Junior Security Tester
๐
Posted 3h ago
๐ Job Description
- Each team member will be responsible to conduct security compliance analysis or testing of operational, management, and technical controls for IT products, including COTS and GOTS, networks, and systems such as network Routers, Switches, Software Modules and Wireless Controllers and Access Points which may include:
- Perform FIPS 140 validation testing on active Cryptographic Security Testing Laboratory testing projects for submission to the Cryptographic Module Validation Program (CMVP)
- Perform testing on algorithm implementations to obtain required algorithm certificates from the Cryptographic Algorithm Validation Program (CAVP)
- Develop test plans and procedures using applicable security control catalog, including FIPS 140, DCID 6/3, DoD 8500, or NIST SP 800-53
- Perform vulnerability analysis of product or system designs against applicable security criteria using common tools, including Nessus, NMAP, and WireShark
- Author security testing reports to detail the findings noted during testing
- Develop mitigation strategies to address vulnerabilities uncovered during security testing
- Assist with completing security documentation to meet certification and authorization requirements, as required
- Take and pass the Cryptographic Validation Program (CVP) exam
- Communicate with fellow team members, vendors, and oversight bodies (CMVP, CAVP) regarding findings
- Each team member has appropriate Computer Science, Computer Engineering, or related technical discipline or equivalent experience.
- Each team member is well versed in, but not limited to, operating systems, data structures, design/analysis of algorithms, database systems, programming languages, computer systems architectures, and networking.
