FIPS Security Engineer

The Cryptographic Security Testing (CST) Lab within Accredited Testing and Evaluation (AT&E) at Leidos currently has an opening for FIPS Security Engineer to work in our Columbia, MD office. This is an exciting opportunity to use your experience to help with FIPS 140-3 security evaluations. A FIPS Security Engineer is a technical position within the CST Lab. A new hire joining CST with significant prior experience in trusted product validations may be designated a FIPS Security Engineer. This position can perform the role of validation technical lead, providing direction and oversight to validation team members in the conduct of a trusted product validation. A FIPS Security Engineer is also able to perform the role of a technical POC with CST customers.

A FIPS Security Engineer is also able to provide validation consultancy support to CST customers. This support may include advice on the suitability of evidence for validation and help in creating validation evidence on behalf of CST customers

Primary Responsibilities:

• Accountable for competently conducting product security assessments under the direction of the lead tester

• Maintains an ongoing dialogue with the lead tester about the status and conduct of security assessments

• Analyzes and clarifies customer requirements

• Understands and complies with the verification and validation of test methods and procedures

• Analyze results, including statements of conformity and any applicable opinions and interpretations.

• Reports details of all nonconforming work and supplies that prohibit the accurate conduct of security assessments (observation reports)

• Strong FIPS knowledge

• Mentor junior testers, as needed

• Coordinate all tasks with the project lead tester or lab manager

• Provide weekly informal status for all tasks to the project lead tester

• Lead client facing activities

• Independently perform the following:

  • Algorithm generation and verification testing activities using CAVS and the ACVTS

  • Design reviews

  • Compliance analysis

  • Source code reviews

  • Failure testing

  • Operational testing

  • Testing activities

• Complete CRYPTIK sections with 70 percent proficiency

• Independently perform physical testing

• Complete Physical Testing Reports with 70 percent proficiency

• Draft DRF and onsite test plans

Basic Qualifications:

A FIPS Security Engineer shall meet the following requirements:

• Minimum Bachelor of Science in Computer Science, Computer Engineering, or related technical discipline, or equivalent experience.

• Meets the IAT Level I position requirements as defined in DoD 8570.01-M, to include at least one of the following certifications: GISF, GSLC, Security +, or equivalent industry experience

• At least 2 years working at a CST validation laboratory or demonstrate proficient knowledge in the subject area.

• Possess sound knowledge of IT security concepts and familiarity with the CST technical procedures and the validation methodologies employed by the CST.

Preferred Qualifications:

• CVP certification is not required for this role, however, it is highly recommended and should be pursued to enhance skills and career development within the field.

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

Original Posting:

May 1, 2026

Pay Range:

Pay Range $87,100.00 - $157,450.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.