Data security consultant

Data Security Consultant (8+ Years Experience)

Serves as the Subject Matter Expert (SME) and solution architect for cryptography, PKI, and data protection solutions within the Data Protection / Data Security Tower. This role provides end-to-end leadership for design, implementation, compliance, and optimization of encryption and key management frameworks supporting the MSS program.

Key Responsibilities

– Define the enterprise PKI and cryptographic key management strategy ensuring alignment with MSS objectives, NCA, and CST cybersecurity frameworks.

– Lead architecture design for multi-tier PKI environments leveraging Nokia NCM and NCLM.

– Design, integrate, and maintain Hardware Security Module (HSM) solutions (e.g., Thales) for secure key lifecycle management and high-availability architectures.

– Oversee Quantum Key Distribution (QKD) evaluation and readiness for next-generation encryption protocols.

– Ensure policy-driven governance for key lifecycle management, encryption algorithm selection, and cryptographic resilience.

– Conduct periodic security reviews, audits, and configuration assessments aligned with ISO 27001, NCA, and CST frameworks.

– Collaborate across Infrastructure, Identity, and Devices Towers to ensure interoperability and unified security posture.

– Lead proof-of-concepts for advanced cryptographic technologies and emerging quantum-resistant encryption standards.

– Provide expert-level technical direction, mentor teams, and ensure audit readiness for all data protection systems.

Shift Coverage

8×5 operational coverage (morning and evening shifts) with on-call rotation for P1 and P2 incidents.

Required Qualifications

– Bachelor’s or Master’s degree in Cybersecurity, Information Assurance, or Computer Science.

– Minimum of 8 years’ experience in PKI design, cryptographic architecture, and data protection operations.

– Proven experience implementing HSM-based key management and integrating PKI across hybrid infrastructures.

– Strong knowledge of cryptographic algorithms, certificate hierarchies, and emerging quantum-safe technologies.

Preferred Certifications

– Nokia NCM/NCLM Expert Certification.

– Thales Certified Architect or equivalent HSM specialization.

– Advanced security certifications such as CISSP-ISSAP, CCSP, or ISO 27001 Lead Implementer.

– Experience with audit and compliance programs under NCA and CST frameworks.

Reporting Line

Reports to Data Protection / Data Security Tower Lead.

Tools & Platforms

Nokia NCM, Nokia NCLM, Thales HSM, QKD systems, Certificate Lifecycle Management Platforms, and Cryptographic Audit Tools.