Principal Compliance Engineer
Denver, CO · On-site
... FIPS 140-2/FIPS 140-3, TLS 1.2+, and data-at-rest protections for regulated data. • Embed ... certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs (e.g ...
Principal Compliance Engineer
Denver, CO · On-site
... FIPS 140-2/FIPS 140-3, TLS 1.2+, and data-at-rest protections for regulated data. • Embed ... certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs (e.g ...
... FIPS 140-2/FIPS 140-3, TLS 1.2+, and data-at-rest protections for regulated data. • Embed ... certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs (e.g ...
... FIPS 140-2/FIPS 140-3, TLS 1.2+, and data-at-rest protections for regulated data. • Embed ... certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs (e.g ...
... Privacy Act, FIPS 200, NIST publications (specifically the NIST 800 Series), and DOC/NOAA ... EC-C Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), GIAC Systems and ...
... Privacy Act, FIPS 200, NIST publications (specifically the NIST 800 Series), and DOC/NOAA ... EC-C Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), GIAC Systems and ...
... FIPS 140-2/FIPS 140-3, TLS 1.2+, and data-at-rest protections for regulated data. • Embed ... certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs (e.g ...
... FIPS 140-2/FIPS 140-3, TLS 1.2+, and data-at-rest protections for regulated data. • Embed ... certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs (e.g ...
Principal Compliance Engineer
Denver, CO · On-site
... FIPS 140-2/FIPS 140-3, TLS 1.2+, and data-at-rest protections for regulated data. • Embed ... certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs (e.g ...
Principal Compliance Engineer
Denver, CO · On-site
... FIPS 140-2/FIPS 140-3, TLS 1.2+, and data-at-rest protections for regulated data. • Embed ... certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs (e.g ...
... FIPS 140-2/FIPS 140-3, TLS 1.2+, and data-at-rest protections for regulated data. • Embed ... certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs (e.g ...
... FIPS 140-2/FIPS 140-3, TLS 1.2+, and data-at-rest protections for regulated data. • Embed ... certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs (e.g ...
... FIPS 140-2/FIPS 140-3, TLS 1.2+, and data-at-rest protections for regulated data. • Embed ... certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs (e.g ...
... FIPS 140-2/FIPS 140-3, TLS 1.2+, and data-at-rest protections for regulated data. • Embed ... certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs (e.g ...
... FIPS 140-2/FIPS 140-3, TLS 1.2+, and data-at-rest protections for regulated data. • Embed ... certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs (e.g ...
... FIPS 140-2/FIPS 140-3, TLS 1.2+, and data-at-rest protections for regulated data. • Embed ... certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs (e.g ...
Information System Security Officer (ISSO), Senior (On-Prem & Cl with Security Clearance
Chantilly, VA · Hybrid
$165K - $195K/yr
Maintain ICD 503 and FIPS 199 security artifacts supporting system authorization. * Develop, update ... DoD 8570/8140 IAM Level III certification ( e.g., CISSP, CISM, or CCSP ) * Experience managing ATO ...
Information System Security Officer (ISSO), Senior (On-Prem & Cl with Security Clearance
Chantilly, VA · Hybrid
$165K - $195K/yr
Maintain ICD 503 and FIPS 199 security artifacts supporting system authorization. * Develop, update ... DoD 8570/8140 IAM Level III certification ( e.g., CISSP, CISM, or CCSP ) * Experience managing ATO ...
Project manager- FISMA assesment
$101K - $120K/yr
Experience actively working with the NIST 800 Series Must have experience working with FIPS 200 ... Must hold and maintain in good standings Project Management certification (i.e., Project Management ...
Project manager- FISMA assesment
$101K - $120K/yr
Experience actively working with the NIST 800 Series Must have experience working with FIPS 200 ... Must hold and maintain in good standings Project Management certification (i.e., Project Management ...
Security Analyst
Philadelphia, PA · On-site
Experience and/or familiarity with Certification and Accreditation (C&A). Experience and/or ... FIPS 190 , FedRAMP, Federal Information Security Management Act (FISMA) and other tools using ...
Security Analyst
Philadelphia, PA · On-site
Experience and/or familiarity with Certification and Accreditation (C&A). Experience and/or ... FIPS 190 , FedRAMP, Federal Information Security Management Act (FISMA) and other tools using ...
Information System Security Officer (ISSO), Senior (On-Prem & Cloud)
Chantilly, VA · On-site
$165K - $195K/yr
Maintain ICD 503 and FIPS 199 security artifacts supporting system authorization. * Develop, update ... DoD 8570/8140 IAM Level III certification (e.g., CISSP, CISM, or CCSP) * Experience managing ATO ...
