Jobs · Information Technology · Maryland

FIPS 140 Security Engineer

Robert Half · Columbia, MD · Yesterday
On-siteInformation TechnologyTemporary

Key Responsibilities

  • Support FIPS 140 validation and security evaluation projects for cryptographic products and systems.
  • Perform security architecture reviews, product design analysis, and system-level security assessments.
  • Conduct cryptographic and Public Key Infrastructure (PKI) testing.
  • Analyze entropy sources in accordance with NIST SP 800-90B requirements and evaluate SP 800-90C random bit generator constructions.
  • Create and review Entropy Assessment Reports (EAR) and Public Use Documents (PUD).
  • Prepare and submit Entropy Source Validation (ESV) packages through the NIST ESVTS platform.
  • Conduct vulnerability assessments, logical security analysis, and physical security testing.
  • Review source code and develop scripts or tools to automate testing activities.
  • Build testing environments, execute test plans, document findings, and produce technical reports.
  • Evaluate products against applicable security standards and technology-type requirements.

Core Qualifications

  • Bachelor's degree in Computer Science, Cybersecurity, Computer Engineering, Information Systems, or a related field.
  • 2+ years of relevant cybersecurity, cryptographic testing, security engineering, or validation experience.
  • Knowledge of cryptographic encryption algorithms, key exchange protocols, hashing algorithms, message authentication techniques, PKI, and random number generators.
  • Strong understanding of NIST SP 800-90A, SP 800-90B, and SP 800-90C standards.
  • Experience performing entropy source analysis and validation activities.
  • Experience with one or more programming languages including Python, C, C++, or Java.
  • Experience developing scripts or automation tools to support testing activities.
  • Familiarity with SSH, TLS, IPsec, and other security-related protocols.
  • Experience building test environments, executing security testing, and documenting results.
  • Knowledge of networking fundamentals, including subnetting and routing concepts.
  • Strong troubleshooting, analytical, and problem-solving abilities.
  • Ability to interpret security standards and apply requirements to products and systems.
  • Strong written communication skills and technical documentation experience.

Similar jobs

Security Engineer

MANTECHSpringfield, VA· Yesterday
Information Technologyapply on mantech.avature.net

Security Engineer

LambdaSan Jose, CA· Yesterday
Information Technology$266k–$395k/yrapply on jobs.ashbyhq.com

Security Engineer

Planet PharmaAlameda, CA· 2 days ago
Information Technologyapply on careers.planet-pharma.com

Security Engineer

HaystackVirginia, United States· 2 days ago
RemoteInformation Technology$87k–$198k/yrapply on haystack.cv

Security Engineer

QuEra Computing Inc.Boston, MA· 2 days ago
Information Technology$90k–$140k/yrapply on grnh.se