecosystem of the world's most advanced hardware and software solutions, WWT helps clients and partners conceptualize, test and validate innovative technology solutions for the best business outcomes and then deploys them at scale through its global warehousing, distribution and integration capabilities.

With over 12,000 employees across WWT and Softchoice and more than 60 locations around the world, WWT's culture, built on a set of core values and established leadership philosophies, has been recognized 14 years in a row by Fortune and Great Place to Work® for its unique blend of determination, innovation and creating a great place to work for all.

Want to work with highly motivated individuals on high-performance teams? Join WWT today!

What is the Solutions Consulting & Engineering (SC&E) Team and why join?

Solutions Consulting & Engineering is an organization that is Customer Focused and Solutions Led. We deliver end-to-end and emerging solutions to drive customer satisfaction, increase profitability and growth. Our success is enabled by our world-class management consulting, delivery excellence and engineering brilliance. Our goal is to bring together business acumen with full-stack technical know-how to develop innovative solutions for our clients' most complex challenges.

Position Overview:

We are seeking a highly experienced Principal Consultant specializing in enterprise cryptography, key management, and post-quantum readiness to lead strategic client engagements focused on cryptographic risk, encryption modernization, key lifecycle management, and quantum-resilient architecture.

This role serves as a senior advisor to CISOs, architecture leaders, and risk executives, helping organizations design and execute comprehensive cryptographic programs that address current operational and regulatory requirements while building resilience against emerging quantum threats.

The ideal candidate blends deep cryptographic expertise across key management, PKI, encryption operations, and post-quantum cryptography with consulting leadership and business acumen to translate complex cryptographic challenges into actionable, risk-based strategies.

Key Responsibilities

Client Advisory & Strategy

• Advise executives and security leaders on cryptographic risk, key management strategy, quantum readiness, and long-term encryption posture

• Lead cryptographic maturity evaluations, PQC readiness assessments, and key management capability reviews

• Develop enterprise cryptographic roadmaps aligned to business risk, data classification, and regulatory drivers

• Present findings and recommendations to senior leadership and boards

Cryptographic Discovery & Inventory

• Lead enterprise-wide cryptographic asset discovery across algorithms, certificates, keys, protocols, and encryption dependencies

• Identify "harvest now, decrypt later" exposure and prioritize remediation based on data sensitivity and shelf life

• Assess third-party and supply chain cryptographic dependencies including SaaS providers, payment processors, certificate authorities, and embedded systems

• Develop cryptographic inventories that serve as the foundation for migration planning and risk quantification

Key Management & HSM Operations

• Design and assess enterprise key management programs covering the full lifecycle: generation, distribution, rotation, revocation, escrow, and destruction

• Architect HSM strategies including capacity planning, clustering/HA models, and FIPS 140-2/140-3 validation requirements

• Evaluate and recommend HSM platforms (Thales Luna, Entrust nShield, Utimaco) and cloud-native options (AWS CloudHSM, Azure Managed HSM, GCP Cloud HSM)

• Define governance over key custodianship, separation of duties, and key ceremony procedures

PKI Architecture & Lifecycle

• Design and assess PKI architectures including CA hierarchy, certificate lifecycle management, and trust models

• Provide guidance on automated enrollment protocols (ACME, SCEP, EST), certificate transparency, and private vs. public trust models

• Lead PKI modernization efforts including migration from legacy Microsoft ADCS environments

• Advise on code signing key management, firmware signing, and software supply chain integrity

Cryptographic Architecture & Engineering

• Design crypto-agility architectures supporting algorithm transitions, including hybrid key exchange implementations (e.g., ML-KEM combined with classical ECDH)

• Define and assess enterprise encryption standards: approved algorithm suites, minimum key lengths, deprecation policies, and exception processes

• Provide guidance on:

• TLS/IPsec/VPN modernization strategies

• Data-at-rest, data-in-transit, and data-in-use encryption controls

• Tokenization, format-preserving encryption, and data masking techniques

• Support integration of NIST-selected PQC algorithms into enterprise environments

Program Leadership

• Lead multi-phase cryptographic transformation programs across key management, PKI, encryption, and PQC migration

• Define governance models for cryptographic lifecycle management

• Develop policies, standards, and crypto baselines

• Establish risk-based migration strategies and prioritization models that account for data longevity versus quantum timeline estimates

• Coordinate cross-functional collaboration across networking, application development, DevOps, and compliance team

Risk, Compliance & Standards Alignment

• Align programs to:

• NIST guidance (PQC, SP 800-57, SP 800-131A, etc.)

