Join Barclays as a Cryptography & Key Management Analyst within the Chief Information Security Office (CISO), delivering critical cryptographic services including Key Management, HSMs, Application Cryptography, Strong Authentication, and PKI across the bank. You will act as a bridge between security, technology, and the business, ensuring the confidentiality, integrity, and availability of information while supporting security risk management.

The team owns its platforms end-to-end, from design and testing through to deployment and operations. You will work with cryptographic keys, Windows and Linux environments, databases, and automation, while helping deliver a large-scale cryptography re-platforming programme running through 2027, offering strong technical growth and long-term development.

Please note that while you will work standard UK hours (9 AM–5 PM), you will also be required to perform occasional on-call duty. While weekend on-site attendance is not required, weekend shift coverage may be scheduled.

To be successful in this role, you will need the following:

• Experience in Cryptography and Information Security, with a particular focus on cryptographic key management (strong foundational knowledge is required; deeper expertise can be developed on the job).
• ITIL Foundation certification.
• Experience in Key Management, Certificate Management, and HSM configuration, installation, and support.
• Solid understanding of infrastructure and development environments, including databases, server environments, and Windows/Linux systems.
• Experience with Python and/or Golang, with an interest in using these to support automation and workflow optimisation.
• Familiarity with cryptographic and key management toolsets, ideally including Thales (Crypto Command Centre, PayShield Monitor and Manager) and/or Entrust (KeySafe 5).
• Strong stakeholder management skills, with the ability to influence and negotiate at all levels.
• Excellent attention to detail and accuracy, with the ability to make sound decisions under tight deadlines and manage multiple priorities.
• Proficiency in MS Office applications.

Some other highly valued skills may include:

• Relevant security or project management certifications.
• Background in operational environments, including incident response and change management.
• Strong documentation skills for operational procedures.
• Familiarity with SharePoint, Confluence, and JIRA.
• Unix/Windows operating system knowledge.
• Expertise in privacy, compliance, and data protection services.
• Bachelor's degree in Computer Science.

You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen, strategic thinking and digital and technology, as well as job-specific technical skills.

The successful candidate will be based in Radbroke Hall, Knutsford.

Purpose of the role

To undertake all team activities in line with Barclays strategy, Crypto strategy, and departmental goals, while ensuring the integrity and availability of cryptographic and key management services to business functions and applications. The role is responsible for maintaining accurate environment documentation, process and device categorisation, and providing ongoing assurance that risk and compliance requirements are met and evidenced to the required standard. It also includes the generation of key components across multiple platforms (including IBM, Tandem, and Unix), the management of cryptographic infrastructure, and the effective handling of incident management, change management, and ITIL-aligned processes.

Accountabilities

• Cryptographic Hardware Management – including on site local configuration activities.
• Support with resourcing, scheduling and distribution of work requests for HSM and Key management. Work closely with dates set in cooperation with Service Management to ensure smooth continuity of services and operations. Deliver to the required SLAs for all service.
• Gather, distribute, store, recover and delete cryptographic keys in accordance with defined procedures and to meet service, risk and governance requirements as part of a component handling team across a variety of platforms across core geographic locations globally.
• Management of Cryptographic infrastructure to include Out of Hours Support, production of Monthly management information and risk statements.
• Adherence to Group IT Security Standards.
• Problem, Incident & Change Management including root cause identification.
• Procedure/process development.
• Project delivery.
• Cryptographic Hardware Management.
• Auditable Record Management.
• Excellent Risk and Control Maintenance.
• Ensure governance and clear record keeping of activities undertaken to ensure an accurate audit trail required for attestation/Audit support.
• Take a proactive approach to improving operations and customer experience/turnaround.
• Assist in the management of any control issues identified via audits or other control issues. 

Analyst Expectations

• Perform prescribed activities in a timely manner and to a high standard consistently driving continuous improvement.
• In-depth technical knowledge and experience in their assigned area of expertise.
• Thorough understanding of the underlying principles and concepts within the area of expertise.
• Develop technical expertise in work area, acting as an advisor where appropriate.
• Will have an impact on the work of related teams within the area.
• Partner with other functions and business areas.
• Take responsibility for end results of a team’s operational processing and activities.
• Escalate breaches of policies/procedure appropriately.
• Take responsibility for embedding new policies/procedures adopted due to risk mitigation.
• Advise and influence decision making within own area of expertise.
• Take ownership for managing risk and strengthening controls in relation to the work you own or contribute to. Deliver your work and areas of responsibility in line with relevant rules, regulation and codes of conduct.
• Maintain and continually build an understanding of how own sub-function integrates with function, alongside knowledge of the organisations products, services and processes within the function.
• Demonstrate understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function.
• Make evaluative judgements based on the analysis of factual information, paying attention to detail.
• Resolve problems by identifying and selecting solutions through the application of acquired technical experience and will be guided by precedents.
• Guide and persuade team members and communicate complex/sensitive information.
• Act as contact point for stakeholders outside of the immediate function, while building a network of contacts outside team and external to the organisation.

All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.