More About the Role:
The Leidos Security Assurance Engineer in support of the Cryptographic and Security Testing Laboratory (CSTL) performs initial assessments of cryptographic security functions. The engineer consults in the development of a product's security design, and tests products against one or more of the following security standards as well as associated standards in accordance with the NIST validation programs requirements:
-National Institute of Standards and Technology (NIST) Federal Information Processing Standard (FIPS) 140-2 for cryptographic modules.
-FIPS 201 for Personal Identity Verification (PIV) smart cards.
-Security Content Automation Protocol (SCAP) enterprise scanning tools.
-Transportation Worker Identification Credentials (TWIC) for smart cards.
The Leidos Security Assurance Engineer in support of Common Criteria (CC) performs initial assessment of security functions; consults in development of process, design, and test documentation; and conducts the evaluation of security products based on available documentation.
What You'll Get to Do:
-The selected candidate will work on varied computer security Common Criteria Evaluation and FIPS 140-2 validation projects.
-General security analysis.
-Design work (product architecture).
-Physical security testing.
-System-level logical analysis.
-Product evaluations against Technology Type standards (Protection Profiles).
-Cryptographic and Public Key Infrastructure (PKI) testing.
-Cryptographic algorithm testing.
-Source code review activities.
-Technical report writing and review.
-Testing automation through scripting.
You'll Bring These Qualifications:
-Requires BS and 4-8 years of prior relevant experience or Masters with 2-6 years of prior relevant experience. Technical discipline (Electrical Engineering, Computer Engineering, Computer Science, Mathematics or related discipline).
-Knowledge of cryptographic encryption algorithms, key exchange algorithms, hashing/message authentication algorithms, PKI, random number generators, etc.
-Experience with various programming languages (C, C++, Python or Java) and development environments.
-Ability to comprehend security standard requirements and apply them to products.
-Experience setting up networks and familiarity with subnets and routing.
-Knowledge of common security related protocols and their design (i.e. SSH, IPsec, TLS, etc.).
-Experience building testing environments, performing testing and reporting results (technical writing).
-Strong problem solving skills.
-Strong multitasking and time management.
These Qualifications Would be Nice to Have:
-Experience with VHDL and Verilog languages.
-Experience with debugging (GDB, WinDBG, Visual Studio, etc.).
-Experience with statistical analysis of entropy sources.
-Knowledge of OpenSSL and/or OpenPGP.
-Vulnerability Analysis and/or penetration testing experience/expertise.
-Strong knowledge of computer security principles and best practices.
-Strong English (both oral and written) skills.
-Related certifications (CCNA/CCNP/CCIE, JNCIA/JNCIS/JNCIP/JNCIE).
-Knowledge of Active Directory and Linux.
-Hands on experience using tools such as an oscilloscope, function generator, multimeter, signal generator, etc.
-Knowledge of X.509 certificates and their attributes as well as protocols such as CDP and OCSP.