There are basically three sectors which will hire people to predominantly work on cryptography.
1. First and foremost you have academia and the public sector. You can try to get tenure at a university or you can join the NSA. This has a healthy mix of applied and theoretical work.
2. Second you can join an industrial research lab. The biggest ones are Microsoft Research, IBM Research, Galois Inc and Google Research. For the most part you'll be working on publishable research with an eye towards things that can be shipped in some way. Isogeny cryptography originally came out of Microsoft in the early 2000s and Craig Gentry (the person who invented the first working example of fully homomorphic encryption) now works at IBM.
3. Third you can join a security consulting firm which is either focused on cryptanalysis or which has a division dedicated to it. The most well known in this arena would be NCC Cryptography Services, Riscure and Cryptography Research (now a division of Rambus).
This is kind of a continuum. You won't get tenure as an academic researcher without a PhD and it will be hard to get into the NSA without one as well. Likewise the top industrial research labs only rarely hire people without PhDs to be research scientist (though it can and does happen). It is comparatively easier to work in cryptography in the consulting industry: I know several people working in side channel research at Riscure who have "only" an MSc, and NCC employs consultants in Cryptography Services who don't have an MSc or PhD.
If you're interested in cryptography as a career path, the most valuable way to pursue that is to be someone with a graduate degree in mathematics who has significant expertise in implementation, performance and cryptanalysis. In particular it's very lucrative to be competent in side channel analysis and hardware optimization. With the exception of speculative blue sky research projects like indistinguishability obfuscation, multiparty computation, homomorphic encryption and post-quantum public-key cryptography, most work to actually be done is in implementation, implementation auditing and implementation optimization. We already have secure designs for most common use cases in AES and ChaCha; working on verifying a given implementation or removing the ways mistakes can be made is much more important.