Senior Security Certification Analyst - Qualcomm - Guyancourt - France
## Company: Qualcomm France S.A.R.L. ## Job Area: Engineering Group, Engineering Group \> Security Engineering General Summary: We are seeking a senior security certification engineer with a strong hands-on background in FIPS 140-2 and FIPS 140-3 validations. You will join our Security Certification team supporting Qualcomm product certifications across hardware and software domains. In this role, you will apply 5-8 years of experience to ensure Qualcomm cryptographic modules achieve FIPS 140 compliance, working closely with worldwide engineering teams, product managers, corporate security, third-party evaluation labs, and government validation authorities. The role offers exposure to all aspects of product security---especially cryptography, certification requirements, and the development of FIPS documentation---ultimately enabling Qualcomm to meet global customer security needs and deploy trusted, compliant solutions. We are open on the location for this role for the right individual Educational Requirements: \* Required: Bachelor's degree in Electrical Engineering, Computer Science, Information Security, Mathematics or equivalent \* Preferred: Master's, Computer Engineering and/or Mathematics and/or Computer Science and/or Electrical Engineering Required Qualifications: \* 5 years of experience in embedded product's security, cryptography and security certification (e.g. Secure Processor or secure element, Cryptographic libraries, hardware cryptography and embedded security software...) in the context of FIPS 140-2/-3, Common Criteria (CC), SESIP or banking standards such as EMVCo, MasterCard, VISA, etc. \* 3 years of embedded security/cryptography experience with direct involvement in FIPS 140-2/-3 cryptographic module validations (e.g. cryptographic library or secure hardware module validation). \* 2 years of experience in project management \* Intermediate knowledge of cryptography (symmetric, asymmetric, hashes, RNG) and associated standards Preferred Qualifications: \* 8 years total experience in secure embedded systems or product security roles (beyond FIPS) -- indicating deeper expertise \* 5 years of Experience working in or with accredited FIPS 140 evaluation labs (e.g. ATSEC) or in product teams that achieved FIPS validations -- provides valuable perspective on the testing and certification process. \* 5 years of experience in project management \* Advanced cryptography knowledge (e.g. various standards, entropy sources) and familiarity with security architecture (ARM TrustZone, hardware cryptographic engines, etc.). Principal Duties and Responsibilities: \* Coordinate and execute FIPS 140-3 validation projects from planning through lab submission and certification, working under guidance from senior team members as needed. \* Prepare, review, and maintain detailed FIPS certification documentation (e.g. security policies, design documentation), ensuring strict compliance with NIST requirements. \* Collaborate closely with third-party labs and certification authorities to facilitate evidence collection, testing, and resolve any issues throughout the validation process.. \* Advise and support internal engineering teams on FIPS 140 requirements and best practices, helping integrate compliance into product development \* Work independently on assignments with moderate supervision, and effectively plan and prioritize tasks to meet project milestones. \* Communicate clearly with cross-functional stakeholders (engineers, managers, external evaluators), conveying technical details and progress Keywords: SoC (system on chip), Security Certification, FIPS 140, Common Criteria, Cryptography. Minimum Qualifications: • Bachelor's degree in Engineering, Computer Science, or related field and 4 years of Security Engineering or related work experience. OR Master's degree in Engineering, Computer Science, or related field and 3 years of Security Engineering or related work experience. OR PhD in Engineering, Computer Science, or related field and 2 years of Security Engineering or related work experience. \*References to a particular number of years experience are for indicative purposes only. Applications from candidates with equivalent experience will be considered, provided that the candidate can demonstrate an ability to fulfill the principal duties of the role and possesses the required competencies. Qualcomm is an equal opportunity employer. If you are an individual with a disability and need an accommodation during the application/hiring process, rest assured that Qualcomm is committed to providing an accessible process. You may e-mail disability-accomodations@qualcomm.com or call Qualcomm's toll-free number found here. Upon request, Qualcomm will provide reasonable accommodations to support individuals with disabilities to be able participate in the hiring process. Qualcomm is also committed to making our workplace accessible for individuals with disabilities. (Keep in mind that this email address is used to provide reasonable accommodations for individuals with disabilities. We will not respond here to requests for updates on applications or resume inquiries). Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law. To all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Qualcomm. Staffing and recruiting agencies and individuals being represented by an agency are not authorized to use this site or to submit profiles, applications or resumes, and any such submissions will be considered unsolicited. Qualcomm does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications. If you would like more information about this role, please contact Qualcomm Careers.