VP, Encryption & PKI Senior Manager

The Information Technology (IT) organization is the technological foundation of our business and works in collaboration with our partners from across the company. The team drives technology and digital transformation and partners with business leaders to design and execute new strategies across the company. They also ensure the necessary IT risk management and security measures are in place and aligned with enterprise architecture standards and principles.

About The Role

The VP Senior Manager of Encryption & PKI will be a key leader in securing our organizations sensitive data and communications. This role is responsible for the design implementation maintenance and continuous improvement of our enterprise-wide encryption and Public Key Infrastructure (PKI) solutions. The successful candidate will help mature an enterprise encryption strategy policies and program lead a team of security engineers and analysts ensuring the robust and reliable operation of cryptographic services compliance with regulatory requirements and alignment with our overall cybersecurity strategy.

Responsibilities

• Lead and mentor a team of encryption and PKI specialists fostering a culture of technical excellence collaboration and continuous learning.
• Develop implement and maintain the enterprise encryption and PKI strategy roadmap policies standards and procedures.
• Oversee the lifecycle management of digital certificates keys and related systems
• Design implement and manage encryption solutions for data at rest data in transit and data in use across various platforms (cloud on-premises endpoints).
• Manage and administer Certificate Authorities (CAs) including both internal and external CA services.
• Ensure the availability integrity and confidentiality of cryptographic keys and services.
• Collaborate with development operations and other security teams to integrate encryption and PKI into new and existing applications and systems.
• Monitor and troubleshoot encryption and PKI-related issues providing expert-level support and problem resolution.
• Stay abreast of emerging encryption technologies standards and threats recommending and implementing appropriate countermeasures.
• Lead and participate in security audits assessments and compliance initiatives related to encryption and PKI (e.g. PCI DSS NYDFS GDPR NIST).
• Develop and deliver training and awareness programs on encryption and PKI best practices for various stakeholders.
• Manage vendor relationships for encryption and PKI tools and services.
• Ability to confidently articulate business risks and technical challenges to stakeholders.
• Be action oriented: Taking on new opportunities and tough challenges with a sense of urgency high-energy and enthusiasm.
• Balance stakeholders: Anticipating and balancing the needs of multiple stakeholders.
• Collaborate: Building partnerships and working collaboratively within and outside ISO (Information Security Office) organization to meet shared objectives.
• Communicate effectively: Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences.
• Cultivate innovation: Creating new and better ways for the organization to be successful.
• Be customer focused: Building strong customer relationships and delivering customer-centric solutions.
• Drive engagement: Creating a climate where people are motivated to do their best to help the organization achieve its objectives.
• Drive results: Consistently achieving results even under tough circumstances.
• Have a global perspective: Taking a broad view when approaching issues using a global lens.
• Be interpersonal savvy: Relating openly and comfortably with diverse groups of people.
• Manage complexity: Making sense of complex high quantity and sometimes contradictory information to effectively solve problems.
• Be able to optimize work processes: Knowing the most effective and efficient processes to get things done with a focus on continuous improvement.
• Be organizational savvy: Maneuvering comfortably through complex policy process and people-related organizational dynamics.
• Interpret and apply skills to build Encryption solutions to support globally dispersed businesses personnel and customers.

Please note this is not an exhaustive list of all responsibilities of the position and the requirements of the job may change in line with business needs.

Skills and Qualifications

• Minimum of 10 years of progressive experience in cybersecurity with at least 3-4 years specifically focused on encryption and PKI technologies.
• Minimum of 4 years of experience in a leadership or management role leading a team of security professionals.
• In-depth knowledge and hands-on experience with various cryptographic algorithms protocols and standards (e.g. AES RSA ECC TLS/SSL IPsec SSH S/MIME).
• Proven experience managing and administering enterprise PKI solutions (e.g. Microsoft AD CS Venafi DigiCert Keyfactor).
• Strong understanding of hardware security modules (HSMs) and key management principles.
• Experience with various encryption technologies for data at rest (e.g. Transparent Data Encryption disk encryption) data in transit (e.g. VPNs TLS) and data in use.
• Familiarity with cloud security principles and experience implementing encryption in cloud environments (AWS Azure GCP).
• Excellent communication interpersonal and presentation skills with the ability to explain complex technical concepts to non-technical audiences.
• Strong analytical and problem-solving skills with a meticulous attention to detail.
• Ability to work independently and as part of a team in a fast-paced dynamic environment.
• Experience working with both multiple 3rd party service providers and in a third-party services agreement function during separations/divestitures.
• Strong interpersonal skills with the ability to work with many levels of management and across multiple lines of business and corporate functions.
• Experience with scripting languages (e.g. Python PowerShell) for automation of PKI tasks.
• Experience with DevOps and CI/CD pipelines in a security context.
• Knowledge of quantum-safe cryptography and post-quantum cryptography (PQC) initiatives.
• Experience with enterprise key management systems (EKMS).

Compensation

The anticipated salary range for this position is $180000 to $200000 at the commencement of employment. Not all candidates will be eligible for the upper end of the salary range. The actual compensation offered will ultimately be dependent on multiple factors which may include the candidates geographic location skills experience and other qualifications.

In addition the position is eligible for a discretionary bonus in accordance with the terms of the applicable incentive plan.

Corebridge also offers a range of competitive benefits as part of the total compensation package as detailed below.

Work Location

This position is based in Corebridge Financials Houston TX and Durham NC offices and is subject to our hybrid working policy which gives colleagues the benefits of working both in an office and remotely.

Estimated Travel

Minimal travel