... required certification documentation for all the Common Criteria evaluations and FIPS 140-2/3 ... Perform vulnerability analysis of product or system designs against applicable security criteria ...
Quick apply
... required certification documentation for all the Common Criteria evaluations and FIPS 140-2/3 ... Perform vulnerability analysis of product or system designs against applicable security criteria ...
IT FIPS Compliance Lead
Arlington, VA · On-site
$98K - $184K/yr
... certifications, industry training and more. Join us to drive positive, lasting change that moves ... A solid understanding of risk management principles and the ability to analyze and interpret ...
IT FIPS Compliance Lead
Arlington, VA · On-site
$98K - $184K/yr
... certifications, industry training and more. Join us to drive positive, lasting change that moves ... A solid understanding of risk management principles and the ability to analyze and interpret ...
IT FIPS Compliance Lead
$98K - $184K/yr
... certifications, industry training and more. Join us to drive positive, lasting change that moves ... A solid understanding of risk management principles and the ability to analyze and interpret ...
IT FIPS Compliance Lead
$98K - $184K/yr
... certifications, industry training and more. Join us to drive positive, lasting change that moves ... A solid understanding of risk management principles and the ability to analyze and interpret ...
Security Analyst
Philadelphia, PA · On-site
Experience and/or familiarity with Certification and Accreditation (C&A). Experience and/or ... FIPS 190 , FedRAMP, Federal Information Security Management Act (FISMA) and other tools using ...
Security Analyst
Philadelphia, PA · On-site
Experience and/or familiarity with Certification and Accreditation (C&A). Experience and/or ... FIPS 190 , FedRAMP, Federal Information Security Management Act (FISMA) and other tools using ...
Principal Engineer, Firmware
Longmont, CO · On-site
$199K - $275K/yr
Architecture and design, Threat modeling and analysis, Implementation, Validation and vulnerability testing, FIPS Certification and security audit readiness. Develop, debug, optimize, and validate ...
Principal Engineer, Firmware
Longmont, CO · On-site
$199K - $275K/yr
Architecture and design, Threat modeling and analysis, Implementation, Validation and vulnerability testing, FIPS Certification and security audit readiness. Develop, debug, optimize, and validate ...
Principal Engineer, Firmware
Longmont, CO · On-site
$199K - $275K/yr
Architecture and design, Threat modeling and analysis, Implementation, Validation and vulnerability testing, FIPS Certification and security audit readiness. Develop, debug, optimize, and validate ...
Principal Engineer, Firmware
Longmont, CO · On-site
$199K - $275K/yr
Architecture and design, Threat modeling and analysis, Implementation, Validation and vulnerability testing, FIPS Certification and security audit readiness. Develop, debug, optimize, and validate ...
Principal Engineer, Firmware Security
San Jose, CA · On-site
$161K - $318K/yr
... analyzers * Drive the Security Development Lifecycle including architecture, threat modeling, security code review, fuzz testing, vulnerability testing, FIPS certification support, and OCP S.A.F.E ...
Principal Engineer, Firmware Security
San Jose, CA · On-site
$161K - $318K/yr
... analyzers * Drive the Security Development Lifecycle including architecture, threat modeling, security code review, fuzz testing, vulnerability testing, FIPS certification support, and OCP S.A.F.E ...
Principal Engineer, Firmware Security
San Jose, CA · On-site
$161K - $318K/yr
... analyzers * Drive the Security Development Lifecycle including architecture, threat modeling, security code review, fuzz testing, vulnerability testing, FIPS certification support, and OCP S.A.F.E ...
Principal Engineer, Firmware Security
San Jose, CA · On-site
$161K - $318K/yr
... analyzers * Drive the Security Development Lifecycle including architecture, threat modeling, security code review, fuzz testing, vulnerability testing, FIPS certification support, and OCP S.A.F.E ...
Principal Engineer, Firmware Security
Longmont, CO · On-site
$161K - $318K/yr
... analyzers * Drive the Security Development Lifecycle including architecture, threat modeling, security code review, fuzz testing, vulnerability testing, FIPS certification support, and OCP S.A.F.E ...
