Enable job alerts via email!

Security/Certification Engineer - FIPS/CC (Mobile Devices)

ZipRecruiter

Mountain View (CA)

On-site

USD 150,000 - 200,000

Full time

30+ days ago

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

An innovative high-tech SaaS company is seeking a Security/Certification Engineer to ensure compliance with FIPS and Common Criteria standards for mobile devices. In this hybrid role, you will leverage your expertise in security evaluations, working collaboratively with engineering teams to develop security targets, conduct vulnerability analyses, and draft necessary documentation for certification. This position offers a unique opportunity to contribute to the security of cutting-edge products while thriving in a dynamic environment. If you are detail-oriented and passionate about cybersecurity, this role is perfect for you.

Qualifications

  • 5+ years of experience in Common Criteria evaluations and FIPS validation.
  • Bachelor's Degree in a relevant field; Master's preferred.

Responsibilities

  • Develop security targets and assist with testing and documentation.
  • Perform vulnerability analysis and develop mitigation strategies.

Skills

Common Criteria evaluations
FIPS validation
Technical writing
Vulnerability analysis
Communication skills
Analytical skills
Organization skills

Education

Bachelor's Degree in Electrical Engineering
Master's Degree (preferred)

Tools

Nessus
NMAP
Wireshark

Job description

FocusKPI is looking for a Security/Certification Engineer - FIPS/CC (Mobile Devices) to join one of our clients, a high-tech SaaS company.

The client team is looking for an individual with experience in the common criteria evaluations of IT products and who has experience with FIPS validation of cryptographic modules (FIPS 140-3). This person will be responsible for the end-to-end validation of the products, performing initial assessments of the security functions and specifications; consulting with various teams in the development of the process, design, and documentation required for the standard criteria evaluations of their Mobile Device products and the FIPS 140-2/3 accreditation of our cryptographic modules.

Work Location: Mountain View, CA
Duration: 12-month contract; hybrid role (on-site 3 days a week)
Pay Range: $75/hr to $86/hr

Responsibilities:

  • Develop the security target for their products, assist with the testing and documentation, and work with the necessary engineering teams during the evaluation.
  • Develop plans and procedures using applicable security controls, including NIAP Protection Profiles (MDFPP, VPN, WLAN, Biometric enrollment, and verification); assist with the CAVP algorithm testing; draft and review the security policies for their cryptographic modules according to the FIPS 140-3 specifications; possess information around the DCID 6/3, DoD 8500, or NIST SP 800-53.
  • Assist in the development and review of all test reports and required certification documentation for all the Common Criteria evaluations and FIPS 140-2/3 accreditation.
  • Experience building testing environments, performing testing, and reporting results (technical writing) for all of the standard criteria and FIPS evaluations.
  • Develop mitigation strategies to address vulnerabilities uncovered during security testing, and assist with completing all the required documentation to meet the specifications and certification requirements, as required.
  • Perform vulnerability analysis of product or system designs against applicable security criteria using standard tools, including Nessus, NMAP, and Wireshark.
  • Project POC with the Internal/External audience when required.

Qualifications:

  • 5+ years of technical experience in Common Criteria evaluations, NIAP-managed Common Criteria Evaluation and Validation Scheme (CCEVS or Scheme) of any product in the US scheme. Knowledge of mobile devices and Software is highly desirable.
  • Bachelor's Degree in Electrical Engineering, Computer/Information Science, Information Assurance/Cybersecurity, or equivalent degree (Master's Degree preferred).
  • Knowledge of standard security-related protocols and their design (i.e., SSH, IPsec, TLS, etc.).
  • Be highly proficient in FIPS 186-4/5, SP 800-186, SP800-90B, and the FIPS 140-3 requirements and have knowledge around the cryptographic encryption algorithms, key exchange algorithms, hashing/message authentication algorithms, PKI, and random number generators.
  • Self-motivated individual with the ability to thrive in a team-based or independent environment.
  • Detail-oriented with strong organization skills.
  • Ability to work in a fast-paced environment.
  • Limited supervision and the exercise of discretion.
  • Ability to comprehend security standard requirements and specifications and apply them to products.
  • Excellent communication (written/verbal) skills and analytical skills.

Thank you!

FocusKPI Hiring Team

Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.

Similar jobs

Security Certification Engineer, FIPS/CC - Mobile Devices

Samsung Electronics America

Mountain View

Remote

USD 158,000 - 219,000

2 days ago
Be an early applicant

Security/Certification Engineer - FIPS/CC (Mobile Devices)

Wal-Mart

Mountain View

Remote

USD 150,000 - 200,000

2 days ago
Be an early applicant

Security/Certification Engineer - FIPS/CC (Mobile Devices)

WorldLink, Inc.

Mountain View

On-site

USD 150,000 - 200,000

30+ days ago