Senior FIPS Evaluator - Lightship Security : Job Details

Highlights of the Job

Introduction

Lightship Security is a market leader in standards-based IT product security certification. We work with leading edge technology vendors from around the world to evaluate and test their products against various cyber security standards such as Common Criteria and FIPS 140. We are committed to creating real world value through continued innovation in this field.

We're looking for a Senior FIPS Tester to join our growing team. Someone confident who can lead all aspects of FIPS 140 validation projects from end-to-end, which involve a variety of technologies including both hardware and software, and who enjoys interfacing with customers to provide them with sound technical consulting, and support during the validation process. Also, someone who shares true dedication to our core values: we solve problems for our clients, we work hard with integrity, we are technical experts, we value family, and we have fun.

Sound good? Here's a little more about the job:

While this position is listed for our Baltimore, MD office, we also welcome applications from candidates based in Ottawa, Canada.

Key Responsibilities

• Manage FIPS projects review, prioritization, and task delegation to associate testers
• Support and mentor associate and intermediate testers on project tasks and training
• Review and respond to client emails, offer project updates, perform status calls
• Submit validation packages to the CMVP
• Perform Technical QA
• Provide test results and draft reports to the Lab Manager in accordance with the project schedule
• Check for and resolve updates from the CMVP e.g., project coordination, updates, issues
• Focus on multiple FIPS project items including task development and quality assurance
• Review various aspects of FIPS standards, implementation guidance or test assertions
• Review industry highlights including upcoming FIPS transitions
• Create and/or review FIPS blogs for company website posting
• Ensure delivery of projects are on time and within budget
• Demonstrate and promote Lightship Core Values within the organization

The Ideal Candidate

To excel at Lightship, you have a solid foundation of cryptographic algorithms, digital signatures, cryptographic hashing, and random number generators. You lead projects in review, consultation, and assessment of products against FIPS 140. You are a champion at discerning the cryptographic boundary for a variety of software, hardware, and hybrid modules.

What You Bring

Education and Experience

• University degree in Engineering or Computer Science; or College diploma in a technical field
• Minimum of three (3) years of IT security-related certification program experience
• CVP certification preferred

Soft Skills

• A proven ability to work well in a team
• Creative and critical thinking skills
• Excellent oral and written communication skills
• Strong problem solving skills
• Strong multitasking and time management

Technical Skills

• Knowledge of FIPS 140-2/FIPS 140-3 requirements, Common Criteria, and other related standards
• Knowledge of cryptographic encryption algorithms, key exchange algorithms, hashing/message authentication algorithms, PKI, random number generators, etc.

• Experience with various programming languages (C, C++, Python or Java) and development environments
• Ability to comprehend security standard requirements and apply them to products
• Knowledge of common security related protocols and their design (i.e. SSH, IPsec, TLS, etc.)
• Experience building testing environments, performing testing and reporting results (technical writing)

Requirements

• Must beable andwilling to travel internationally