TechOps Engineer III
Apply NowCompany: HireTalent
Location: Mountain View, CA 94040
Description:
TITLE: Security/Certification Engineer - FIPS/CC (Mobile Devices)
WHO we're looking for:
We are looking for an individual who has experience in the common criteria evaluations of IT products and who has experience with FIPS validation of cryptographic modules ( FIPS 140-3) . They will be responsible for the end-end validation of the products ( performing initial assessment of the security functions and specifications; consult with various teams in the development of the process, design, and documentation required for the common criteria evaluations of our Mobile Device products and the FIPS 140-2/3 accreditation of our cryptographic modules.
Role and Responsibilities:
Develop the security target for our products, assist with the testing,documentation and working with the necessary engineering teams during the evaluation.
Develop plans and procedures using applicable security controls, including NIAP Protection Profiles (MDFPP, VPN, WLAN, Biometric enrollment, and verification), assist with the CAVP algorithm testing ,drafting and review of the security policies for our cryptographic modules according to the FIPS 140-3 specifications, possess information around the DCID 6/3, DoD 8500, or NIST SP 800-53.
Assist in the development and review of all test reports and required certification documentation for all the Common Criteria evaluations and FIPS 140-2/3 accreditation.
Experience building testing environments, performing testing and reporting results (technical writing) for all of the common criteria and FIPS evaluations.
Develop mitigation strategies to address vulnerabilities uncovered during security testing; and assist with completing all the required documentation to meet the specifications and certification requirements, as required.
Perform vulnerability analysis of product or system designs against applicable security criteria using common tools, including Nessus, NMAP, and Wireshark.
Project POC with Internal/External audience when required.
Self-motivated individual with the ability to thrive in a team-based or independent environment.
Detail-oriented with strong organization skills.
Ability to work in a fast-paced environment.
Limited supervision and the exercise of discretion.
Ability to comprehend security standard requirements and specifications and apply them to products.
Excellent communication (written/verbal) skills and analytical skills.
WHO we're looking for:
We are looking for an individual who has experience in the common criteria evaluations of IT products and who has experience with FIPS validation of cryptographic modules ( FIPS 140-3) . They will be responsible for the end-end validation of the products ( performing initial assessment of the security functions and specifications; consult with various teams in the development of the process, design, and documentation required for the common criteria evaluations of our Mobile Device products and the FIPS 140-2/3 accreditation of our cryptographic modules.
Role and Responsibilities:
Develop the security target for our products, assist with the testing,documentation and working with the necessary engineering teams during the evaluation.
Develop plans and procedures using applicable security controls, including NIAP Protection Profiles (MDFPP, VPN, WLAN, Biometric enrollment, and verification), assist with the CAVP algorithm testing ,drafting and review of the security policies for our cryptographic modules according to the FIPS 140-3 specifications, possess information around the DCID 6/3, DoD 8500, or NIST SP 800-53.
Assist in the development and review of all test reports and required certification documentation for all the Common Criteria evaluations and FIPS 140-2/3 accreditation.
Experience building testing environments, performing testing and reporting results (technical writing) for all of the common criteria and FIPS evaluations.
Develop mitigation strategies to address vulnerabilities uncovered during security testing; and assist with completing all the required documentation to meet the specifications and certification requirements, as required.
Perform vulnerability analysis of product or system designs against applicable security criteria using common tools, including Nessus, NMAP, and Wireshark.
Project POC with Internal/External audience when required.
Self-motivated individual with the ability to thrive in a team-based or independent environment.
Detail-oriented with strong organization skills.
Ability to work in a fast-paced environment.
Limited supervision and the exercise of discretion.
Ability to comprehend security standard requirements and specifications and apply them to products.
Excellent communication (written/verbal) skills and analytical skills.