Principal Engineer, Firmware Security
Longmont, CO · On-site
$161K - $318K/yr
... analyzers * Drive the Security Development Lifecycle including architecture, threat modeling, security code review, fuzz testing, vulnerability testing, FIPS certification support, and OCP S.A.F.E ...
Principal Engineer, Firmware Security
$161K - $318K/yr
... analyzers * Drive the Security Development Lifecycle including architecture, threat modeling, security code review, fuzz testing, vulnerability testing, FIPS certification support, and OCP S.A.F.E ...
Principal Engineer, Firmware Security
$161K - $318K/yr
... analyzers * Drive the Security Development Lifecycle including architecture, threat modeling, security code review, fuzz testing, vulnerability testing, FIPS certification support, and OCP S.A.F.E ...
CAP, CISSP, CISM, CISA, SANS GIAC, Security+, Network+, Linux+, MCSE, CCNA or SSCP certifications ... Working knowledge and understanding of OMB, FISMA, FIPS, HIPPA and other federal regulations and ...
CAP, CISSP, CISM, CISA, SANS GIAC, Security+, Network+, Linux+, MCSE, CCNA or SSCP certifications ... Working knowledge and understanding of OMB, FISMA, FIPS, HIPPA and other federal regulations and ...
... with FIPS 199 and NIST RMF guidelines • Coordinate with technical teams to gather security ... Certification and Accreditation Process (DITSCAP) or DoD Information Assurance policy 8500.1 and ...
... with FIPS 199 and NIST RMF guidelines • Coordinate with technical teams to gather security ... Certification and Accreditation Process (DITSCAP) or DoD Information Assurance policy 8500.1 and ...
IAM Level II Certification (CISSP, CASP, CISM, GSLC, or CCIS) * Must possess and maintain a Top ... FIPS 199, FIPS 200, NIST 800-53, and other applicable policies. Preferred Qualifications: * The ...
IAM Level II Certification (CISSP, CASP, CISM, GSLC, or CCIS) * Must possess and maintain a Top ... FIPS 199, FIPS 200, NIST 800-53, and other applicable policies. Preferred Qualifications: * The ...
IAM Level II Certification (CISSP, CASP, CISM, GSLC, or CCIS) * Must possess and maintain a Top ... FIPS 199, FIPS 200, NIST 800-53, and other applicable policies. Preferred Qualifications: * The ...
IAM Level II Certification (CISSP, CASP, CISM, GSLC, or CCIS) * Must possess and maintain a Top ... FIPS 199, FIPS 200, NIST 800-53, and other applicable policies. Preferred Qualifications: * The ...
... FIPS 140-2 validated, as well as SOC 2 and ISO 27001 certified. Keeper deploys in minutes, not ... About the Role As a Senior Tableau Analyst, you will design and optimize Tableau dashboards ...
... FIPS 140-2 validated, as well as SOC 2 and ISO 27001 certified. Keeper deploys in minutes, not ... About the Role As a Senior Tableau Analyst, you will design and optimize Tableau dashboards ...
Software Security Analyst
San Diego, CA · Hybrid
FIPS 140 compliance. * NIST STIG compliance. * Develop relationships with team members built on ... At least one certification: CompTIA Security+, CISSP, OSCP, or SANS/GIAC. To be considered for this ...
Quick apply
Software Security Analyst
San Diego, CA · Hybrid
FIPS 140 compliance. * NIST STIG compliance. * Develop relationships with team members built on ... At least one certification: CompTIA Security+, CISSP, OSCP, or SANS/GIAC. To be considered for this ...
SDA Analyst
Alexandria, VA · On-site
DoD 8570 IAM/IAT Level II certification required before start. * Extensive experience in ... Proficiency with the Risk Management Framework and knowledge of NIST SP 800-37, CNSSI 1253, FIPS ...
SDA Analyst
Alexandria, VA · On-site
DoD 8570 IAM/IAT Level II certification required before start. * Extensive experience in ... Proficiency with the Risk Management Framework and knowledge of NIST SP 800-37, CNSSI 1253, FIPS ...
