Security Solutions Principal - Cryptography, Key Management & Post-Quantum Readiness

Why WWT?At World Wide Technology, we work together to make a new world happen. Our important work benefits our clients and partners as much as it does our people and communities across the globe. WWT is dedicated to achieving its mission of creating a profitable growth company that is also a Great Place to Work for All. We achieve this through our world-class culture, generous benefits and by delivering cutting-edge technology solutions for our clients.Founded in 1990, WWT is a global technology solutions provider leading the AI and Digital Revolution. WWT combines the power of strategy, execution and partnership to accelerate digital transformational outcomes for organizations around the globe. Through its Advanced Technology Center, a collaborative ecosystem of the world's most advanced hardware and software solutions, WWT helps clients and partners conceptualize, test and validate innovative technology solutions for the best business outcomes and then deploys them at scale through its global warehousing, distribution and integration capabilities.With over 12,000 employees across WWT and Softchoice and more than 60 locations around the world, WWT's culture, built on a set of core values and established leadership philosophies, has been recognized 14 years in a row by Fortune and Great Place to Work® for its unique blend of determination, innovation and creating a great place to work for all.Want to work with highly motivated individuals on high-performance teams? Join WWT today!What is the Solutions Consulting & Engineering (SC&E) Team and why join?Solutions Consulting & Engineering is an organization that is Customer Focused and Solutions Led. We deliver end-to-end and emerging solutions to drive customer satisfaction, increase profitability and growth. Our success is enabled by our world-class management consulting, delivery excellence and engineering brilliance. Our goal is to bring together business acumen with full-stack technical know-how to develop innovative solutions for our clients' most complex challenges.Position Overview:We are seeking a highly experienced Principal Consultant specializing in enterprise cryptography, key management, and post-quantum readiness to lead strategic client engagements focused on cryptographic risk, encryption modernization, key lifecycle management, and quantum-resilient architecture.This role serves as a senior advisor to CISOs, architecture leaders, and risk executives, helping organizations design and execute comprehensive cryptographic programs that address current operational and regulatory requirements while building resilience against emerging quantum threats.The ideal candidate blends deep cryptographic expertise across key management, PKI, encryption operations, and post-quantum cryptography with consulting leadership and business acumen to translate complex cryptographic challenges into actionable, risk-based strategies.Key ResponsibilitiesClient Advisory & StrategyAdvise executives and security leaders on cryptographic risk, key management strategy, quantum readiness, and long-term encryption postureLead cryptographic maturity evaluations, PQC readiness assessments, and key management capability reviewsDevelop enterprise cryptographic roadmaps aligned to business risk, data classification, and regulatory driversPresent findings and recommendations to senior leadership and boardsCryptographic Discovery & InventoryLead enterprise-wide cryptographic asset discovery across algorithms, certificates, keys, protocols, and encryption dependenciesIdentify “harvest now, decrypt later” exposure and prioritize remediation based on data sensitivity and shelf lifeAssess third-party and supply chain cryptographic dependencies including SaaS providers, payment processors, certificate authorities, and embedded systemsDevelop cryptographic inventories that serve as the foundation for migration planning and risk quantificationKey Management & HSM OperationsDesign and assess enterprise key management programs covering the full lifecycle: generation, distribution, rotation, revocation, escrow, and destructionArchitect HSM strategies including capacity planning, clustering/HA models, and FIPS 140-2/140-3 validation requirementsEvaluate and recommend HSM platforms (Thales Luna, Entrust nShield, Utimaco) and cloud-native options (AWS CloudHSM, Azure Managed HSM, GCP Cloud HSM)Define governance over key custodianship, separation of duties, and key ceremony proceduresPKI Architecture & LifecycleDesign and assess PKI architectures including CA hierarchy, certificate lifecycle management, and trust modelsProvide guidance on automated enrollment protocols (ACME, SCEP, EST), certificate transparency, and private vs. public trust modelsLead PKI modernization efforts including migration from legacy Microsoft ADCS environmentsAdvise on code signing key management, firmware signing, and software supply chain integrityCryptographic Architecture & Engineering Design crypto-agility