• ISO 27001/27002 cryptographic controls

• Regulatory expectations (financial services, healthcare, government)

• Translate cryptographic risk into business and regulatory impact

• Assess cryptographic compliance posture across third-party and supply chain dependencies

Thought Leadership

• Contribute to whitepapers, research, and industry presentations

• Support client workshops, tabletop exercises and executive briefings

• Mentor consultants and client teams

• Participate in industry working groups, standards bodies, or vendor advisory councils

Required Qualifications

• 10+ years in cybersecurity with deep focus on cryptography and encryption

• Demonstrated expertise in:

• Enterprise key management lifecycle design and operations

• HSM architecture, deployment, and FIPS validation requirements

• PKI architecture, certificate lifecycle management, and trust models

• Cryptographic protocols and algorithms (symmetric, asymmetric, hashing, digital signatures)

• Encryption architectures across data states (at-rest, in-transit, in-use) in cloud and hybrid environments

• Strong understanding of Post-Quantum Cryptography concepts and enterprise migration challenges

• Experience advising large enterprises and regulated industries

• Exceptional communication and client-facing skills

Preferred Qualifications

• Experience with PQC algorithm evaluation, testing, and hybrid cryptographic implementations

• Familiarity with NIST PQC standardization outcomes and CNSA 2.0 migration timelines

• Knowledge of crypto-agility frameworks

• Experience with cloud KMS platforms (AWS KMS, Azure Key Vault, GCP Cloud KMS) and cloud HSM services

• Hands-on experience with secrets management platforms (HashiCorp Vault, CyberArk Conjur, cloud-native secrets managers)

• Experience with cloud KMS platforms (AWS, Azure, GCP)

• Familiarity with HSM vendor platforms (Thales Luna, Entrust nShield, Utimaco) and their PQC firmware roadmaps

• Relevant certifications (e.g., CISSP, CCSP, GSEC, or cryptography-focused credentials)

• Master's or PhD in cryptography, computer science, or related field

Key Competencies

• Strategic thinking and executive presence

• Ability to simplify complex cryptographic concepts

• Strong consulting and stakeholder management skills

• Risk-based decision framing

• Program and architecture leadership

• Cross-functional collaboration across security, networking, application development, DevOps, and compliance teams

Want to learn more about Consulting & Security Services? Check us out on our platform:

https://www.wwt.com/consulting-services

https://www.wwt.com/category/security-transformation

Certain states and localities require employers to post a reasonable estimate of salary range. A reasonable estimate of the current base pay range for this position is $170,000 to $200,000 annually. Actual salary will be based on a variety of factors, including shift, location, experience, skill set, performance, licensure and certification, and business needs. The range for this position in other geographic locations may differ. Certain positions may also be eligible for variable incentive compensation, such as bonuses or commissions, that is not included in the base pay.

The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees:

• Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program

• Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement

• Paid Time Off: PTO and Sick Leave (starting at 20 days per year) & Holidays (10 per year), Parental Leave, Military Leave, Bereavement

• Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program

We strive to create an environment where all employees are empowered to succeed based on their skills, performance, and dedication. Our goal is to cultivate a culture of belonging that encourages innovation, collaboration, and respect for all team members, ensuring that WWT remains a great place to work for All!

If you have any questions or concerns about this posting, please email taposting@wwt.com.

#LI-TB1

WWT will consider for employment, without regard to disability, a disabled applicant who satisfies the requisite skill, experience, education, and other job-related requirements of the job and is capable of performing the essential requirements of the job with or without reasonable accommodation. World Wide Technology is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, sex (including pregnancy), sexual orientation, gender identity, national origin, age, disability, veteran status, genetic information, or other characteristics protected by law. We are committed to working with and providing reasonable accommodations to individuals with disabilities. If you have a disability and you believe you need a reasonable accommodation in order to search for a job opening or to submit an online application, please call 1-800-432-7008 and ask for Human Resources.