Information System Security Officer (ISSO), Senior (On-Prem & Cloud)
Chantilly, VA · On-site
$165K - $195K/yr
Maintain ICD 503 and FIPS 199 security artifacts supporting system authorization. * Develop, update ... DoD 8570/8140 IAM Level III certification (e.g., CISSP, CISM, or CCSP) * Experience managing ATO ...
... Privacy Act, FIPS 200, NIST publications (specifically the NIST 800 Series), and DOC/NOAA ... EC-C Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), GIAC Systems and ...
... Privacy Act, FIPS 200, NIST publications (specifically the NIST 800 Series), and DOC/NOAA ... EC-C Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), GIAC Systems and ...
$92K - $158K/yr
Ensure firmware complies with security protocols and certifications such as MIL-STD, FIPS, or FCC. Qualifications What We're Looking For Experience: * 5+ years of experience in firmware or electrical ...
$92K - $158K/yr
Ensure firmware complies with security protocols and certifications such as MIL-STD, FIPS, or FCC. Qualifications What We're Looking For Experience: * 5+ years of experience in firmware or electrical ...
Ensure firmware complies with security protocols and certifications such as MIL-STD, FIPS, or FCC. Qualifications What We're Looking For Experience: * 5+ years of experience in firmware or electrical ...
Ensure firmware complies with security protocols and certifications such as MIL-STD, FIPS, or FCC. Qualifications What We're Looking For Experience: * 5+ years of experience in firmware or electrical ...
Principal Compliance Engineer
Denver, CO · On-site
Design and enforce secure configurations using encryption standards such as FIPS 140-2/FIPS 140-3, ... Industry certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs ...
Principal Compliance Engineer
Denver, CO · On-site
Design and enforce secure configurations using encryption standards such as FIPS 140-2/FIPS 140-3, ... Industry certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs ...
DevOps Engineer
Dallas, TX · On-site
$87K - $141K/yr
Secure containers and clusters with hardened baselines (DoD STIG/FIPS) and continuous compliance ... Certifications such as CKA , CKAD , RHCE , or Security+ are a plus. What Success Looks Like After ...
DevOps Engineer
Dallas, TX · On-site
$87K - $141K/yr
Secure containers and clusters with hardened baselines (DoD STIG/FIPS) and continuous compliance ... Certifications such as CKA , CKAD , RHCE , or Security+ are a plus. What Success Looks Like After ...
Deep understanding of X.509 certificates, HSMs (Hardware Security Modules), CRLs, and OCSP. * Mastery of NIST SP 800-53, NIST SP 800-37 (RMF), FIPS 140-2/3, NIST SP 800-157 (Rev-1), NIST SP 800-63 ...
Deep understanding of X.509 certificates, HSMs (Hardware Security Modules), CRLs, and OCSP. * Mastery of NIST SP 800-53, NIST SP 800-37 (RMF), FIPS 140-2/3, NIST SP 800-157 (Rev-1), NIST SP 800-63 ...
Knowledge of encryption standards, including FIPS, and their application in storage security ... Certifications: Obtain an IAT-III or Maintain IAT Level III Certification in compliance with DoD ...
Knowledge of encryption standards, including FIPS, and their application in storage security ... Certifications: Obtain an IAT-III or Maintain IAT Level III Certification in compliance with DoD ...
Understanding of FIPS compliance, bootstrapping with HSMs (Thales), and secure supply chain protocols. Certifications: CKA (Certified Kubernetes Administrator), ITIL v4, or Professional Cloud ...
Quick apply
Understanding of FIPS compliance, bootstrapping with HSMs (Thales), and secure supply chain protocols. Certifications: CKA (Certified Kubernetes Administrator), ITIL v4, or Professional Cloud ...
Fips Certification information
What is FIPS certification?
FIPS certification refers to compliance with the Federal Information Processing Standards (FIPS), which are publicly announced standards developed by the United States federal government for use in computer systems by non-military government agencies and contractors. FIPS certification is primarily required for cryptographic modules and algorithms to ensure they meet specific security requirements. Companies seeking to work with federal agencies often need FIPS 140-2 or FIPS 140-3 certification for their products, demonstrating that their encryption technologies are secure and reliable. The certification process involves rigorous testing by accredited labs and approval by the National Institute of Standards and Technology (NIST).
What does it mean to be FIPS certified?
FIPS certification indicates that a product or system complies with the Federal Information Processing Standards, specifically FIPS 140-2 or FIPS 140-3, which define security requirements for cryptographic modules. For jobs related to FIPS certification, such as security analysts or engineers, it involves understanding cryptographic standards and ensuring that systems meet these federal security guidelines.