architectures supporting algorithm transitions, including hybrid key exchange implementations (e.g., ML-KEM combined with classical ECDH)Define and assess enterprise encryption standards: approved algorithm suites, minimum key lengths, deprecation policies, and exception processesProvide guidance on:TLS/IPsec/VPN modernization strategiesData-at-rest, data-in-transit, and data-in-use encryption controlsTokenization, format-preserving encryption, and data masking techniquesSupport integration of NIST-selected PQC algorithms into enterprise environmentsProgram LeadershipLead multi-phase cryptographic transformation programs across key management, PKI, encryption, and PQC migrationDefine governance models for cryptographic lifecycle managementDevelop policies, standards, and crypto baselinesEstablish risk-based migration strategies and prioritization models that account for data longevity versus quantum timeline estimatesCoordinate cross-functional collaboration across networking, application development, DevOps, and compliance teamRisk, Compliance & Standards Alignment Align programs to:NIST guidance (PQC, SP 800-57, SP 800-131A, etc.)ISO 27001/27002 cryptographic controlsRegulatory expectations (financial services, healthcare, government)Translate cryptographic risk into business and regulatory impactAssess cryptographic compliance posture across third-party and supply chain dependenciesThought LeadershipContribute to whitepapers, research, and industry presentationsSupport client workshops, tabletop exercises and executive briefingsMentor consultants and client teamsParticipate in industry working groups, standards bodies, or vendor advisory councils,Required Qualifications10+ years in cybersecurity with deep focus on cryptography and encryptionDemonstrated expertise in:Enterprise key management lifecycle design and operationsHSM architecture, deployment, and FIPS validation requirementsPKI architecture, certificate lifecycle management, and trust modelsCryptographic protocols and algorithms (symmetric, asymmetric, hashing, digital signatures)Encryption architectures across data states (at-rest, in-transit, in-use) in cloud and hybrid environmentsStrong understanding of Post-Quantum Cryptography concepts and enterprise migration challengesExperience advising large enterprises and regulated industriesExceptional communication and client-facing skillsPreferred QualificationsExperience with PQC algorithm evaluation, testing, and hybrid cryptographic implementationsFamiliarity with NIST PQC standardization outcomes and CNSA 2.0 migration timelinesKnowledge of crypto-agility frameworksExperience with cloud KMS platforms (AWS KMS, Azure Key Vault, GCP Cloud KMS) and cloud HSM servicesHands-on experience with secrets management platforms (HashiCorp Vault, CyberArk Conjur, cloud-native secrets managers)Experience with cloud KMS platforms (AWS, Azure, GCP)Familiarity with HSM vendor platforms (Thales Luna, Entrust nShield, Utimaco) and their PQC firmware roadmapsRelevant certifications (e.g., CISSP, CCSP, GSEC, or cryptography-focused credentials)Master’s or PhD in cryptography, computer science, or related fieldKey CompetenciesStrategic thinking and executive presenceAbility to simplify complex cryptographic conceptsStrong consulting and stakeholder management skillsRisk-based decision framingProgram and architecture leadershipCross-functional collaboration across security, networking, application development, DevOps, and compliance teamsWant to learn more about Consulting & Security Services? Check us out on our platform: https://www.wwt.com/consulting-serviceshttps://www.wwt.com/category/security-transformationCertain states and localities require employers to post a reasonable estimate of salary range. A reasonable estimate of the current base pay range for this position is $170,000 to $200,000 annually. Actual salary will be based on a variety of factors, including shift, location, experience, skill set, performance, licensure and certification, and business needs. The range for this position in other geographic locations may differ. Certain positions may also be eligible for variable incentive compensation, such as bonuses or commissions, that is not included in the base pay.The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees:Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness programFinancial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition ReimbursementPaid Time Off: PTO and Sick Leave (starting at 20 days per year) & Holidays (10 per year), Parental Leave, Military Leave, BereavementAdditional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount ProgramWe strive to create an environment where all employees are empowered to succeed based on their skills, performance, and dedication. Our goal is to cultivate a culture of belonging that encourages innovation, collaboration, and respect for all team members, ensuring that WWT remains a great place to work for All!If you have any questions or concerns about this posting, please email taposting@wwt.com.