Software Security Analyst
San Diego, CA · Hybrid
FIPS 140 compliance. * NIST STIG compliance. * Develop relationships with team members built on ... At least one certification: CompTIA Security+, CISSP, OSCP, or SANS/GIAC. To be considered for this ...
Software Security Analyst
San Diego, CA · Hybrid
FIPS 140 compliance. * NIST STIG compliance. * Develop relationships with team members built on ... At least one certification: CompTIA Security+, CISSP, OSCP, or SANS/GIAC. To be considered for this ...
... FIPS 140-3 certification milestones, compliance timelines, and broader security objectives Risk Management & Account Health * Proactively identify at-risk accounts through analysis of engagement ...
Quick apply
... FIPS 140-3 certification milestones, compliance timelines, and broader security objectives Risk Management & Account Health * Proactively identify at-risk accounts through analysis of engagement ...
Software Security Analyst
San Diego, CA · On-site
FIPS 140 compliance. * NIST STIG compliance. * Develop relationships with team members built on ... At least one certification: CompTIA Security+, CISSP, OSCP, or SANS/GIAC. To be considered for this ...
Software Security Analyst
San Diego, CA · On-site
FIPS 140 compliance. * NIST STIG compliance. * Develop relationships with team members built on ... At least one certification: CompTIA Security+, CISSP, OSCP, or SANS/GIAC. To be considered for this ...
Fips Certification Analyst information
See salary details
$16.83 - $19.69
2% of jobs
$19.69 - $22.55
9% of jobs
$22.55 - $25.42
13% of jobs
$25.53 is the 25th percentile. Wages below this are outliers.
$25.42 - $28.28
20% of jobs
The median wage is $29.40 / hr.
$28.28 - $31.14
15% of jobs
$31.14 - $34
15% of jobs
$34.45 is the 75th percentile. Wages above this are outliers.
$34 - $36.87
8% of jobs
$36.87 - $39.73
5% of jobs
$39.73 - $42.59
4% of jobs
$42.59 - $45.45
3% of jobs
$45.45 - $48.32
5% of jobs
$16
$31
$48
How much do fips certification analyst jobs pay per hour?
As of Jun 8, 2026, the average hourly pay for fips certification analyst in the United States is $31.53, according to ZipRecruiter salary data. Most workers in this role earn between $25.24 and $35.82 per hour, depending on experience, location, and employer.
What are some common challenges faced by FIPS Certification Analysts during the certification process?
FIPS Certification Analysts often encounter challenges such as keeping up with evolving cryptographic standards, coordinating documentation with engineering teams, and managing tight project timelines. Navigating complex technical requirements from NIST and ensuring all security modules meet rigorous testing standards can be demanding. Effective communication and organizational skills are essential, as analysts frequently collaborate with multiple stakeholders, including developers, testers, and external auditors, to ensure compliance and resolve issues promptly.
What are the key skills and qualifications needed to thrive as a FIPS Certification Analyst, and why are they important?
To thrive as a FIPS Certification Analyst, you need a solid understanding of cryptographic standards, information security, and regulatory compliance, often supported by a degree in computer science or cybersecurity. Familiarity with NIST standards, FIPS 140-2/140-3 validation processes, and related tools like Cryptographic Module Validation Program (CMVP) documentation systems is crucial. Strong analytical skills, attention to detail, and effective written communication set top analysts apart when preparing certification documentation and liaising with stakeholders. These competencies are essential to ensure secure, compliant cryptographic implementations and successful certification outcomes.
What are FIPS Certification Analysts?
FIPS Certification Analysts are professionals who specialize in ensuring that products, systems, or processes comply with the Federal Information Processing Standards (FIPS), which are U.S. government standards for data security and interoperability. They support organizations in preparing for FIPS certification by interpreting technical requirements, testing cryptographic modules, and coordinating with certification bodies. Their work helps organizations meet regulatory requirements for handling sensitive government data, especially in industries such as IT, cybersecurity, and defense.
