FIPS 140 Security Engineer

Talascend is currently seeking a FIPS 140 Security Engineer for a W-2 contract to possible direct-hire position in Columbia, Maryland. Responsibilities Work on varied FIPS 140 validation projects. General security analysis. Design work (product architecture). Vulnerability testing. Physical security testing. System-level logical analysis. Product evaluations against Technology Type standards (Protection Profiles). Cryptographic and Public Key Infrastructure (PKI) testing. Cryptographic algorithm testing. Source code review activities. Technical report writing and review. Testing automation through scripting. Develop applications to support test cases. Qualifications Typically requires a BS degree with 2 - 4 years of prior relevant experience. Experience with Python programming language. Experience with debugging (Android debug bridge (adb), WinDBG, Visual Studio, etc.). Experience with statistical analysis of entropy sources. Cryptographic Validation Program (CVP) Certification Knowledge of cryptographic encryption algorithms, key exchange algorithms, hashing/message authentication algorithms, PKI, random number generators, etc. Experience with various programming languages (C, C++, Python or Java) and development environments. Ability to comprehend security standard requirements and apply them to products. Experience setting up networks and familiarity with subnetting and routing concepts. Knowledge of common security related protocols and their design (i.e. SSH, IPsec, TLS, etc.). Experience building testing environments, performing testing and reporting results (technical writing). Strong troubleshooting and problem-solving skills. Strong multitasking and time management. Preferred Qualifications Knowledge of OpenSSL and/or OpenPGP. Vulnerability Analysis and/or penetration testing experience/expertise. Strong knowledge of computer security principles and best practices. Strong English (both oral and written) skills. Related certifications (CCNA/CCNP/CCIE, JNCIA/JNCIS/JNCIP/JNCIE). Knowledge of Active Directory and Linux. Hands on experience using tools such as an oscilloscope, function generator, multi-meter, signal generator, etc. Knowledge of X.509 certificate validation. We thank all applicants for their interest. However, only those qualified individuals who closely meet the qualifications of the position will be contacted. The details of the position are only a summary, other duties may be assigned as necessary. Background Check and Drug Screen may be required.

Created: 2026-03-10