Security Engineer - FIPS/CC (Mobile Devices)

Security Engineer - FIPS/CC (Mobile Devices)

WorldLink US
WorldLink is a leading provider of Data & Analytics services with a global reach and 25 years of experience.

TITLE: Security Engineer - FIPS/CC (Mobile Devices)
POSITION TYPE: Full Time (W2)
LOCATION: Mountain View, CA

ABOUT WorldLink:
WorldLink is a rapidly growing information technology company at the forefront of the tech transformation. We help companies harness and leverage today’s most cutting-edge digital technologies to create value and grow.

We embrace a culture of experimentation and constantly strive for improvement and learning. We take pride in our employees and their future with continued growth and career advancement.

WHO we’re looking for:
We are looking for a Security Engineer - FIPS/CC (Mobile Devices) who will be responsible for performing initial assessment of the security functions and specifications; consulting various teams in the development of the process, design, and documentation required for the FIPS 140-2/3 accreditation of our cryptographic modules and common criteria evaluations of our security products.

Role and Responsibilities:

• Develop plans and procedures using applicable security controls, FIPS 140-2/3 validation of Cryptographic Modules, Common Criteria Evaluation of any IT product familiar with NIAP Protection Profiles (MDFPP, VPN, WLAN, TLS, Biometric enrollment, and verification), DCID 6/3, DoD 8500, or NIST SP 800-53.
• Help with CAVP algorithm testing using ACVP/ACVTS and assist with review and writing of security policies for the modules.
• Develop and review the required certification documentation for all the FIPS 140-2/3 validation and Common Criteria evaluations.
• Develop mitigation strategies to address vulnerabilities uncovered during security testing; and assist with completing the required reports and documentation to meet certification and authorization requirements, as required.
• Perform vulnerability analysis of product or system designs against applicable security criteria using common tools, including Nessus, NMAP, and WireShark.
• Project POC with Internal/External audience when required.

Required Experience and Education:

• 5+ years of technical experience in FIPS 140-2/3 validation of Cryptographic Modules and Common Criteria evaluation of any IT product in the US CC scheme. Mobile Device Product Evaluation experience is preferred.
• Bachelor's Degree in Electrical Engineering, Computer/Information Science, Information Assurance/Cybersecurity, or equivalent degree (Master's Degree preferred).
• Proficiency in FIPS 140-2 and FIPS 140-3 validation of Cryptographic modules - Understanding of standards like FIPS 186-4/5, SP 800-186, SP800-90B is desirable.
• Experience building test environments, performing testing and reporting results (technical writing).
• Knowledge of general software product security architecture, design principles of protocols (i.e., SSH, IPsec, TLS, Wi-Fi etc.) is preferred.

Necessary Skills and Attributes:

• Self-motivated individual with the ability to thrive in a team-based or independent environment.
• Detail-oriented with strong organization skills.
• Ability to work in a fast-paced environment.
• Limited supervision and the exercise of discretion.
• Ability to comprehend security standard requirements and specifications and apply them to products.
• Excellent communication (written/verbal) skills and analytical skills.

Physical Demands:
The physical demands described here are representative of those that must be met by contract employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

WHAT we’ll bring:
During your interview process, our team can fill you in on all the details of our industry-competitive benefits and career development opportunities. A few highlights include:

• Medical Plans
• Dental Plans
• Vision Plan
• Life & Accidental Death & Dismemberment
• Short-Term Disability
• Long-Term Disability
• Critical Illness/ Accident/ Hospital Indemnity/ Identity Theft Protection
• 401(k)

WHAT you should know:
Our success begins and ends with our people. We embrace diverse perspectives and value unique human experiences. WorldLink is an Equal Employment Opportunity and Affirmative Action employer.

This job description is designed to cover the main responsibilities and duties of the role but is not designed to be a comprehensive list of all.

Salary/Pay Range: $50.00-$95.00/hr (Depending on experience)