Security Specialist - PKI, Cryptography & Signing Workflow - SS 0603 RD#06

Job Title: Security Specialist – PKI, Cryptography & Signing Workflow (BFSI)
Location: Greater Toronto Area (GTA), Canada

Prior experience in Banking or regulated BFSI environments is non-negotiable

We are seeking a highly specialized Security Specialist with deep expertise in Public Key Infrastructure (PKI), OpenSSL, and secure signing workflows to support critical security and governance initiatives within a regulated Banking / Financial Services environment.

This role will focus on strengthening cryptographic controls, managing certificate lifecycles, and ensuring secure chain of custody and code/artifact signing processes across enterprise systems.

• Design, implement, and manage enterprise PKI infrastructure
• Administer certificate lifecycle management (issuance, renewal, revocation)
• Ensure proper key management practices and secure storage of cryptographic materials
• Utilize OpenSSL for certificate generation, validation, and troubleshooting

• Design and enforce secure code/artifact signing workflows
• Maintain chain of custody for signed artifacts and cryptographic assets
• Implement controls to ensure integrity, authenticity, and non-repudiation of software and data

• Ensure cryptographic controls comply with BFSI regulatory and security requirements
• Support audit remediation efforts and maintain audit-ready documentation
• Develop and enforce policies, standards, and procedures related to PKI and cryptography

• Monitor and assess vulnerabilities related to cryptographic implementations
• Conduct risk assessments and recommend remediation strategies
• Collaborate with security, infrastructure, and application teams to resolve issues

• Work closely with Internal Audit, Risk, and Compliance teams
• Provide guidance to development and infrastructure teams on secure implementation practices
• Communicate security risks and recommendations to technical and non-technical stakeholders

• 5–8+ years of experience in Information Security, with strong focus on PKI and cryptography
• Mandatory experience within Banking or regulated Financial Services environments
• Hands-on expertise with PKI infrastructure and certificate lifecycle management
• Strong experience with OpenSSL and cryptographic tools
• Proven experience designing or supporting signing workflows and chain of custody processes
• Solid understanding of encryption standards, key management, and security best practices
• Experience supporting audit and regulatory compliance initiatives

• Certifications such as CISSP, CISM, or equivalent
• Experience with Hardware Security Modules (HSMs)
• Familiarity with DevSecOps and secure software development practices
• Knowledge of regulatory standards (e.g., PCI-DSS, OSFI guidelines, ISO 27001)
• Experience with automation and scripting (Python, Shell, etc.)

• Strong analytical and problem-solving skills
• High attention to detail and security-focused mindset
• Effective communication and stakeholder engagement skills
• Ability to work in complex, regulated environments

• Prior experience in Banking or regulated BFSI environments is non-negotiable
• Ability to work in a hybrid/on-site model within the GTA region
• Willingness to support audits and critical security initiatives

For more details reach at View email address on navitasp.talentnest.com .

About Navitas Partners, LLC: It is a certified WBENC and one of the fastest-growing healthcare staffing firms in the US providing Medical, Clinical and Non-Clinical services to numerous hospitals. We offer the most competitive pay for every position we cater. We understand this is a partnership. You will not be blindsided, and your salary will be discussed upfront.