FIPS Security Engineer

Description

The Cryptographic Security Testing (CST) Lab within Accredited Testing and Evaluation (AT&E) at Leidos currently has an opening for FIPS Security Engineer to work in our Columbia, MD office. This is an exciting opportunity to use your experience to help with FIPS 140-3 security evaluations. A FIPS Security Engineer is a technical position within the CST Lab. A new hire joining CST with significant prior experience in trusted product validations may be designated a FIPS Security Engineer. This position can perform the role of validation technical lead, providing direction and oversight to validation team members in the conduct of a trusted product validation. A FIPS Security Engineer is also able to perform the role of a technical POC with CST customers.

A FIPS Security Engineer is also able to provide validation consultancy support to CST customers. This support may include advice on the suitability of evidence for validation and help in creating validation evidence on behalf of CST customers

Primary Responsibilities:

• Accountable for competently conducting product security assessments under the direction of the lead tester

• Maintains an ongoing dialogue with the lead tester about the status and conduct of security assessments

• Analyzes and clarifies customer requirements

• Understands and complies with the verification and validation of test methods and procedures

• Analyze results, including statements of conformity and any applicable opinions and interpretations.

• Reports details of all nonconforming work and supplies that prohibit the accurate conduct of security assessments (observation reports)

• Strong FIPS knowledge

• Mentor junior testers, as needed

• Coordinate all tasks with the project lead tester or lab manager

• Provide weekly informal status for all tasks to the project lead tester

• Lead client facing activities

• Independently perform the following:

  • Algorithm generation and verification testing activities using CAVS and the ACVTS

  • Design reviews

  • Compliance analysis

  • Source code reviews

  • Failure testing

  • Operational testing

  • Testing activities

• Complete CRYPTIK sections with 70 percent proficiency

• Independently perform physical testing

• Complete Physical Testing Reports with 70 percent proficiency

• Draft DRF and onsite test plans

Basic Qualifications:

A FIPS Security Engineer shall meet the following requirements:

• Minimum Bachelor of Science in Computer Science, Computer Engineering, or related technical discipline, or equivalent experience.

• Meets the IAT Level I position requirements as defined in DoD 8570.01-M, to include at least one of the following certifications: GISF, GSLC, Security +, or equivalent industry experience

• At least 2 years working at a CST validation laboratory or demonstrate proficient knowledge in the subject area.

• Possess sound knowledge of IT security concepts and familiarity with the CST technical procedures and the validation methodologies employed by the CST.

Preferred Qualifications:

• CVP certification is not required for this role, however, it is highly recommended and should be pursued to enhance skills and career development within the field.

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits.

Securing Your Data

Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com.

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.