Quantum Cryptography / Security Specialist

A quantum cryptography specialist protects organisations against the day a cryptographically relevant quantum computer can break today's public-key encryption. In practice that means far more classical security work than quantum physics: auditing where cryptography is used, migrating systems to the post-quantum standards NIST finalised, building crypto-agility so algorithms can be swapped later, and in some settings deploying quantum key distribution. It is a high-stakes role most active in government, defence, and finance.

Est. base salary (US) $100k - $210k+
Focus PQC migration, QKD, security
Best for Security and crypto engineers

A typical day

The work is mostly engineering and risk management, not theory. A specialist might start by extending a cryptographic inventory, finding every place RSA or elliptic-curve keys are used across services, certificates, and embedded devices. Midday could be spent integrating a hybrid key exchange in a TLS stack with liboqs and benchmarking the performance and packet-size impact of larger PQC keys. Other days are spent writing migration roadmaps, briefing security leadership on the "harvest now, decrypt later" threat, or evaluating whether a high-assurance link justifies QKD hardware. Reading and tracking standards is a constant background task, since the PQC landscape is still settling.

Core responsibilities

  • Inventory where and how an organisation uses cryptography, including hidden dependencies in protocols and libraries.
  • Plan and execute migration to the finalised NIST post-quantum standards, ML-KEM (Kyber), ML-DSA (Dilithium), and SLH-DSA (SPHINCS+), while tracking the draft FN-DSA (Falcon) standard still under review.
  • Integrate PQC primitives using libraries like liboqs and the Open Quantum Safe project, often in hybrid (classical + PQC) modes.
  • Design for crypto-agility so algorithms can be swapped as standards evolve, without re-architecting systems.
  • Assess and, where appropriate, deploy quantum key distribution (QKD) for high-assurance links.
  • Model the "harvest now, decrypt later" threat and prioritise data by how long it must stay confidential.
  • Review network security, TLS configurations, PKI, and key management for quantum readiness.
  • Communicate risk and roadmaps clearly to security leadership, auditors, and regulators.

Skills

Required

  • Classical cryptography (RSA, ECC, AES, hashing)
  • NIST PQC standards
  • Public-key infrastructure and TLS
  • Network and protocol security
  • C / Python for crypto libraries
  • Threat modelling and risk assessment
  • Crypto-agility design
  • Key management

Nice to have

  • liboqs / Open Quantum Safe
  • Lattice-based cryptography theory
  • QKD protocols (BB84, E91)
  • Security clearance (US roles)
  • FIPS and Common Criteria compliance
  • Hardware security modules (HSM)
  • Formal verification
  • Standards-body participation

Tools and standards

  • liboqs / Open Quantum Safe

    C library and integrations (OpenSSL, OpenSSH) providing PQC algorithms for real-world testing and deployment.

  • NIST PQC standards

    The FIPS 203/204/205 standards for ML-KEM, ML-DSA, and SLH-DSA that production migrations target.

    Learn more →
  • OpenSSL / BoringSSL

    TLS stacks where hybrid key exchange and PQC signatures are integrated and benchmarked.

  • QKD hardware

    Photonic key-distribution systems from vendors like Toshiba and ID Quantique for high-assurance links.

    Learn more →
  • PKI and HSMs

    Certificate authorities and hardware security modules that must be updated to handle larger PQC keys.

Salary by seniority

Rough estimates of US base-salary ranges for 2026; treat these as ballpark figures rather than survey data. Government and defence roles often add a clearance premium; fintech total compensation adds bonus and equity. Major metros typically pay 20-40% more.

LevelBase rangeWhat changes
Junior (0-3 yr) $100k - $130k Crypto inventory, library integration, standards reading, and migration support.
Mid (3-7 yr) $130k - $165k Owns PQC migration projects, protocol integration, and crypto-agility design.
Senior / Staff (7 yr+) $165k - $210k+ Sets cryptographic strategy, advises leadership, and leads government or fintech engagements.

See the full quantum computing salary guide for geographic breakdowns and the skills that command a premium, including active security clearance.

Demand and outlook

Demand is surging. NIST finalised its first post-quantum standards in 2024, and government mandates now push agencies and their suppliers toward migration on fixed timelines. Finance, telecom, and critical infrastructure are following, because data with a long confidentiality lifetime is already exposed to "harvest now, decrypt later" collection. Unlike most quantum roles, you do not need a physics PhD: experienced security engineers who learn PQC are highly employable, and an active US security clearance materially raises compensation in defence-adjacent work.

Who hires for this role

  • Government and defence agencies
  • National labs
  • Banks and fintech
  • Cloud providers (AWS, Microsoft, Google)
  • IBM
  • Telecom carriers
  • ID Quantique
  • Toshiba
  • Security consultancies
  • Critical infrastructure operators

Browse current openings on the quantum jobs board, and see how this role fits alongside others in the careers overview.

Want to be in line for roles like this? Join the talent pool and we will email you when a matching listing is posted.

How to become a quantum cryptography specialist

The path builds on classical security and cryptography, then adds depth in the NIST PQC algorithms and migration practice. Our step-by-step roadmap covers the full sequence.

Read the full guide: How to become a quantum cryptography specialist →