FIPS Compliance Engineer

Summary: The role of a FIPS Compliance Engineer involves assessing cryptographic functions, guiding product security design, and managing the FIPS 140-3 validation process. This position requires collaboration with development teams to ensure compliance with security standards and the creation of technical documentation. The engineer will also conduct source code reviews and perform system-level analysis to enhance security measures. The role is remote and focuses on ensuring adherence to FIPS compliance requirements.

Key Responsibilities:

• Manage FIPS 140-3 validation for cryptographic modules.
• Advise development teams on secure design and architecture to meet compliance standards.
• Analyze security requirements and perform system-level analysis.
• Create technical compliance documentation (e.g., Security Policies, design rationales).
• Conduct source code reviews in Java and JavaScript.

Key Skills:

• Proven experience with FIPS 140 validations, preferably in a certified lab.
• Experience with Java and BTP development environments.
• Knowledge of cybersecurity frameworks (e.g., ISO 27002, NIST SP 800-53).
• Familiarity with FedRAMP, CCCS, or IRAP assessments (preferred).
• Strong knowledge of security principles, cloud solutions, networking protocols (e.g., TLS, IPsec), and cryptography (algorithms, PKI).
• Experience building test environments and producing technical reports.
• Excellent technical writing, documentation, and problem-solving skills.

Salary (Rate): undetermined

City: undetermined

Country: USA

Working Arrangements: remote

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT