ZipRecruiter

Log In

1

Fips Certification Jobs (NOW HIRING)

Lightship Security, Inc.

Senior FIPS Evaluator

Baltimore, MD ยท On-site

$100K - $130K/yr

... security certification. We work with leading edge technology vendors from around the world to ... We're looking for a Senior FIPS Tester to join our growing team. Someone confident who can lead all ...

Lightship Security

Senior FIPS Evaluator

Baltimore, MD

$98K - $128K/yr

... security certification. We work with leading edge technology vendors from around the world to ... We're looking for a Senior FIPS Tester to join our growing team. Someone confident who can lead all ...

Lightship Security

Senior FIPS Evaluator

Baltimore, MD ยท On-site

... security certification. We work with leading edge technology vendors from around the world to ... Were looking for a Senior FIPS Tester to join our growing team. Someone confident who can lead all ...

Accenture

IT FIPS Compliance Lead

Arlington, VA ยท On-site

$98K - $184K/yr

... certifications, industry training and more. Join us to drive positive, lasting change that moves missions and the government forward! FIPS Compliance Lead responsible for ensuring that all security ...

Micron

Principal Engineer, Firmware

Longmont, CO

$199K - $275K/yr

Architecture and design, Threat modeling and analysis, Implementation, Validation and vulnerability testing, FIPS Certification and security audit readiness. Develop, debug, optimize, and validate ...

Micron

Principal Engineer, Firmware Security

Folsom, CA

$161K - $318K/yr

Drive the Security Development Lifecycle including architecture, threat modeling, security code review, fuzz testing, vulnerability testing, FIPS certification support, and OCP S.A.F.E. compliance

Micron Technology

Principal Engineer, Firmware

Longmont, CO ยท On-site

$199K - $275K/yr

Architecture and design, Threat modeling and analysis, Implementation, Validation and vulnerability testing, FIPS Certification and security audit readiness. Develop, debug, optimize, and validate ...

Micron

Principal Engineer, Firmware Security

San Jose, CA ยท On-site

$187K - $318K/yr

Drive the Security Development Lifecycle including architecture, threat modeling, security code review, fuzz testing, vulnerability testing, FIPS certification support, and OCP S.A.F.E. compliance

LanceSoft

Engineer III

Oakland, CA ยท Remote

... certification documentation for all the Common Criteria evaluations and FIPS 140-2/3 accreditation. * Experience building testing environments, performing testing and reporting results (technical ...

next page

Showing results 1-20

People also search for

All JobsFips Certification Jobs

Fips Certification information

What is FIPS certification?

FIPS certification refers to compliance with the Federal Information Processing Standards (FIPS), which are publicly announced standards developed by the United States federal government for use in computer systems by non-military government agencies and contractors. FIPS certification is primarily required for cryptographic modules and algorithms to ensure they meet specific security requirements. Companies seeking to work with federal agencies often need FIPS 140-2 or FIPS 140-3 certification for their products, demonstrating that their encryption technologies are secure and reliable. The certification process involves rigorous testing by accredited labs and approval by the National Institute of Standards and Technology (NIST).

What does it mean to be FIPS certified?

FIPS certification indicates that a product or system complies with the Federal Information Processing Standards, specifically FIPS 140-2 or FIPS 140-3, which define security requirements for cryptographic modules. For jobs related to FIPS certification, such as security analysts or engineers, it involves understanding cryptographic standards and ensuring that systems meet these federal security guidelines.

What are some typical challenges faced during the FIPS Certification process, and how can they be managed?

Professionals involved in FIPS Certification often encounter challenges such as navigating complex regulatory requirements, maintaining thorough documentation, and ensuring every component complies with cryptographic standards. The process can also require close coordination with testing labs and government agencies, which may introduce unforeseen delays. To manage these challenges effectively, staying up-to-date with current FIPS standards, maintaining open communication with all stakeholders, and adopting a proactive approach to documentation and testing are essential. Collaborating closely with engineering, compliance, and quality assurance teams can help streamline the process and resolve issues promptly.

What is the difference between Fips Certification vs Data Security Analyst?

