Compliance Architect

Compliance Architect – Enterprise Encryption & Key Management

Overview

Afidence is seeking a highly emotionally intelligent Compliance Architect to lead governance for one of our client’s enterprise-wide encryption and key management. This role will serve as the central authority for cryptographic governance, ensuring consistent alignment with regulatory frameworks and audit expectations. The Compliance Architect will bridge the gap between compliance and technology by translating complex regulatory requirements into actionable governance models for application and infrastructure teams.

Key Responsibilities

• Serve as the central governance authority for enterprise encryption and key management across the enterprise.
• Interpret, map, and maintain compliance with regulatory frameworks, including FFIEC, PCI-DSS v4, NIST, GLBA, and SOX .
• Develop and maintain encryption and key management policies, standards, and governance documentation .
• Perform risk-based prioritization to identify high-risk systems and application teams requiring immediate focus.
• Act as a program manager , coordinating across business units to drive adoption of governance models.
• Coach and train application and infrastructure teams on encryption requirements, documentation, and audit readiness.
• Partner with technical owners of KMS, HSMs, PKI, and certificate lifecycle management systems to ensure compliance alignment.
• Store and maintain governance artifacts, policies, and Bodies of Evidence (BOE) in SharePoint.
• Support long-term cryptographic strategy, including quantum-resistant cryptography considerations.

Qualifications

Mission Statement

The Compliance Architect will lead the design, rollout, and adoption of a sustainable encryption and key management governance program across our client’s enterprise. This leader will ensure regulatory compliance, reduce audit findings, and empower application teams to meet cryptographic requirements with consistency and confidence.