FIPS 140 Security Engineer

We are seeking a motivated and detail-oriented FIPS 140 Security Engineer to join a growing cybersecurity and accredited testing team supporting national defense and secure communications initiatives. This role offers the opportunity to work hands-on with advanced security technologies, cryptographic validation projects, and Commercial Off-The-Shelf (COTS) products used in highly secure environments.The ideal candidate will have experience in cryptographic technologies, security testing, vulnerability analysis, and technical reporting, along with strong troubleshooting and scripting capabilities.Key ResponsibilitiesPerform FIPS 140 validation and security testing activities.Conduct security architecture reviews and product design analysis.Execute vulnerability assessments and physical security testing.Perform system-level logical analysis and technology-type evaluations.Validate cryptographic algorithms, PKI implementations, and random number generators.Review source code and support secure software assessments.Create, maintain, and review technical documentation and test reports.Develop scripts and automation tools to support security testing processes.Build and maintain test environments and lab configurations.Collaborate with cross-functional engineering and cybersecurity teams.Required QualificationsBachelor’s degree in Computer Science, Cybersecurity, Information Security, or related field.2–4 years of relevant cybersecurity or security engineering experience.Strong understanding of:Cryptographic algorithms and protocolsPKI and certificate validationTLS, SSH, IPsec, and related security protocolsExperience with one or more programming languages:PythonC/C++JavaFamiliarity with networking concepts including routing and subnetting.Experience performing testing, troubleshooting, and technical reporting.Strong analytical, multitasking, and problem-solving skills.Excellent written and verbal communication skills.Preferred QualificationsCryptographic Validation Program (CVP) certification or related knowledge.Experience with:OpenSSL / OpenPGPPenetration testing or vulnerability analysisLinux and Active DirectoryDebugging tools such as adb, WinDBG, or Visual StudioStatistical analysis of entropy sourcesKnowledge of X.509 certificate validation.Exposure to hardware testing tools such as oscilloscopes and signal generators.Industry certifications such as:CCNA / CCNP / CCIEJNCIA / JNCIS / JNCIP / JNCIE