Job Type: ContractLength of contract: 6-month contract with possible extensionWork Mode: 5 days work from the officeJob description :Position Overview:-The Encryption Key Manager will act as a key liaison between Fiserv’s Australian business operations and global Technology and Cyber Security teams. This role ensures alignment between business requirements and compliance with internal security policies, Australian regulations, and industry standards. The successful candidate will be responsible for managing cryptographic key lifecycles, supporting secure payment processing environments, and driving awareness and training initiatives related to cryptographic security. Required Qualifications & Experience required :Minimum 4 years of IT/Cybersecurity experience, with at least 2 years in Cryptographic Key Management.Bachelor’s degree in Computer Science, Information Security, or a related field; equivalent experience and certifications (e.g., CISSP, CISM, CISA, or relevant crypto certifications) will be considered.Strong understanding of cryptographic technologies and key management practices.Experience with HSMs and payment key generation is highly desirable.Proven ability to manage and respond to security incidents, especially those involving non-compliance with regulatory or industry standards.Demonstrated experience supporting audits including AusPayNet, Eftpos, Card Schemes, SOC1/2, NIST, ISO27001, and client-specific assessments.Familiarity with enterprise security policies and standards.Excellent verbal and written communication skills, with the ability to engage effectively with internal and external stakeholders across regions.Experience coordinating virtual teams across departments and geographies.Prior experience in the payments industry is preferred. Key Responsibilities:1.Cryptographic Key ManagementOversee the lifecycle of cryptographic keys in accordance with Australian regulations, industry standards.Provide timely support for cryptographic operations involving Host Security Modules (HSMs), both remotely and at payment processing data centers and facilities.2. Security Awareness & TrainingLead and enhance Crypto Key Security Risk & Compliance awareness programs.Deliver targeted training for key management personnel to ensure consistent understanding of security protocols.3.Operational OversightMaintain Crypto Key Management Services (CKMS) documentation including logbooks, key lifecycle protocols, audit evidence, key inventories, and HSM hardening records.Ensure readiness for internal and external audits by maintaining accurate and complete records.4.Security Assessments & ComplianceConduct security assessments and cryptographic reviews of applications and infrastructure.Collaborate with project teams to assess encryption requirements for new technologies, especially in the payment domain.Support PCI PIN and PCI DSS compliance efforts and audit readiness.
