Sr. FIPS Test Engineer (REMOTE) Position Description CGI is seeking a Senior FIPS Test Engineer to work in the field of FIPS 140 conformance testing and to lead overall evaluation initiatives. This is a dynamic and collaborative work environment where candidates are challenged to learn leading edge technologies and verify that the products evaluated conform to security requirements described in the FIPS 140-2 Standard. Your future duties and responsibilities This person will serve as the Lead FIPS Evaluator responsible for program management, review and assessment of products against the FIPS 140-2 Derived Testing Requirements (DTRs). A typical FIPS 140-2 assessment includes the review of a product’s architecture, security policy, and other design documentation such as source code, implementation test plan, configuration management and development life-cycle documentation. Functional and algorithm testing will also be performed to ensure the project functions as specified in documentation. Upon completion, a written verdict for the evaluation will be produced and submitted to the CMVP. Required qualifications to be successful in this role Assessments will involve a wide variety of software and hardware technologies. As such, an ideal candidate will have a strong background and knowledge of security products that implement cryptography such as routers/gateways, Proxies, VPN, firewalls, wireless radios/access points, mobile devices, HSMs, USB drives, smart cards, embedded PCI cards and others. Knowledge of operating systems and software products such as SSL libraries, cryptographic toolkits, PKI software, disk encryption software and virtualization software would also be an asset. An ideal candidate will also possess an ability to interface with customers providing them with technical guidance and support during the evaluation of an IT security product. The Lead Evaluator provides oversight for the practice and all product evaluations as it relates to each validation standard. They provide a roadmap of each milestone required for securing the validation, and a firm fixed price quote that covers the service engagement as a turn-key service, through product certification. Technical Requirements: • Must have minimum of 5 years of experience performing product, system or compliance testing, experience in security product hardware/software design or evaluation; or must possess a minimum of 10 years’ experience working in IT security • Must possess a strong knowledge of technologies and protocols such as: TCP/IP, IPSEC, TLS, IDS/IPS, S-FTP, SNMPv3, HTTPS, SSH, Wireless LANs (802.11) and Bluetooth • Knowledge of the programming languages C, C++, Java, Assembler, or Verilog • Knowledge of Operating Systems such as Windows, Linux, Solaris, QNX, BlackBerry OS 6/7, Android and Windows Mobile • Knowledge of symmetric, asymmetric, digital signature and key agreement cryptographic algorithms • Knowledge of FIPS 140-2, FIPS 201 Standards, SCAP, Common Criteria, ISO 17025, and other related standards • Familiarity with NIST Special Publications 800-131 A, 800-57, 800-23 or other related NIST SPs • Non-manufacturer, professional designations and certifications (e.g. CISSP, CISA, SANS) are an asset • Experience as a program manager with prior certification program successes, namely in the areas of third-party certifications such as Common Criteria and Federal Information Processing Standard (FIPS) is preferred. Non-Technical Requirements: • Manage and facilitate multiple medium to large scale projects including scoping the requirements, developing detailed project plans, program goals, deliverables and related risks • Define Program tasks and resource requirements, including program budgets and review • Develop full scale certification program plans to enable successful and timely Federal certifications • Translate general customer requirements into concrete strategic and tactical plans, ensuring clarity and understanding by all stakeholders • Manage program plans to ensure timely delivery of milestones, including presentation of regular reports defining progress against major milestones, elevation and mitigation to risks as they arise and escalations to management when roadblocks occur and need intervention • Work effectively and communicate with internal and external clients, third party vendors (Inc. managing vendor relationships), and senior management to ensure a thorough understanding of the assigned project status • Ability to use technical and functional expertise to advise, coach non specialists on complex issues clarifying assignments and deliverables • High degree of flexibility and willingness to do what is required to help ensure business success • Monitor, resolve and / or escalate issues affecting the projects with an ability to think on your feet- making well-reasoned recommendations even with incomplete data • Excellent written and verbal communication skills, including ability to present to large audiences and executives • Strong Leadership skills with an ability to effectively manage, motivate and drive a cross-functional team • Ability to work collaboratively to build and maintain excellent relationships with Engineering, the Federal Sales Team and external consulting and certifying agencies • Minimum 5 of years’ experience in a customer-facing technical role; • Must have demonstrated experience managing multiple projects with stringent deadlines; • Experience dealing with cross-cultural and/or foreign customers is an asset; • Excellent communication skills, ability to articulate requirements in technical and non-technical terms to customers, peers, and management; • Excellent writing skills – must be able to prepare consistent and quality reports; and • A proven ability to work independently. Other Requirements: • MS/BS in CS/IS preferred, or equivalent experience. • Prior experience with delivering successful industry recognized certification programs such as, but not limited to, FIPS and Common Criteria Programs. • Must have valid passport and be willing to travel internationally less than 10%. • Experience working in a multi-disciplinary team. At CGI, we’re a team of builders. We call our employees members because all who join CGI are building their own company – one that has grown to 65,000 professionals located in 40 countries. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients succeed. We have the global resources, expertise, stability and dedicated professionals needed to achieve results for our clients – and for our members. Come grow with us. Learn more at www.cgi.com.This is a great opportunity to join a winning team. CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans.We wish to thank all applicants for their interest and effort in applying for this position, however, only candidates selected for interviews will be contacted. No unsolicited agency referrals please.All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary depending upon specific assignment, or upon any US government security clearance if required. Qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, gender Identity, sexual orientation, national origin, age, disability, veteran status, pregnancy, or other status protected by law. CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI’s legal duty to furnish information. Skills Reference 392432
At CGI, we are a team of builders. We call our employees members because all who join CGI are building their own company – one that has grown to 68,000 professionals located in 40 countries. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients succeed. We have the global resources, expertise, stability and dedicated professionals needed to achieve results for our clients – and for our members. Come grow with us. Learn more at www.cgi.com.
This is a great opportunity to join a winning team. CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans.
We wish to thank all applicants for their interest and effort in applying for this position, however, only candidates selected for interviews will be contacted.
No unsolicited agency referrals please.
Qualified applicants will receive consideration for employment without regard to their race, color, religion, national origin, sex, protected veteran status or disability.