Talent.com
serp_jobs.error_messages.no_longer_accepting
FIPS Compliance Engineer

FIPS Compliance Engineer

BroadcomTrabuco Canyon, CA, US
job_description.job_card.variable_days_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
job_description.job_card.job_description

Job Description :

The Sr FIPS Compliance Engineer performs assessments of cryptographic security functions including in their use of Cloud Services; consults in development of a product's security design; tests and manages the third party evaluation against National Institute of Standards and Technology (NIST) Federal Information Processing Standard (FIPS) 140-3 for cryptographic modules as well as associated standards in accordance with NIST validation program requirements. Given the wide range of security technologies and interaction with VMware-wide product development teams, this position offers a rare opportunity to rapidly gain experience with a full spectrum of security products and technologies.

Typical responsibilities involve :

  • Cryptographic module validation against US NIST FIPS 140-3 standards
  • General security and compliance requirements analysis and System Level Logical Analysis - Perform security evaluation activities as needed including presentations to R&D teams
  • Design work (product architecture) - Design and prepare instructions, procedures, tools and methods for aiding in third party compliance evaluations
  • FIPS Test Harness Development, adaptation, and cross-compiling on multiple platforms
  • Engineering compliance documentation (e.g. Security Policy, technical rationale, etc.)
  • Cryptographic algorithm and Public Key Infrastructure (PKI) testing
  • Source code review activities in a variety of programming languages

Required Qualifications :

  • Experience performing evaluations / validations (both as an evaluator and consultant in FIPS140in a CC / FIPS certified laborperforming FIPS evaluations and / or validations as a vendor)
  • Experience with C, C++, Java languages, Perl, Ruby and development environments
  • Strong knowledge of computer security principles and best practices
  • Experience in security, networking, virtualization, cloud solutions
  • Knowledge of common security related and other protocols and their design like ssh, IPsec, TLS, x509,SOAP, REST API, HTTPS, VXLAN, VLAN
  • Knowledge of cryptographic encryption algorithms, key exchange algorithms, hashing algorithms, PKI, etc.
  • Experience building testing environments, performing testing and reporting results (technical writing)
  • Strong ability to read, understand and write development documents (e.g. functional spec, design spec, etc.)
  • Strong ability to troubleshoot, strategize a solution and execute necessary steps
  • Bachelor's degree ( OR Master's degree plus 6 years) in technical discipline with greater than 8 years prior relevant experience (Electrical Engineering, Computer Engineering, Computer Science, Mathematics or related discipline)

    • Compensation and Benefits :

    The annual base salary range for this position is $107,000 - $190,000

    This position is also eligible for a discretionary annual bonus in accordance with relevant plan documents, and equity in accordance with equity plan documents and equity award agreements.

    Broadcom offers a competitive and comprehensive benefits package : Medical, dental and vision plans, 401(K) participation including company matching, Employee Stock Purchase Program (ESPP), Employee Assistance Program (EAP), company paid holidays, paid sick leave and vacation time.

    Broadcom is proud to be an equal opportunity employer. We will consider qualified applicants without regard to race, color, creed, religion, sex, sexual orientation, national origin, citizenship, disability status, medical condition, pregnancy, protected veteran status or any other characteristic protected by federal, state, or local law.

    J-18808-Ljbffr

    serp_jobs.job_alerts.create_a_job

    Compliance Engineer • Trabuco Canyon, CA, US