Defense Technology Integration Llc
Cryptography SME Program Manager
Defense Technology Integration Llc, Bethesda, Maryland, us, 20811
Job Description
Defense Technology Integration is seeking a Cryptography Subject Matter Expert to architect, evaluate, and advance cryptographic solutions that protect sensitive federal health-IT environments and meet emerging post-quantum mandates. You will be advising federal cybersecurity leadership; guiding migrations to post-quantum algorithms; and ensuring full compliance with NIST, FIPS 140-3, and HHS cybersecurity directives. This role combines deep technical research with hands‑on solution delivery across multiple cloud and on‑prem platforms.
Job Duties / Responsibilities
Architecture & Design – Lead the design and peer review of cryptographic architectures, protocols, and key‑management infrastructures (KMS/HSM) for federal systems, including Zero Trust and High‑Value Assets.
Post‑Quantum Migration – Drive client migrations in line with OMB M‑23‑02; develop PQC migration playbooks, inventories, and working‑group charters.
Assessment & Validation – Conduct cryptographic code reviews, threat modeling, and FIPS 140-3 validation support; remediate findings to meet FISMA and FedRAMP baselines.
Key Management – Define lifecycle procedures (generation, escrow, rotation, revocation) for AWS KMS, Azure Key Vault, GCP KMS, and on‑prem HSMs.
Policy & Compliance – Author and update encryption standards, STIG checklists, and Section 508‑aligned documentation; brief executives on risk posture and regulatory impacts.
Tooling & Development – Build or vet reusable cryptographic libraries (OpenSSL, Bouncy Castle, libsodium) and automation scripts for CI/CD pipelines.
Incident Response Support – Provide expert guidance during security incidents involving encryption or digital certificates.
Training & Evangelism – Deliver internal workshops, brown‑bag sessions, and mentoring to raise cryptographic maturity across federal project teams.
Research & Innovation – Monitor academic and industry advances (homomorphic encryption, threshold signatures, MPC); publish white papers and propose R&D pilots.
Requirements Experience
Minimum: At least 2 years of experience with Cryptography or degree in Mathematics with 3 years of experience in a role as a Mathematician.
Preferred: 7+ years in information security, with 3+ years dedicated to applied cryptography in federal or highly regulated sectors.
Hands-On Expertise
Symmetric & asymmetric algorithms (AES‑GCM, ChaCha20‑Poly1305, RSA, ECC, EdDSA).
PKI, certificate lifecycle automation, OCSP/CRL, hardware tokens.
TLS 1.3, IPsec, QUIC, secure boot, code signing.
Cloud KMS and on‑prem HSM (Thales, Azure HSM, AWS CloudHSM).
Vulnerability assessment tools (crypto-lint, TLS scanners, SCAP/NIST 800‑53 checklists).
Demonstrated success leading or advising cryptographic workstreams on large federal programs (HHS, DoD, DHS, or financial services a plus).
Proven ability to translate complex math into clear, executive‑level risk narratives.
Education
Required: Bachelor’s in Computer Science, Mathematics, Electrical Engineering, Information Security, or related discipline.
Preferred: Master’s or Ph.D. with research in cryptography, number theory, or quantum‑resistant algorithms.
Certifications
Required: Secret (or higher) clearance
CISSP, CISM, GIAC GCTY, CCSP, AWS Security Specialty, Microsoft SC‑100.
FIPS 140‑3 Implementation/CMVP experience strongly desired.
#J-18808-Ljbffr
Job Duties / Responsibilities
Architecture & Design – Lead the design and peer review of cryptographic architectures, protocols, and key‑management infrastructures (KMS/HSM) for federal systems, including Zero Trust and High‑Value Assets.
Post‑Quantum Migration – Drive client migrations in line with OMB M‑23‑02; develop PQC migration playbooks, inventories, and working‑group charters.
Assessment & Validation – Conduct cryptographic code reviews, threat modeling, and FIPS 140-3 validation support; remediate findings to meet FISMA and FedRAMP baselines.
Key Management – Define lifecycle procedures (generation, escrow, rotation, revocation) for AWS KMS, Azure Key Vault, GCP KMS, and on‑prem HSMs.
Policy & Compliance – Author and update encryption standards, STIG checklists, and Section 508‑aligned documentation; brief executives on risk posture and regulatory impacts.
Tooling & Development – Build or vet reusable cryptographic libraries (OpenSSL, Bouncy Castle, libsodium) and automation scripts for CI/CD pipelines.
Incident Response Support – Provide expert guidance during security incidents involving encryption or digital certificates.
Training & Evangelism – Deliver internal workshops, brown‑bag sessions, and mentoring to raise cryptographic maturity across federal project teams.
Research & Innovation – Monitor academic and industry advances (homomorphic encryption, threshold signatures, MPC); publish white papers and propose R&D pilots.
Requirements Experience
Minimum: At least 2 years of experience with Cryptography or degree in Mathematics with 3 years of experience in a role as a Mathematician.
Preferred: 7+ years in information security, with 3+ years dedicated to applied cryptography in federal or highly regulated sectors.
Hands-On Expertise
Symmetric & asymmetric algorithms (AES‑GCM, ChaCha20‑Poly1305, RSA, ECC, EdDSA).
PKI, certificate lifecycle automation, OCSP/CRL, hardware tokens.
TLS 1.3, IPsec, QUIC, secure boot, code signing.
Cloud KMS and on‑prem HSM (Thales, Azure HSM, AWS CloudHSM).
Vulnerability assessment tools (crypto-lint, TLS scanners, SCAP/NIST 800‑53 checklists).
Demonstrated success leading or advising cryptographic workstreams on large federal programs (HHS, DoD, DHS, or financial services a plus).
Proven ability to translate complex math into clear, executive‑level risk narratives.
Education
Required: Bachelor’s in Computer Science, Mathematics, Electrical Engineering, Information Security, or related discipline.
Preferred: Master’s or Ph.D. with research in cryptography, number theory, or quantum‑resistant algorithms.
Certifications
Required: Secret (or higher) clearance
CISSP, CISM, GIAC GCTY, CCSP, AWS Security Specialty, Microsoft SC‑100.
FIPS 140‑3 Implementation/CMVP experience strongly desired.
#J-18808-Ljbffr