FIPS 140 Security Engineer
<p>We are looking for a FIPS 140 Security Engineer to join the client’s Accredited Testing & Evaluation team supporting cybersecurity initiatives critical to national defense. This role focuses on evaluating, testing, and validating cryptographic products and security solutions against FIPS 140 and NIST standards. The role will perform security assessments, entropy analysis, vulnerability testing, cryptographic validation activities, and technical reporting within a hands-on laboratory environment supporting secure communications technologies.</p><p>The ideal candidate will have experience with cryptographic technologies, FIPS 140 validation processes, entropy assessments, scripting, and security testing methodologies.</p><p><br></p><p><strong>Key Responsibilities:</strong></p><p>· Support FIPS 140 validation and security evaluation projects for cryptographic products and systems.</p><p>· Perform security architecture reviews, product design analysis, and system-level security assessments.</p><p>· Conduct cryptographic and Public Key Infrastructure (PKI) testing.</p><p>· Analyze entropy sources in accordance with NIST SP 800-90B requirements and evaluate SP 800-90C random bit generator constructions.</p><p>· Perform statistical and heuristic analysis of noise datasets.</p><p>· Create and review Entropy Assessment Reports (EAR) and Public Use Documents (PUD).</p><p>· Prepare and submit Entropy Source Validation (ESV) packages through the NIST ESVTS platform.</p><p>· Conduct vulnerability assessments, logical security analysis, and physical security testing.</p><p>· Review source code and develop scripts or tools to automate testing activities.</p><p>· Build testing environments, execute test plans, document findings, and produce technical reports.</p><p>· Evaluate products against applicable security standards and technology-type requirements.</p>
<p><strong>Core Qualifications:</strong></p><p>· Bachelor's degree in Computer Science, Cybersecurity, Computer Engineering, Information Systems, or a related field.</p><p>· 2+ years of relevant cybersecurity, cryptographic testing, security engineering, or validation experience.</p><p>· Knowledge of cryptographic encryption algorithms, key exchange protocols, hashing algorithms, message authentication techniques, PKI, and random number generators.</p><p>· Strong understanding of NIST SP 800-90A, SP 800-90B, and SP 800-90C standards.</p><p>· Experience performing entropy source analysis and validation activities.</p><p>· Experience with one or more programming languages including Python, C, C++, or Java.</p><p>· Experience developing scripts or automation tools to support testing activities.</p><p>· Familiarity with SSH, TLS, IPsec, and other security-related protocols.</p><p>· Experience building test environments, executing security testing, and documenting results.</p><p>· Knowledge of networking fundamentals, including subnetting and routing concepts.</p><p>· Strong troubleshooting, analytical, and problem-solving abilities.</p><p>· Ability to interpret security standards and apply requirements to products and systems.</p><p>· Strong written communication skills and technical documentation experience.</p><p><strong>Preferred Qualifications:</strong></p><p>· Cryptographic Validation Program (CVP) Certification.</p><p>· Advanced Python development experience.</p><p>· Experience with debugging tools such as ADB, WinDBG, or Visual Studio.</p><p>· Experience performing statistical analysis of entropy sources.</p><p>· Knowledge of OpenSSL, OpenPGP, and cryptographic libraries.</p><p>· Vulnerability assessment or penetration testing experience.</p><p>· Knowledge of Active Directory and Linux administration.</p><p>· Experience with X.509 certificate validation.</p><p>· Hands-on experience using laboratory equipment such as oscilloscopes, function generators, multimeters, or signal generators.</p><p>· Industry certifications such as CCNA, CCNP, CCIE, JNCIA, JNCIS, JNCIP, or JNCIE.</p><p>· Strong understanding of computer security principles, cybersecurity best practices, and secure product development.</p>
<h3 class="rh-display-3--rich-text">Technology Doesn't Change the World, People Do.<sup>®</sup></h3>
<p>Robert Half is the world’s first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.</p>
<p>Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. <a href="https://www.roberthalf.com/us/en/mobile-app" target="_blank">Download the Robert Half app</a> and get 1-tap apply, notifications of AI-matched jobs, and much more.</p>
<p>All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit <a href="https://roberthalf.gobenefits.net/" target="_blank">roberthalf.gobenefits.net</a> for more information.</p>
<p>© 2025 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking “Apply Now,” you’re agreeing to Robert Half’s <a href="https://www.roberthalf.com/us/en/terms">Terms of Use</a> and <a href="https://www.roberthalf.com/us/en/privacy">Privacy Notice</a>.</p>
- Columbia, MD
- onsite
- Temporary / Contract
-
60.77 - 60.77 USD / Hourly
- <p>We are looking for a FIPS 140 Security Engineer to join the client’s Accredited Testing & Evaluation team supporting cybersecurity initiatives critical to national defense. This role focuses on evaluating, testing, and validating cryptographic products and security solutions against FIPS 140 and NIST standards. The role will perform security assessments, entropy analysis, vulnerability testing, cryptographic validation activities, and technical reporting within a hands-on laboratory environment supporting secure communications technologies.</p><p>The ideal candidate will have experience with cryptographic technologies, FIPS 140 validation processes, entropy assessments, scripting, and security testing methodologies.</p><p><br></p><p><strong>Key Responsibilities:</strong></p><p>· Support FIPS 140 validation and security evaluation projects for cryptographic products and systems.</p><p>· Perform security architecture reviews, product design analysis, and system-level security assessments.</p><p>· Conduct cryptographic and Public Key Infrastructure (PKI) testing.</p><p>· Analyze entropy sources in accordance with NIST SP 800-90B requirements and evaluate SP 800-90C random bit generator constructions.</p><p>· Perform statistical and heuristic analysis of noise datasets.</p><p>· Create and review Entropy Assessment Reports (EAR) and Public Use Documents (PUD).</p><p>· Prepare and submit Entropy Source Validation (ESV) packages through the NIST ESVTS platform.</p><p>· Conduct vulnerability assessments, logical security analysis, and physical security testing.</p><p>· Review source code and develop scripts or tools to automate testing activities.</p><p>· Build testing environments, execute test plans, document findings, and produce technical reports.</p><p>· Evaluate products against applicable security standards and technology-type requirements.</p>
- 2026-07-13T00:00:00Z