Barclays
PQC Cryptography Engineer
Role Title: PQC & Cryptography Engineer
Location: Edinburgh
Role Summary
Hands-on engineering role focused on implementing and evolving enterprise cryptographic controls, specifically with significant focus on post-quantum readiness and crypto-agility. The successful applicant will find themselves at the forefront of driving Tesco Bank post-quantum readiness journey at pace including the following deliverables:
Produce business impact map, develop and implement post-quantum migration strategy
Undertake robust Q-Day risk assessment, including both internal & external integrations, user facing channels
Determine the prioritisation remediation framework to ensure that the critical and high risk/impact systems are addressed in the appropriate sequence
Support the delivery of a full data inventory by identifying gaps and working with the IT teams and business to obtain the relevant information to store appropriately whilst ensuring it remains up to date
Deliver a PoC to demonstrate ability to migrate from current to quantum safe state
To become an instrumental team member in the Tesco Bank migration programme to a quantum ready state to ensure the business remains online and protected, including our customers data and their transactions.
Key Core Skills:
Mandatory
Strong understanding of crypto fundamentals, including symmetric/asymmetric algorithms, hashing, PKI, and key management
Knowledge of post-quantum cryptography (PQC) concepts, including quantum threat models (e.g., Shor’s and Grover’s algorithms)
Familiarity with cryptographic vulnerabilities and standards (e.g., NIST, FIPS)
Experience in threat modelling, particularly for cryptographic systems and future quantum risk scenarios
Solid analytical and problem-solving skills, with the ability to assess cryptographic risk and design mitigation strategies
Comprehensive knowledge and delivery experience of crypto-agility and migration strategies
Experience in architectural engagement to help define and contribute to quantum solution and technical designs
Preferred
Practical exposure to PQC algorithms (e.g., CRYSTALS-Kyber, Dilithium, Falcon)
Understanding of crypto-agility principles and migration strategies
Awareness of industry frameworks such as NIST PQC transition guidance, or CSA recommendations
Experience of working with Hardware Security Modules (HSMs)
Working with a financial institution to support cryptography initiatives, including policy compliance, and enabling application teams to understand and implement cryptographic requirements effectively
Code languages
PowerShell / Bash (scripting), Python (preferred)
Analytical & Research Skills
Ability to interpret emerging standards and research (e.g., NIST PQC recommendations)
Strong problem-solving and risk assessment capability
Experience in identifying cryptographic vulnerabilities and defining mitigations
Data-driven analysis for crypto discovery, inventory, and impact assessment
Tools & Frameworks
Cryptographic libraries (e.g., OpenSSL)
Security tools (e.g. Snyk, Qualys)
Certificate and key management platforms (e.g., Venafi, UKM)
Security standards and frameworks (e.g., NIST, ISO 27001, CIS)
Key soft skills
Strong stakeholder engagement across technical and non-technical teams
Ability to translate complex cryptographic concepts into business risk language
Clear communication and documentation skills (e.g. executive summaries, risk papers)
Collaborative approach across security, engineering, and architecture teams
Proactive mindset with a focus on continuous learning in an evolving PQC landscape
Required experience:
Pre-req of time spent in specific crypto roles / exposure to technology:
Proven real-world environment delivery experience
Demonstrable experience (typically 3–7+ years, of which +4 will be in a senior role) in cryptography, cybersecurity, or information security roles
Hands-on exposure to cryptographic implementations, PKI, encryption standards, or key management
Experience working with enterprise systems, cloud platforms, or regulated environments (financial services)
Quantum knowledge
Basics of quantum computing (qubits, superposition) - covered above
Shor’s algorithm & Grover’s algorithm - covered above
Impact on RSA/ECC- Preferred
Post-quantum migration strategies - Preferred only, as I don't believe there will be many with this experience
Level of qualifications held / member of specific technical professional body(ies)
CISSP (desired), CISM (desired), AWS Certifications (Preferred).
About Barclays
Barclays is a British universal bank. It is diversified by business, by different types of customers and clients, and by geography. Barclays businesses include consumer banking and payments operations around the world, as well as a top-tier, full service, global corporate and investment bank, all of which are supported by its service company which provides technology, operations and functional services across the Group.
Values
Everything Barclays does is shaped by its five values of Respect, Integrity, Service, Excellence and Stewardship. The Barclays values inform the foundations of its relationships with customers and clients, but they also shape how Barclays measures and rewards the performance of colleagues. Simply put, success is not just about what you achieve, but about how you achieve it.
Diversity
Barclays aims to foster a culture where individuals of all backgrounds feel confident in bringing their whole selves to work, feel included and their talents are nurtured, empowering them to contribute fully to Barclays vision and goals.
Onsite
Colleagues who perform ‘onsite’ roles will spend four or five days a week working onsite, depending on the requirements of their role and business area. Please discuss the working pattern requirements for the role you are applying for with the hiring manager. Please note that as we continue to embed our hybrid working environment, we remain in a test and learn phase, which means that working arrangements may be subject to change on reasonable notice to ensure we meet the needs of our business.
Your Benefits
As a contract employee of Randstad Sourceright, you’ll receive a wide range of financial and personal benefits. There’s enrolment in a pension plan (after 12 weeks on assignment) and holiday pay (after eight weeks on assignment). You can discuss any special holiday requests, for weddings, graduations or other significant occasions during this initial period with your team leader. You’ll also get 24/7 access to an Employee Assistance Programme, designed to help you deal with any problems that could be affecting your home or work life. Plus, there’s discounts at heaps of high street shops, restaurants and entertainment - from Asda to Zizzi Italian restaurants.