Security Specialist – PKI, Cryptography & Signing Workflow SS 0603 RD#06

Job Title: Security Specialist PKI Cryptography & Signing Workflow (BFSI)
Location: Greater Toronto Area (GTA) Canada

Prior experience in Banking or regulated BFSI environments isnon-negotiable

Position Overview

We are seeking a highly specialized Security Specialist with deep expertise in Public Key Infrastructure (PKI) OpenSSL and secure signing workflows to support critical security and governance initiatives within a regulated Banking / Financial Services environment.

This role will focus on strengthening cryptographic controls managing certificate lifecycles and ensuring secure chain of custody and code/artifact signing processes across enterprise systems.

Key Responsibilities

PKI & Cryptography Management

• Design implement and manage enterprise PKI infrastructure
• Administer certificate lifecycle management (issuance renewal revocation)
• Ensure proper key management practices and secure storage of cryptographic materials
• Utilize OpenSSL for certificate generation validation and troubleshooting

Signing Workflow & Chain of Custody

• Design and enforce secure code/artifact signing workflows
• Maintain chain of custody for signed artifacts and cryptographic assets
• Implement controls to ensure integrity authenticity and non-repudiation of software and data

Governance & Compliance

• Ensure cryptographic controls comply with BFSI regulatory and security requirements
• Support audit remediation efforts and maintain audit-ready documentation
• Develop and enforce policies standards and procedures related to PKI and cryptography

Security Operations & Risk Management

• Monitor and assess vulnerabilities related to cryptographic implementations
• Conduct risk assessments and recommend remediation strategies
• Collaborate with security infrastructure and application teams to resolve issues

Stakeholder Collaboration

• Work closely with Internal Audit Risk and Compliance teams
• Provide guidance to development and infrastructure teams on secure implementation practices
• Communicate security risks and recommendations to technical and non-technical stakeholders

Required Qualifications

• 58 years of experience in Information Security with strong focus on PKI and cryptography
• Mandatory experience within Banking or regulated Financial Services environments
• Hands-on expertise with PKI infrastructure and certificate lifecycle management
• Strong experience with OpenSSL and cryptographic tools
• Proven experience designing or supporting signing workflows and chain of custody processes
• Solid understanding of encryption standards key management and security best practices
• Experience supporting audit and regulatory compliance initiatives

Preferred Qualifications

• Certifications such as CISSP CISM or equivalent
• Experience with Hardware Security Modules (HSMs)
• Familiarity with DevSecOps and secure software development practices
• Knowledge of regulatory standards (e.g. PCI-DSS OSFI guidelines ISO 27001)
• Experience with automation and scripting (Python Shell etc.)

Key Competencies

• Strong analytical and problem-solving skills
• High attention to detail and security-focused mindset
• Effective communication and stakeholder engagement skills
• Ability to work in complex regulated environments

Additional Requirements

• Prior experience in Banking or regulated BFSI environments is non-negotiable
• Ability to work in a hybrid/on-site model within the GTA region
• Willingness to support audits and critical security initiatives

For more details reach at .

About Navitas Partners LLC: It is a certified WBENC and one of the fastest-growing healthcare staffing firms in the US providing Medical Clinical and Non-Clinical services to numerous hospitals. We offer the most competitive pay for every position we cater. We understand this is a partnership. You will not be blindsided and your salary will be discussed upfront.