What is the difference between Fips Certification Analyst vs Fips Compliance Specialist?
| Aspect | Fips Certification Analyst | Fips Compliance Specialist |
|---|---|---|
| Required Credentials | Certifications in cybersecurity, compliance, or related fields; knowledge of FIPS standards | Certifications in compliance, security, or auditing; familiarity with FIPS requirements |
| Work Environment | Typically in IT, cybersecurity, or government agencies; focus on certification processes | Often in compliance departments; focus on regulatory adherence and audits |
| Employer & Industry Usage | Used by government agencies, tech firms, and security organizations | Common in regulated industries like finance, healthcare, and government |
The Fips Certification Analyst primarily focuses on obtaining and maintaining FIPS certifications, ensuring products meet federal standards. In contrast, the Fips Compliance Specialist concentrates on ongoing compliance and regulatory adherence related to FIPS standards. Both roles require similar certifications and work environments but differ in their core responsibilities—certification versus compliance management.
More about Fips Certification Analyst jobs
What cities are hiring for Fips Certification Analyst jobs? Cities with the most Fips Certification Analyst job openings:
What are the most commonly searched types of Fips Certification Analyst jobs? The most popular types of Fips Certification Analyst jobs are:
What states have the most Fips Certification Analyst jobs? States with the most job openings for Fips Certification Analyst jobs include:
What job categories do people searching Fips Certification Analyst jobs look for? The top searched job categories for Fips Certification Analyst jobs are:
Security/Certification Engineer - FIPS/CC (Mobile Devices)
Infomatics corpMountain View, CA • On-site
Other
Posted 28 days ago
Job description
Location : Mountain View, California
WHO we're looking for:
We are looking for an individual who has experience in the common criteria evaluations of IT products and who has experience with FIPS validation of cryptographic modules ( FIPS 140-3) . They will be responsible for the end-end validation of the products ( performing initial assessment of the security functions and specifications; consult with various teams in the development of the process, design, and documentation required for the common criteria evaluations of our Mobile Device products and the FIPS 140-2/3 accreditation of our cryptographic modules.
Role and Responsibilities:
- Develop the security target for our products, assist with the testing,documentation and working with the necessary engineering teams during the evaluation.
- Develop plans and procedures using applicable security controls, including NIAP Protection Profiles (MDFPP, VPN, WLAN, Biometric enrollment, and verification), assist with the CAVP algorithm testing ,drafting and review of the security policies for our cryptographic modules according to the FIPS 140-3 specifications, possess information around the DCID 6/3, DoD 8500, or NIST SP 800-53.
- Assist in the development and review of all test reports and required certification documentation for all the Common Criteria evaluations and FIPS 140-2/3 accreditation.
- Experience building testing environments, performing testing and reporting results (technical writing) for all of the common criteria and FIPS evaluations.
- Develop mitigation strategies to address vulnerabilities uncovered during security testing; and assist with completing all the required documentation to meet the specifications and certification requirements, as required.
- Perform vulnerability analysis of product or system designs against applicable security criteria using common tools, including Nessus, NMAP, and Wireshark.
- Project POC with Internal/External audience when required.
Skills:
- Self-motivated individual with the ability to thrive in a team-based or independent environment.
- Detail-oriented with strong organization skills.
- Ability to work in a fast-paced environment.
- Limited supervision and the exercise of discretion.
- Ability to comprehend security standard requirements and specifications and apply them to products.
- Excellent communication (written/verbal) skills and analytical skills.
Required Experience and Education:
- 5+ years of technical experience in Common Criteria evaluations NIAP-managed Common Criteria Evaluation and Validation Scheme (CCEVS or Scheme) of any product in the US scheme . Mobile device and Software knowledge highly preferred.
- Bachelor's Degree in Electrical Engineering, Computer/Information Science, Information Assurance/Cybersecurity, or equivalent degree (Master's Degree preferred).
- Knowledge of common security related protocols and their design (i.e., SSH, IPsec, TLS, etc.)
- Be highly proficient in FIPS 186-4/5, SP 800-186, SP800-90B and the FIPS 140-3 requirements and have knowledge around the cryptographic encryption algorithms, key exchange algorithms, hashing/message authentication algorithms, PKI, random number generators .