IT FIPS Compliance Lead

FIPS Compliance Lead

FIPS Compliance Lead responsible for ensuring that all security measures within the organization meet NIST 800-171 Federal Information Processing Standards (FIPS) 140-2 requirements. This role will require a deep understanding of application security, cryptography, and Transport Layer Security (TLS) protocols. You will be tasked with implementing and maintaining security controls to protect sensitive data and ensure compliance with FIPS standards. Additionally, you will need to stay up-to-date on the latest security trends and technologies to continuously improve the organization's security posture.

Candidates for this role would benefit from exposure to tools and processes related to FIPS compliance, such as encryption algorithms, key management systems, and secure communication protocols. Experience in conducting security assessments, developing security policies, and implementing security best practices would also be valuable in this position. Strong communication skills are essential, as you will be working closely with cross-functional teams to address security vulnerabilities and ensure compliance with FIPS regulations.

The Work:

• Lead efforts to ensure FIPS compliance within the organization
• Implement and maintain security measures to meet FIPS 140-2 standards
• Conduct regular assessments of application security
• Provide expertise in cryptography and TLS protocols
• Collaborate with cross-functional teams (application and infrastructure owners) to address security concerns and vulnerabilities

Here's What You Need:

• 3+ years Experience in FIPS-approved algorithms (AES, SHA-3, RSA) and cryptographic key management (Advanced)
• 3+ years Experience with Cryptographic module requirements, security levels, and validation processes (CMVP) (Advanced)
• 3+ years Experience in Stakeholder Management (Intermediate)

Bonus Points if you have:

• NIST 800-171 Controls or 800-53
• CMMC Assessment