Head of Public Key Infrastructure

Ref. 13407

Some careers shine brighter than others.

If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

Your career opportunity

Global Defense Engineering is responsible for fielding solutions that help defend HSBC against a wide range of threats to the business as well as its customers, clients, partners, and staff.  The team works in concert, with partner teams across HSBC, to implement novel defensive capabilities that are effective and adaptable against a constantly evolving threat landscape.  The function operates under the vision: "Enabling HSBC to be safely successful everywhere the firm chooses to do business".  

The Head of PKI reports to the Digital Identity capability owner.

What you’ll do

• Lead the design and architecture of the bank’s PKI systems, ensuring they meet security requirements, industry standards, and compliance regulations.
• Develop and maintain PKI policies, standards, and procedures, including certificate lifecycle management, key management, and incident response.
• Ensure PKI solutions follow industry regulations (e.g., PCI-DSS, GDPR, RFC 3647) and internal security policies.
• Conduct regular audits of PKI systems to identify vulnerabilities and ensure compliance with security standards.
• Collaborate with IT, legal, compliance, and risk management teams to align PKI strategies with overall business aims and regulatory requirements.

What you need to have to succeed in this role

• Bachelors or Master’s degree in Computer Science, Information Security, or a related field. Directly related work experience may be substituted for a degree. 
• Demonstrated experience in information security, with a focus on PKI and cryptographic services. 
• Proven experience in designing, implementing, and managing PKI solutions in a large organization, preferably within the financial sector or aerospace/defense industry. 
• Experience with HSMs, certificate authorities, and PKI-related protocols (e.g., X.509, SSL/TLS, OCSP, SCEP). 
• Strong understanding of cryptographic principles, algorithms, and protocols. 
• Proficiency in managing PKI tools and platforms such as Microsoft CA, OpenSSL, Keyfactor Command and Venafi. 
•  Experience with cloud-based PKI solutions and integration with cloud services (e.g., AWS, Azure). 
•  Familiarity with regulatory requirements and standards related to PKI and information security.
• Effective communication skills, with the ability to convey complex technical concepts to non-technical stakeholders. 

What we offer

• Competitive salary
• Annual performance-based bonus
• Additional bonuses for recognition awards
• Multisport card
• Private medical care
• Life insurance
• One-time reimbursement of home office set-up (up to 800 PLN).

• Corporate parties & events
• CSR initiatives
• Nursery discounts
• Financial support with trainings and education
• Social fund
• Flexible working hours 
• Free parking

If your CV meets our criteria, you should expect the following steps in the recruitment process:

• Online assessment.
• Telephone screen 
• Job interview with the hiring manager

We are looking to hire as soon as possible so don’t wait and apply now!

Youll achieve more when you join HSBC.