UL’s Identity Management & Security (IMS) division is looking to add a Senior Security Engineer - FIPS to our CyberSecurity Assurance department.
The UL FIPS Laboratory performs compliance testing to evaluate compliance of products to the Federal Information Processing Standard and prepares written evaluation compliance reports for submission to the validation authority. As a conformance tester, the Security Engineer must be must proactive and be able to work in a detail-oriented, deadline-driven environment.
Under the direction and guidance of the Program Manager, the Security Engineer will perform both billable and non-billable tasks required to evaluate cryptographic IT products in a Lead capacity. This includes:
- Validation consulting
- Design specification review
- Conformance testing
- Report writing
- Status reporting
- Project management
- Advisory services
- Audit-related tasks
Duties Will Include:
- Testing products while using port analyzers and debug tools including the preparation and execution of test plans, and generating the necessary reports documenting the test results
- Code review
- Project management and tracking (scheduling and meeting project objectives, milestones, and deadlines)
- Consulting the Lab Manager as applicable on all testing matters requiring clarification
- Supporting junior testers for assigned activities
- Participate as Lead Engineer on specific testing projects on an as-needed basis
- Supporting other Lead Engineers as-needed
- Performing testing activities on an as-required/as-tasked basis
- Conducting testing activities in accordance with all applicable standards and methodologies related to FIPS 140 validation
- Conducting internal and external training
- The ability to successfully work in a team environment coupled with the ability to develop creative solutions
- Cryptographic Validation Program (CVP) Certification is mandatory
- FIPS 140-2 validation experience as a Project Lead
- Successful completion of a post-secondary program, in a field related to IT security, computer science or engineering
- Knowledge of common programming languages such as C\C++, Java, etc.
- Knowledge of Microsoft, Linux, and Unix Operating Systems
- Analytical and critical thinking skills
- Excellent writing skills – must be able to prepare written reports
- Excellent English communication skills, along with the ability to articulate requirements in technical and non-technical terms to customers, peers, and management
- Knowledge of cryptography, cryptographic algorithms, and communication protocols
- Knowledge of wireless communication protocols (e.g., Wi-Fi, Bluetooth, NFC)
- Familiarity with IT test tools and techniques (e.g., Wireshark)
- Advanced knowledge and familiarity of FIPS 140-2
- Experience working in a regulated, accredited facility or environment
- Proven ability to work independently
Some domestic and international travel will be required (approximately 25% of the time).
Successful completion of a post-secondary program preferably in Computer Science, Information Technology, or a technically related discipline plus two years of related experience. University Degree (equivalent to a bachelor’s degree) is preferred.
Good presentation skills, proven experience in customer-facing advisory services, and technical expertise.
- Meets all customer demands and delivery requirements
- Acts as a UL representative in the customer’s environment
- Performs and prioritizes other duties as directed
Consistently adheres and strives to perform all company duties honestly and ethically to UL standards with integrity