What are some typical challenges faced during the FIPS Certification process, and how can they be managed?
Professionals involved in FIPS Certification often encounter challenges such as navigating complex regulatory requirements, maintaining thorough documentation, and ensuring every component complies with cryptographic standards. The process can also require close coordination with testing labs and government agencies, which may introduce unforeseen delays. To manage these challenges effectively, staying up-to-date with current FIPS standards, maintaining open communication with all stakeholders, and adopting a proactive approach to documentation and testing are essential. Collaborating closely with engineering, compliance, and quality assurance teams can help streamline the process and resolve issues promptly.
What is the difference between Fips Certification vs Data Security Analyst?
| Aspect | Fips Certification | Data Security Analyst |
|---|---|---|
| Required Credentials | FIPS standards, compliance certifications | Security certifications (CISSP, CISA), technical skills |
| Work Environment | IT, government, compliance-focused | IT, cybersecurity teams, corporate environments |
| Industry Usage | Federal agencies, regulated industries | Private sector, finance, healthcare |
Fips Certification focuses on ensuring products meet federal security standards, primarily for compliance. Data Security Analysts implement and monitor security measures within organizations. While Fips Certification is about product compliance, Data Security Analysts work on protecting data assets. Both roles are essential in cybersecurity but serve different functions within the industry.
What are the key skills and qualifications needed to thrive as a FIPS Certification Specialist, and why are they important?
To thrive as a FIPS Certification Specialist, you need a solid understanding of information security principles, cryptographic standards, and regulatory compliance, typically supported by a relevant degree and experience in cybersecurity or IT. Familiarity with NIST FIPS 140-2/140-3 requirements, cryptographic modules, and certification management systems is essential, along with knowledge of validation processes and tools. Strong analytical skills, attention to detail, and effective communication are vital for interpreting complex standards and collaborating with vendors and government agencies. These skills ensure accurate certification, regulatory compliance, and secure technology implementations within highly regulated environments.
What cities are hiring for Fips Certification jobs? Cities with the most Fips Certification job openings:
What states have the most Fips Certification jobs? States with the most job openings for Fips Certification jobs include:
What job categories do people searching Fips Certification jobs look for? The top searched job categories for Fips Certification jobs are:
Full-time
Posted 24 days ago
Job description
Job Summary:
True Anomaly is a company focused on delivering capabilities for space superiority. They are seeking an experienced Principal Compliance Engineer to lead the design and implementation of secure, compliant architectures within highly regulated cloud environments, requiring deep expertise in security engineering and compliance frameworks.
Responsibilities:
• Architect, implement, and maintain secure, audit-ready systems and services in AWS and Azure Government environments.
• Develop and maintain custom STIGs (Security Technical Implementation Guides) for cloud infrastructure, SaaS applications, and IaaS/PaaS configurations and customer-deployed applications.
• Design and enforce secure configurations using encryption standards such as FIPS 140-2/FIPS 140-3, TLS 1.2+, and data-at-rest protections for regulated data.
• Embed compliance and security checks into CI/CD pipelines, ensuring that infrastructure-as-code meets regulatory and organizational policies.
• Integrate technical controls to support monitoring, logging, and alerting consistent with RMF and CMMC requirements.
• Partner with cybersecurity operations teams to support incident response, log review, and system hardening efforts.
• Lead the technical remediation of vulnerabilities identified through internal scans, third-party testing, or external audits.
• Work with engineering and DevOps teams to drive secure patch management, system baseline enforcement, and automated vulnerability response workflows.
• Maintain and operationalize vulnerability metrics dashboards aligned with continuous monitoring plans (ConMon).
• Able to support and manage detailed system documentation including SSPs, network diagrams, control implementations, and POA&Ms.
• Serve as a technical point of contact during audits and assessments, capable of demonstrating compliance posture through hands-on walkthroughs and evidence collection.
• Collaborate with DevOps, Cybersecurity teams to translate security requirements into enforceable technical controls and testable artifacts.
• Partner with product, engineering, and compliance teams to implement secure system boundaries and customer segmentation strategies for multi-tenant environments.
• Provide technical mentorship and occasional leadership to junior compliance engineers or project contributors.
• Track emerging requirements and proactively update system configurations to meet evolving DoD IL5, IL6, and CMMC mandates.
Qualifications:
Required:
• 10+ years of experience in cybersecurity engineering, cloud compliance, or DevSecOps roles.
• Proven experience designing STIG-compliant configurations, including custom STIG development and validation.
• Deep understanding of FIPS-validated encryption, TLS configurations, and cryptographic module implementation for data protection.
