Broadcom FIPS Compliance Engineer 

United States, California, Palo Alto 

968847175

The Sr FIPS Compliance Engineer performs assessments of cryptographic security functions including in their use of Cloud Services; consults in development of a product's security design; tests and manages the third party evaluation against National Institute of Standards and Technology (NIST) Federal Information Processing Standard (FIPS) 140-3 for cryptographic modules as well as associated standards in accordance with NIST validation program requirements. Given the wide range of security technologies and interaction with VMware-wide product development teams, this position offers a rare opportunity to rapidly gain experience with a full spectrum of security products and technologies.

Typical responsibilities involve:

• Cryptographic module validation against US NIST FIPS 140-3 standards
• General security and compliance requirements analysis and System Level Logical Analysis - Perform security evaluation activities as needed including presentations to R&D teams
• Design work (product architecture) - Design and prepare instructions, procedures, tools and methods for aiding in third party compliance evaluations
• FIPS Test Harness Development, adaptation, and cross-compiling on multiple platforms
• Engineering compliance documentation (e.g. Security Policy, technical rationale, etc.)
• Cryptographic algorithm and Public Key Infrastructure (PKI) testing
• Source code review activities in a variety of programming languages
  

Required Qualifications:

• Experience performingevaluations/validations(both as an evaluator and consultant inFIPS140 ina CC / FIPS certifiedlab or performingFIPS evaluations and/or validations as a vendor)
• Experience with C, C++, Java languages, Perl, Ruby and development environments
• Strong knowledge of computer security principles and best practices
• Experience in security, networking, virtualization, cloud solutions
• Knowledge of common security related and other protocols and their design like ssh, IPsec, TLS, x509, SOAP, REST API, HTTPS, VXLAN, VLAN
• Knowledge of cryptographic encryption algorithms, key exchange algorithms, hashing algorithms, PKI, etc.
• Experience building testing environments, performing testing and reporting results (technical writing)
• Strong ability to read, understand and write development documents (e.g. functional spec, design spec, etc.)
• Strong ability to troubleshoot, strategize a solution and execute necessary steps
• Bachelor’s degree ( OR Master's degree plus 6 years) in technical discipline with greater than 8 years prior relevant experience (Electrical Engineering, Computer Engineering, Computer Science, Mathematics or related discipline)