Senior PKI Encryption Engineer

This role offers a hybrid work schedule; offering the flexibility to work remotely two days a week, while providing the opportunity for in-person collaboration at the Seneca One location in Buffalo, NY.

Overview:

We are seeking a highly skilled Senior PKI Encryption Engineer, where you'll play a crucial role in ensuring the security and integrity of our infrastructure. This pivotal role involves leading the design and implementation of our Public Key Infrastructure (PKI) and encryption solutions. The ideal candidate will exhibit expertise in cryptographic protocols, possess a deep understanding of PKI, and demonstrate the ability to create and maintain secure cryptographic environments. This is a senior-level position that requires exceptional technical expertise, strong leadership skills, and a deep understanding of encryption technologies and best practices.

Primary Responsibilities:

• Design and implement PKI solutions to secure digital transactions, communications, and data within the bank

• Manage and maintain the bank's encryption infrastructure, ensuring high availability and compliance with industry standards

• Provide expertise and support for cryptographic key management, including key generation, distribution, and revocation

• Stay abreast of industry trends and emerging technologies related to PKI, encryption, and cybersecurity to enhance the bank's security posture

• Oversee the day-to-day operations of PKI services, including certificate issuance, renewal, revocation, and key management

• Drive automation initiatives to streamline PKI processes and enhance service delivery efficiency

• Provide technical leadership and guidance to junior engineers and support teams in resolving complex PKI-related issues

• Evaluate emerging PKI technologies and tools, making recommendations for their integration to improve PKI service offerings

• Work closely with Technology management, senior Engineers, and support teams on a regular basis to implement and manage the design, development, and execution of technical solutions that meet or exceed current and future needs of the organization.

• Responsibilities may include infrastructure architecture and design, research and development of new or expanded systems, creation of technology standards and policies, thorough analysis of user requirements and operational constraints, unit test and system integration, and user acceptance testing.

• Regularly and independently interact with business partners of varying associate and management levels to ensure clarity of the problem/opportunity and elicit business requirements.

• Coordinate vendor interactions and/or vendor resources as needed.

• Mentor and coach less experienced engineers, technicians, and integrators. Review documentation, proposals, and changes proposed by less experienced staff.

• Seek to expand knowledge and understanding of Financial Services trends, practices, and technologies on a continuous basis.

• Follow and promote use of industry best practices, standards and procedures.

• Maintain a strong aptitude and working knowledge of Bank applications, systems, development environments. Maintain a detailed understanding of vendor technologies and services used by the Bank.

• Understand and adhere to the Company's risk and regulatory standards, policies and controls in accordance with the Company's Risk Appetite. Identify risk-related issues needing escalation to management.

• Promote an environment that supports diversity and reflects the M&T Bank brand.

• Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.

Education and Experience Required:

Combined minimum of 8 years' higher education and/or work experience in systems design, management and/or architecture

Strong understanding of the system development and infrastructure lifecycle and architecture, vendor best practices, IT Service Management, and systems design

In-depth knowledge of encryption technologies, including design, implementation, and administration

Strong understanding of security principles, threat landscape, and incident response methodologies

Experience with scripting and programming languages (e.g., Python, PowerShell) for automating security tasks and developing use cases

Strong knowledge of regulatory compliance standards (e.g., PCI DSS, GDPR, FFIEC) related to encryption and data protection controls within the banking sector

Experience installing, configuring, administering, upgrading and supporting Entrust and/or Thales HSMs to support PKI and encryption key management services.

In-depth knowledge of PKI including on-prem and cloud solutions

Education and Experience Preferred:

Bachelor's Degree in Computer Science or Computer Engineering

Minimum of 8 years' professional experience in a technical engineering position involving infrastructure design technologies, data management and interchange, system design and/or development for complex applications

Minimum of 8 years' professional experience in a technical engineering position involving infrastructure design technologies, data management and interchange, system design and/or development for complex applications

Professional certifications in information security and encryption technologies, such as Certified Information Systems Security Professional (CISSP), Certified Encryption Specialist (CES), or Certified Information Security Manager (CISM), are highly desirable

Extensive experience working as a PKI Engineer, with a focus on delivering PKI as a Service solutions

Hands-on experience with PKI service platforms and tools, such as AWS Certificate Manager, Microsoft ADCS, or other PKIaaS solutions

Familiarity working with trusted PKI and machine identity service providers, such as Keyfactor

Working knowledge and familiarity with Thales CipherTrust Manager (CM), Hardware Security Module (HSM), and CipherTrust Tokenization Server (CTS)

Ability to translate complex business and functional requirements into structured high quality implementations using any variety of industry standard approaches

Advanced technical skills

Advanced analytical skills

Advanced troubleshooting skills

Advanced problem-solving skills

Verifiable knowledge and advanced expertise in industry and/or vendor technologies

Able to meet with clients of varying levels to gather, document, and analyze system specifications and requirements, work closely with integrators, developers, and testers in the fast-paced environment

Ability to work independently and collaboratively with others in team environment

Ability to use effective facilitation skills and techniques to elicit and review requirements from a diverse range of stakeholders and group size

Understanding of how the people, processes and technology within an organization interact in relationships and patterns to create a feasible solution on projects of medium to high complexity

Excellent written and verbal communication skills

Effective influencing skills

Process-oriented

Logical thinker

Strong knowledge of server/client and virtual technologies

Ability to complete complex tasks with minimal supervision

Adaptable

Able to learn quickly in a rapid pace environment

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $110,635.01 - $184,391.68 Annual (USD). The successful candidate's particular combination of knowledge, skills, and experience will inform their specific compensation.

Location:

Buffalo, New York, United States of America