AspectFips CertificationData Security Analyst
Required CredentialsFIPS standards, compliance certificationsSecurity certifications (CISSP, CISA), technical skills
Work EnvironmentIT, government, compliance-focusedIT, cybersecurity teams, corporate environments
Industry UsageFederal agencies, regulated industriesPrivate sector, finance, healthcare

Fips Certification focuses on ensuring products meet federal security standards, primarily for compliance. Data Security Analysts implement and monitor security measures within organizations. While Fips Certification is about product compliance, Data Security Analysts work on protecting data assets. Both roles are essential in cybersecurity but serve different functions within the industry.

What are the key skills and qualifications needed to thrive as a FIPS Certification Specialist, and why are they important?

To thrive as a FIPS Certification Specialist, you need a solid understanding of information security principles, cryptographic standards, and regulatory compliance, typically supported by a relevant degree and experience in cybersecurity or IT. Familiarity with NIST FIPS 140-2/140-3 requirements, cryptographic modules, and certification management systems is essential, along with knowledge of validation processes and tools. Strong analytical skills, attention to detail, and effective communication are vital for interpreting complex standards and collaborating with vendors and government agencies. These skills ensure accurate certification, regulatory compliance, and secure technology implementations within highly regulated environments.
What cities are hiring for Fips Certification jobs? Cities with the most Fips Certification job openings:
What states have the most Fips Certification jobs? States with the most job openings for Fips Certification jobs include:
What job categories do people searching Fips Certification jobs look for? The top searched job categories for Fips Certification jobs are:
Fips Certification jobs near you
Security/Certification Engineer - FIPS/CC (Mobile Devices)

Security/Certification Engineer - FIPS/CC (Mobile Devices)

Infomatics corp

Mountain View, CA โ€ข On-site

Other

Posted 27 days ago

Job description

Location : Mountain View, California

WHO we're looking for:

We are looking for an individual who has experience in the common criteria evaluations of IT products and who has experience with FIPS validation of cryptographic modules ( FIPS 140-3) . They will be responsible for the end-end validation of the products ( performing initial assessment of the security functions and specifications; consult with various teams in the development of the process, design, and documentation required for the common criteria evaluations of our Mobile Device products and the FIPS 140-2/3 accreditation of our cryptographic modules.

Role and Responsibilities:

  • Develop the security target for our products, assist with the testing,documentation and working with the necessary engineering teams during the evaluation.
  • Develop plans and procedures using applicable security controls, including NIAP Protection Profiles (MDFPP, VPN, WLAN, Biometric enrollment, and verification), assist with the CAVP algorithm testing ,drafting and review of the security policies for our cryptographic modules according to the FIPS 140-3 specifications, possess information around the DCID 6/3, DoD 8500, or NIST SP 800-53.
  • Assist in the development and review of all test reports and required certification documentation for all the Common Criteria evaluations and FIPS 140-2/3 accreditation.
  • Experience building testing environments, performing testing and reporting results (technical writing) for all of the common criteria and FIPS evaluations.
  • Develop mitigation strategies to address vulnerabilities uncovered during security testing; and assist with completing all the required documentation to meet the specifications and certification requirements, as required.
  • Perform vulnerability analysis of product or system designs against applicable security criteria using common tools, including Nessus, NMAP, and Wireshark.
  • Project POC with Internal/External audience when required.
Skills:
  • Self-motivated individual with the ability to thrive in a team-based or independent environment.
  • Detail-oriented with strong organization skills.
  • Ability to work in a fast-paced environment.
  • Limited supervision and the exercise of discretion.
  • Ability to comprehend security standard requirements and specifications and apply them to products.
  • Excellent communication (written/verbal) skills and analytical skills.

Required Experience and Education:

  • 5+ years of technical experience in Common Criteria evaluations NIAP-managed Common Criteria Evaluation and Validation Scheme (CCEVS or Scheme) of any product in the US scheme . Mobile device and Software knowledge highly preferred.
  • Bachelor's Degree in Electrical Engineering, Computer/Information Science, Information Assurance/Cybersecurity, or equivalent degree (Master's Degree preferred).
  • Knowledge of common security related protocols and their design (i.e., SSH, IPsec, TLS, etc.)
  • Be highly proficient in FIPS 186-4/5, SP 800-186, SP800-90B and the FIPS 140-3 requirements and have knowledge around the cryptographic encryption algorithms, key exchange algorithms, hashing/message authentication algorithms, PKI, random number generators .