FIPS Security Engineer
About The Position
The Cryptographic Security Testing (CST) Lab within Accredited Testing and Evaluation (AT&E) at Leidos currently has an opening for FIPS Security Engineer to work in our Columbia, MD office. This is an exciting opportunity to use your experience to help with FIPS 140-3 security evaluations. A FIPS Security Engineer is a technical position within the CST Lab. A new hire joining CST with significant prior experience in trusted product validations may be designated a FIPS Security Engineer. This position can perform the role of validation technical lead, providing direction and oversight to validation team members in the conduct of a trusted product validation. A FIPS Security Engineer is also able to perform the role of a technical POC with CST customers. A FIPS Security Engineer is also able to provide validation consultancy support to CST customers. This support may include advice on the suitability of evidence for validation and help in creating validation evidence on behalf of CST customers.
Requirements
- Minimum Bachelor of Science in Computer Science, Computer Engineering, or related technical discipline, or equivalent experience.
- Meets the IAT Level I position requirements as defined in DoD 8570.01-M, to include at least one of the following certifications: GISF, GSLC, Security +, or equivalent industry experience
- At least 2 years working at a CST validation laboratory or demonstrate proficient knowledge in the subject area.
- Possess sound knowledge of IT security concepts and familiarity with the CST technical procedures and the validation methodologies employed by the CST.
Nice To Haves
- CVP certification is not required for this role, however, it is highly recommended and should be pursued to enhance skills and career development within the field.
Responsibilities
- Accountable for competently conducting product security assessments under the direction of the lead tester
- Maintains an ongoing dialogue with the lead tester about the status and conduct of security assessments
- Analyzes and clarifies customer requirements
- Understands and complies with the verification and validation of test methods and procedures
- Analyze results, including statements of conformity and any applicable opinions and interpretations.
- Reports details of all nonconforming work and supplies that prohibit the accurate conduct of security assessments (observation reports)
- Strong FIPS knowledge
- Mentor junior testers, as needed
- Coordinate all tasks with the project lead tester or lab manager
- Provide weekly informal status for all tasks to the project lead tester
- Lead client facing activities
- Independently perform the following: Algorithm generation and verification testing activities using CAVS and the ACVTS
- Design reviews
- Compliance analysis
- Source code reviews
- Failure testing
- Operational testing
- Testing activities
- Complete CRYPTIK sections with 70 percent proficiency
- Independently perform physical testing
- Complete Physical Testing Reports with 70 percent proficiency
- Draft DRF and onsite test plans
Benefits
- competitive compensation
- Health and Wellness programs
- Income Protection
- Paid Leave
- Retirement
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
