Cloud Security Lead (Cryptography/NIST PQC)

Role Overview

We are seeking a consultant to support leading financial institutions in defining and executing their quantum security strategy. The role will focus on helping banks understand their cryptographic risk exposure, establish an initial cryptographic asset register, and develop practical roadmaps toward post-quantum cryptography (PQC) readiness using industry tools and frameworks.

This role is well suited for individuals with strong fundamentals in cryptography and security architecture, combined with the curiosity, adaptability, and discipline to continuously learn in a rapidly evolving domain.

Key Responsibilities

Support clients in assessing quantum-related cryptographic risks and strategies

Assist in the creation and maintenance of cryptographic asset inventories (algorithms, keys, certificates, protocols, dependencies).

Work with tools and platforms for cryptographic discovery and risk-analysis solutions.

Contribute to the development of quantum security and PQC transition strategies, including prioritization and phased roadmaps.

Translate complex cryptographic and quantum concepts into clear, business-relevant insights for senior stakeholders.

Collaborate with broader security, enterprise architecture, and risk teams within client organizations.

Stay current on developments in NIST PQC standards, cryptographic best practices, and regulatory expectations relevant to financial institutions

Required Skills & Experience

Solid foundational knowledge of cryptography, including symmetric/asymmetric encryption, hashing, key management, PKI, TLS, and certificates.

Understanding of how cryptography is implemented in enterprise and banking environments (applications, networks, cloud, data protection).

Background in cybersecurity, security architecture, or technology risk (consulting or in-house).

Ability to learn quickly and independently in new and emerging technical domains.

Strong analytical thinking and structured problem-solving skills.

Clear written and verbal communication skills, with the ability to explain technical topics to non-technical audiences.

Desired / Nice to Have

Exposure to post-quantum cryptography (PQC) concepts or quantum computing risk (formal or self-directed learning is acceptable).

Familiarity with cryptographic discovery, certificate management, or crypto-agility tooling.

Experience working with banks or regulated financial institutions.

Knowledge of security frameworks or standards (e.g., NIST, ISO 27001, MAS, RMiT, PCI DSS).