Join Barclays as a PKI Cryptography Engineer within the Chief Information Security Office (CISO), where you’ll play a vital role in protecting the organisation through secure and resilient PKI and digital certificate services used across the bank. In this role, you’ll provide support to users across Barclays, handling PKI and digital certificate queries while supporting and maintaining core PKI services. This includes certificate lifecycle management, infrastructure maintenance, and contributing to initiatives that move our services toward greater automation and autonomy, while staying up to date with industry best practices.

You’ll bring experience in PKI, cryptography, and lifecycle management, with any coding experience seen as a strong advantage. Knowledge of HSMs and Windows-based PKI environments is beneficial and will help you succeed in this technically hands-on role.

The role follows anchor days on Monday and Tuesday and operates on standard UK hours (9 AM–5 PM), with 24/7on-call support rotation of 1 in every 8 weeks and paid overtime. You can expect occasional data centre visits to install hardware; while weekend on-site attendance is not required, weekend shift coverage may be scheduled as part of on-call support.

To be successful in this role, you will need the following:

Strong understanding of PKI concepts, X.509 certificates, encryption algorithms, and certificate lifecycle.Exposure to enterprise PKI tools (Venafi, DigiCert, Entrust, EJBCA), hands-on experience managing Certificate Authorities, CRL/OCSP, and secure key storage (HSMs), including backup and disaster recovery procedures.Ability to diagnose and resolve certificate related issues across applications, networks, and operating systems, including trust chain failures, expired certificates, and misconfigurations.

Some other highly valued skills may include:

Experience with PowerShell, GO, Python, or Bash to automate certificate provisioning, renewal, and monitoring.Ability to enforce security policies, audit PKI environments, and ensure compliance with standards such as NIST, ISO 27001, and industry best practices.Familiarity with PKI in cloud platforms (AWS, Azure) and integrating certificates into CI/CD pipelines, containers, and Kubernetes environments.A clean driving license would be considered an advantage.

You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen, strategic thinking and digital and technology, as well as job-specific technical skills.

The successful candidate will be based in Radbroke Hall, Knutsford.

Purpose of the role

To manage and monitor the banks cryptographic assets, for all use cases, whilst ensuring the confidentiality, integrity, and authenticity of sensitive data, both through BAU support and On-Call support as part of a 24/7 global team. 

Accountabilities

Collaboration with internal and external customers and stakeholders to understand and identify cryptographic needs across the organisation, sharing best practices including solutions to business applications and processes.Execution of security assessments and penetration testing to identify vulnerabilities in cryptographic implementations and procedures and guide the implementation of mitigation strategies and communicate findings to relevant findings to relevant senior stakeholders.Implementation and monitoring of cryptographic solutions used in various banking applications to ensure they function correctly and meet the Cryptography Standard.Development of training content for colleagues to share expertise on cryptographic concepts, best practice and security procedures in line with Standards and Industry regulations. Contribute to the creation of technical documentation and specifications related to cryptographic designs and implementations. Provision of subject matter expertise in cryptography methodologies.To manage and support the service management of cryptography solutions consumed by the Bank globally, in line with Technology Controls and Standards, including but not limited to Incident/Problem/Change/Vulnerability Management.Understanding of industry cryptographic principles including algorithms, protocols and technologies including symmetric and asymmetric keys, digital signatures, key exchange and encryption. Advocate the improvement and implementation of security controls when appropriate.Presentation of complex ideas effectively to technical and non-technical audiences at all levels of Leadership.

Analyst Expectations

To perform prescribed activities in a timely manner and to a high standard consistently driving continuous improvement.Requires in-depth technical knowledge and experience in their assigned area of expertise.Thorough understanding of the underlying principles and concepts within the area of expertise.They lead and supervise a team, guiding and supporting professional development, allocating work requirements and coordinating team resources.If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L – Listen and be authentic, E – Energise and inspire, A – Align across the enterprise, D – Develop others.OR for an individual contributor, they develop technical expertise in work area, acting as an advisor where appropriate.Will have an impact on the work of related teams within the area.Partner with other functions and business areas.Takes responsibility for end results of a team’s operational processing and activities.Escalate breaches of policies/procedure appropriately.Take responsibility for embedding new policies/procedures adopted due to risk mitigation.Advise and influence decision making within own area of expertise.Take ownership for managing risk and strengthening controls in relation to the work you own or contribute to. Deliver your work and areas of responsibility in line with relevant rules, regulation and codes of conduct.Maintain and continually build an understanding of how own sub-function integrates with function, alongside knowledge of the organisations products, services and processes within the function.Demonstrate understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function.Make evaluative judgements based on the analysis of factual information, paying attention to detail.Resolve problems by identifying and selecting solutions through the application of acquired technical experience and will be guided by precedents.Guide and persuade team members and communicate complex/sensitive information.Act as contact point for stakeholders outside of the immediate function, while building a network of contacts outside team and external to the organisation.

All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.