Website COACT, Inc
The Engineer will perform documentation review, source code review, and testing of hardware/software/firmware cryptographic devices to obtain a complete in-depth understanding of the security mechanisms and operations of products for validation against compliance with the Federal Information Processing Standard (FIPS) 140-2 and 140-3, Security Requirements for Cryptographic Modules.
· Participation in FIPS 140-2 and FIPS 140-3 crypto validations,
· Configure and test network devices such as routers, switches, firewalls, IDS/IPS, etc.,
· Develop evaluation documentation,
· Prepare and execute test plans,
· Participation in technical communities,
· Participation in Gap Analysis Workshops
· Understanding the FIPS 140 standards, Derived Test Requirements (DTRs), and other related standards and guidance as it relates to the client’s product.
· Reviewing the client’s documentation and becoming familiar with the product components to be tested.
· Developing specific tests for each test element as it relates to the product.
· Performing complex analysis of product design.
· Testing and debugging cryptographic algorithms and modules including but not limited to cryptographic libraries, software applications, smart cards, and enterprise devices.
· Generate test reports.
· 1- 2 years of general lab experience and 1-year specialized experience validating products.[RS1] General experience includes multiple aspects of cryptography, including experience from the mathematical disciplines and the demonstrated ability to work independently or under only general supervision.
· Specialized experience includes analyzing, testing, or developing symmetric and public-key cryptographic algorithms including but not limited to AES, SHS, RSA, etc.
· 1-3 years of experience with FIPS 140-2
· In-depth understanding of network devices, ability to configure, deploy, and troubleshoot network and configurations
· Understanding of foundational networking protocols as well as secure communications protocols and the ability to describe correct behavior and identify anomalies
· Ability to use tools such as Wireshark, tcpdump or similar to record and analyze packet captures of network traffic
· Experience working with Unix-like operating systems (Linux, BSD, Solaris)
· Demonstrated ability to think critically and adapt to new circumstances and technology platforms
· Excellent written and verbal communication skills.
· Project management experience in a technical environment to plan, schedule and execute project tasks.
To apply for this job email your details to firstname.lastname@example.org