• Hands-on experience with vulnerability scanning, remediation planning, and automated patching workflows.
• Familiarity with DoD RMF (IL5 and IL6), CMMC and related audit frameworks.
• Proficiency with tools such as Terraform, Ansible, Azure Policy, GitHub Actions, and common SIEM/logging platforms.
• Experience with authorization boundary design and customer isolation techniques in AWS and Azure Gov environments.
• Position requires an active security clearance. While all clearance levels will be considered, TS/SCI clearance holders are preferred.
Preferred:
• Experience with DoD RMF (IL5 and IL6) cloud environments.
• Working knowledge of container security, particularly in AKS or Kubernetes-based deployments.
• Basic people leadership experience, including mentoring or technical guidance responsibilities.
• Industry certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs (e.g., CMMC RP).
Company:
True Anomaly develops space security technologies, including spacecraft, software platforms, and mission systems for orbital operations. Founded in 2022, the company is headquartered in Centennial, USA, with a team of 201-500 employees. The company is currently Growth Stage.
True Anomaly is a company focused on delivering capabilities for space superiority. They are seeking an experienced Principal Compliance Engineer to lead the design and implementation of secure, compliant architectures within highly regulated cloud environments, requiring deep expertise in security engineering and compliance frameworks.
Responsibilities:
• Architect, implement, and maintain secure, audit-ready systems and services in AWS and Azure Government environments.
• Develop and maintain custom STIGs (Security Technical Implementation Guides) for cloud infrastructure, SaaS applications, and IaaS/PaaS configurations and customer-deployed applications.
• Design and enforce secure configurations using encryption standards such as FIPS 140-2/FIPS 140-3, TLS 1.2+, and data-at-rest protections for regulated data.
• Embed compliance and security checks into CI/CD pipelines, ensuring that infrastructure-as-code meets regulatory and organizational policies.
• Integrate technical controls to support monitoring, logging, and alerting consistent with RMF and CMMC requirements.
• Partner with cybersecurity operations teams to support incident response, log review, and system hardening efforts.
• Lead the technical remediation of vulnerabilities identified through internal scans, third-party testing, or external audits.
• Work with engineering and DevOps teams to drive secure patch management, system baseline enforcement, and automated vulnerability response workflows.
• Maintain and operationalize vulnerability metrics dashboards aligned with continuous monitoring plans (ConMon).
• Able to support and manage detailed system documentation including SSPs, network diagrams, control implementations, and POA&Ms.
• Serve as a technical point of contact during audits and assessments, capable of demonstrating compliance posture through hands-on walkthroughs and evidence collection.
• Collaborate with DevOps, Cybersecurity teams to translate security requirements into enforceable technical controls and testable artifacts.
• Partner with product, engineering, and compliance teams to implement secure system boundaries and customer segmentation strategies for multi-tenant environments.
• Provide technical mentorship and occasional leadership to junior compliance engineers or project contributors.
• Track emerging requirements and proactively update system configurations to meet evolving DoD IL5, IL6, and CMMC mandates.
Qualifications:
Required:
• 10+ years of experience in cybersecurity engineering, cloud compliance, or DevSecOps roles.
• Proven experience designing STIG-compliant configurations, including custom STIG development and validation.
• Deep understanding of FIPS-validated encryption, TLS configurations, and cryptographic module implementation for data protection.
• Hands-on experience with vulnerability scanning, remediation planning, and automated patching workflows.
• Familiarity with DoD RMF (IL5 and IL6), CMMC and related audit frameworks.
• Proficiency with tools such as Terraform, Ansible, Azure Policy, GitHub Actions, and common SIEM/logging platforms.
• Experience with authorization boundary design and customer isolation techniques in AWS and Azure Gov environments.
• Position requires an active security clearance. While all clearance levels will be considered, TS/SCI clearance holders are preferred.
Preferred:
• Experience with DoD RMF (IL5 and IL6) cloud environments.
• Working knowledge of container security, particularly in AKS or Kubernetes-based deployments.
• Basic people leadership experience, including mentoring or technical guidance responsibilities.
• Industry certifications such as CISSP, CCSP, Azure Security Engineer, or relevant compliance certs (e.g., CMMC RP).
Company:
True Anomaly develops space security technologies, including spacecraft, software platforms, and mission systems for orbital operations. Founded in 2022, the company is headquartered in Centennial, USA, with a team of 201-500 employees. The company is currently Growth Stage.
About True Anomaly
Sourced by ZipRecruiter
Company size
11 - 50 Employees
Headquarters location
Colorado Springs, CO, US
Year founded
2022