Who we are looking for

State Street is seeking an experienced Encryption Program Analyst, AVP to help design, implement, and optimize enterprise-wide encryption and key management solutions across cloud, on-premises, and IoT environments in a highly regulated environment. This role will be responsible for defining cryptographic strategies, ensuring compliance with regulatory standards, and leading the integration of encryption services across a diverse infrastructure.

As a financial institution increasingly adopting hybrid cloud and IoT-enabled banking solutions, this role will play a critical part in securing data at rest, in transit, and in use, ensuring end-to-end cryptographic protection across applications, infrastructure, and connected devices. The ideal candidate will have deep expertise in cryptographic key management, Hardware Security Modules (HSMs), cloud security, IoT encryption protocols, and enterprise data protection.

Why this role is important to us

Our technology function, Global Technology Services (GTS), is vital to State Street and is the key enabler for our business to deliver data and insights to our clients. We’re driving the company’s digital transformation and expanding business capabilities using industry best practices and advanced technologies such as cloud, artificial intelligence and robotics process automation.

We offer a collaborative environment where technology skills and innovation are valued in a global organization. We’re looking for top technical talent to join our team and deliver creative technology solutions that help us become an end-to-end, next-generation financial services company.

What you will be responsible for

As an Encryption Analyst you will:

• Implement and maintain the enterprise cryptographic strategy, ensuring alignment with security, compliance, and business objectives.
• Define and maintain key lifecycle management processes and procedures, including key generation, rotation, revocation, and decommissioning for cloud, on-premises, and IoT environments.
• Support the deploy of centralized Key Management Systems (KMS), including cloud-native KMS (AWS KMS, Azure Key Vault, OCI KMS), and enterprise HSMs
• Ensure robust data encryption methodologies are applied to data stored in databases, applications, and IoT connected devices.
• Collaborate with cloud security and DevSecOps teams to integrate encryption and key management into CI/CD pipelines and Infrastructure as Code (IaC) deployments.
• Develop IoT encryption frameworks to secure IoT devices.
• Support the integration of encryption solutions into applications, databases, cloud services, IoT platforms, and enterprise infrastructure.
• Collaborate with application security, infrastructure, and DevSecOps teams to embed cryptographic security controls into software development and deployment processes.
• Support post-quantum cryptography (PQC) readiness by evaluating and preparing for emerging threats to encryption security.
• Ensure compliance with NIST 800-57, PCI DSS, FIPS 140-2/3, ISO 27001, GDPR, FFIEC, and IoT security (NIST 800-183, ETSI EN 303 645).
• Developing governance frameworks for encryption and cryptographic key management, including policies for key storage, access control, logging, and auditing.
• Conduct risk assessments, vulnerability testing, and security reviews for cryptographic implementations, IoT ecosystems, and cloud security controls.
• Act as a key stakeholder in security audits, regulatory assessments, and IoT security standardization efforts.
• Provide Technical support and training to internal teams on encryption best practices, cloud security, and IoT security.
• Stay ahead of advancements in cryptographic algorithms, quantum computing risks, and emerging IoT security frameworks.
• Drive innovation in encryption automation, integrating key management with DevSecOps, and Infrastructure as Code (IaC).

What we value

These skills will help you succeed in this role

• Strong proficiency in Python, PowerShell, Bash, or Java.
• Understanding of cryptographic algorithms (AES, RSA, ECC), hardware security modules (HSMs), and secure key storage practices.
• Experience working in financial institutions or other highly regulated industries.
• Hands-on Experience with key management systems (Fortanix, ASW KMS, Azure Key Vault, OCI KMS).
• Experience with Kubernetes, Terraform, Ansible, Chef, and CI/CD automation.

Education & Preferred Qualifications

• You have multiyear (>4 years) experience within Cybersecurity including SecOps, Cloud Security, and secure architecture.
• Bachelor's Degree in Computer Science/Engineering, related discipline, or equivalent work experience.
• Certifications such as CISSP, CISM, AWS Security Specialty, HashiCorp Certified Vault Associate or CCSK.
• Familiarity with NIST 800-57, PCI DSS, FIPS 140-2/3, ISO 27001, GDPR, FFIEC, and IoT security (NIST 800-183, ETSI EN 303 645).

Work Requirement

• Hybrid work environment conforming to State Streets in office requirements based on location.

Salary Range:

The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.

Employees are eligible to participate in State Street’s comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee Assistance Program; incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans); and, eligibility for certain tax advantaged savings plans.

For a full overview, visit https://hrportal.ehr.com/statestreet/Home.

About State Street

Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.

We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you’ll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.

As an Equal Opportunity Employer, we consider all qualified applicants for all positions without regard to race, creed, color, religion, national origin, ancestry, ethnicity, age, disability, genetic information, sex, sexual orientation, gender identity or expression, citizenship, marital status, domestic partnership or civil union status, familial status, military and veteran status, and other characteristics protected by applicable law.

Discover more information on jobs at StateStreet.com/careers

Read our CEO Statement

Job Application Disclosure:

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.