Applied Cryptography & Cybersecurity Software Engineer – Post Quantum Focus (M.S. or Ph.D.)

Exponent•Irvine, CA

10d•$133,000 - $145,000•Onsite

About The Position

About Exponent Exponent is the only premium engineering and scientific consulting firm with the depth and breadth of expertise to solve our clients’ most profoundly unique, unprecedented, and urgent challenges. Our vision is to engage multidisciplinary teams of science, engineering, and regulatory experts to empower clients with solutions that create a safer, healthier, more sustainable world. For over five decades, we've connected the lessons of past failures with tomorrow's solutions to advise clients as they innovate technologically complex products and processes, ensure the safety and health of their users, and address the challenges of sustainability. Join our team of experts with degrees from top programs at over 500 universities and extensive experience spanning a variety of industries. At Exponent, you’ll contribute to the diverse pool of ideas, talents, backgrounds, and experiences that drives our collaborative teamwork and breakthrough insights. Plus, we help you grow your career through mentoring, sponsorship, and a culture of learning. Thanks for your interest in joining our team! Key statistics: 950+ Consultants 640+ Ph.D.s 90+ Disciplines 30+ Offices globally Our Opportunity We are seeking an Applied Cryptography & Cybersecurity Software Engineer – Post‑Quantum Focus to join our Data Sciences Practice in Irvine, CA, Los Angeles, CA, or Menlo Park, CA . This role is ideal for someone who thrives at the intersection of cryptography research, cybersecurity architecture, and hands‑on software engineering, and who is passionate about securing real‑world, mission‑critical systems. You will contribute to impactful projects across sectors including defense, utilities, and other critical infrastructure domains, helping to design and implement secure, resilient systems that can withstand today’s and tomorrow’s adversaries. You will work on cryptographic modernization and post‑quantum transition efforts, architect secure systems and protocols, and help build robust software and data infrastructure that “bakes in” security from the ground up. You’ll collaborate with multidisciplinary teams of engineers, data scientists, and domain experts to solve complex, applied security problems in production environments.

Requirements

Ph.D. in Computer Science, Electrical/Computer Engineering, Applied Mathematics, or a related scientific/engineering field with a focus in cryptography, cybersecurity, or information security OR M.S. plus 5+ years of post‑degree industry or government experience in applied cryptography, cybersecurity architecture, or secure software engineering
Deep expertise in modern cryptography, including: Public‑key and symmetric cryptography, key exchange, digital signatures, hashing, and MACs
Understanding of post‑quantum cryptography concepts and NIST PQC standards (e.g., Kyber, Dilithium, other lattice‑based or code‑based schemes)
Familiarity with cryptographic protocols (e.g., TLS, IPsec, SSH) and their failure modes
Demonstrated experience designing and reviewing secure system and software architectures for mission‑critical or sensitive environments
Strong software engineering skills, including: Proficiency in at least one systems or backend language (e.g., Python, C/C++, Go, Rust, or Java)
Experience building, testing, and maintaining production‑grade software using version control (Git or similar)
Familiarity with secure coding practices, code review, and CI/CD or DevSecOps workflows
Experience integrating cryptography into real‑world systems, including: Using and evaluating cryptographic libraries (e.g., OpenSSL, BoringSSL, libsodium, Bouncy Castle, AWS KMS, Azure Key Vault, or equivalent)
Implementing or integrating key management, HSMs, or hardware‑backed trust (e.g., TPM, secure enclaves)
Working knowledge of cybersecurity concepts and frameworks, such as: Zero‑trust architectures, identity and access management, network segmentation, logging and monitoring NIST SP 800‑series guidance, DoD or IC security policies, or similar regulatory frameworks
Experience communicating complex technical material clearly and concisely to diverse audiences, including senior leadership and non‑technical stakeholders
Strong writing skills to enable generation of concise, clear, and accurate standards and guidance documentation
Ability to work independently and in multidisciplinary teams, managing priorities across concurrent projects
Proof of U.S. citizenship
The possession of, or ability to obtain, a U.S. DoD Security Clearance (Secret or higher)
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

Nice To Haves

Hands‑on work in post‑quantum cryptography transition or evaluation (e.g., performance benchmarking, hybrid key exchange, impact analysis on existing protocols)
Experience with DoD, IC, or other U.S. Government clients, including familiarity with cryptography‑related policies and guidance
Experience architecting secure solutions on major cloud platforms (AWS, Azure, or GCP), including use of managed key management and cryptographic services
Background in secure networking, endpoint protection, or security operations as it relates to cryptographic controls
Experience with formal methods, protocol verification, or side‑channel and implementation‑level attack considerations
Relevant certifications (e.g., CISSP, GSEC, CSSLP, GIAC, or similar)

Responsibilities

Designing and architecting secure software systems and services, with strong emphasis on cryptography, key management, and secure protocol design
Leading post‑quantum cryptography assessments and migration planning, including algorithm selection, hybrid approaches, and performance/latency tradeoff analysis
Evaluating, integrating, and hardening cryptographic libraries, modules, and products, including FIPS‑validated components where applicable
Developing and reviewing secure communication protocols, authentication schemes, and data‑at‑rest / data‑in‑transit protection mechanisms
Performing security architecture reviews for new and existing systems
Wearing multiple hats across data engineering and software teams to incorporate cryptographic controls and security best practices into data pipelines, APIs, and microservices
Supporting the development of policies, standards, and technical guidance related to cryptographic modernization (including PQC) and cybersecurity architecture
Translating complex cryptographic and cybersecurity concepts into clear requirements, design documents, and presentations for both technical and non‑technical stakeholders, including senior government clients
Ensuring security controls and cryptographic implementations align with federal and industry standards (e.g., NIST PQC, CNSS, DoD directives, FedRAMP) and client‑specific compliance requirements
Contributing to internal R&D and prototyping efforts in areas such as PQC benchmarking, secure enclaves, zero‑trust architectures, and secure DevSecOps pipelines

Benefits

Our firm is committed to offering a variety of programs and resources to support health and well-being.
We believe that providing competitive benefits as well as compensation and recognition programs empowers our staff to do work that makes a difference.
At the Associate and Senior Associate level, total compensation includes base salary, bi-weekly bonuses for high-intensity efforts, annual bonus and 401(k) employer contribution of 7% of base salary.
Access benefits information on our Life@Exponent page: https://www.exponent.com/careers/life-exponent

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume