user avatar

Cryptographic Engineer Lead

Koniag Government Services

Posted today

Job Requirements

Washington, DC
Public Trust Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries

Job Description

Koniag Data Solutions, LLC, a Koniag Government Services company, is seeking a Cryptographic Engineer Lead to support KDS and our government customer in Washington, DC. This position requires the candidate to be able to obtain a Public Trust.

We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.

Koniag Data Solutions, a Koniag Government Services company, is seeking an experienced Cryptographic Engineer Lead to support the U.S. Small Business Administration (SBA). The ideal candidate is a highly skilled cryptography and information security professional with deep expertise in cryptographic engineering, key management, and the design and implementation of cryptographic solutions within complex federal IT environments. This individual will serve as the primary subject matter expert (SME) for cryptographic engineering activities at the SBA, providing strategic leadership, technical guidance, and hands-on program management to ensure the agency's cryptographic systems, protocols, and controls meet the highest standards of security and comply with applicable federal cryptographic policies, standards, and requirements.

The Cryptographic Engineer Lead will serve as the senior technical expert responsible for leading the design, development, implementation, and management of cryptographic solutions and key management programs that protect SBA's sensitive data, systems, and communications.

Principal responsibilities will include but are not limited to:
  • Serve as the primary subject matter expert (SME) and technical lead for all cryptographic engineering activities supporting SBA's cybersecurity program, providing strategic direction, expert guidance, and hands-on technical leadership to ensure the security and integrity of SBA's cryptographic systems and controls.
  • Lead the design, development, and implementation of cryptographic solutions, protocols, and controls across SBA's enterprise IT environment, including on-premises, cloud, and hybrid infrastructures, ensuring alignment with federal cryptographic standards and best practices.
  • Oversee the development, implementation, and management of SBA's enterprise key management program, including the lifecycle management of cryptographic keys, certificates, and related cryptographic material in accordance with NIST guidelines and federal key management requirements.
  • Evaluate and recommend cryptographic algorithms, protocols, and technologies to address identified security gaps, emerging threats, and evolving federal cryptographic requirements, including the transition to post-quantum cryptography (PQC) standards.
  • Lead SBA's transition planning and implementation efforts for post-quantum cryptography, assessing the agency's current cryptographic inventory, identifying quantum-vulnerable systems and protocols, and developing a comprehensive migration roadmap aligned with NIST PQC standards and applicable OMB and CISA guidance.
  • Collaborate with SBA IT architects, system owners, developers, and program teams to integrate cryptographic requirements and controls into the design, development, and deployment of new and existing systems and applications throughout the SDLC.
  • Conduct cryptographic assessments and reviews of SBA's existing systems, applications, and infrastructure, identifying cryptographic weaknesses, misconfigurations, and areas of non-compliance with federal cryptographic standards, and developing remediation recommendations.
  • Develop and maintain comprehensive cryptographic program documentation, including cryptographic standards and guidelines, key management plans, cryptographic inventories, and technical design documents.
  • Provide expert guidance on the implementation and management of Public Key Infrastructure (PKI) solutions, including certificate authority (CA) management, certificate lifecycle management, and the integration of PKI with SBA's identity and access management (IAM) environment.
  • Support the integration of cryptographic requirements into SBA's NIST Risk Management Framework (RMF) and Authorization to Operate (ATO) processes, ensuring cryptographic controls are appropriately selected, implemented, assessed, and documented in system security documentation.
  • Assess the cryptographic security implications of emerging technologies, including cloud services, artificial intelligence, machine learning, and IoT, as they relate to SBA's technology strategy and cryptographic risk posture.
  • Collaborate with SBA's SOC, incident response, and cybersecurity architecture teams to ensure cryptographic controls support effective threat detection, incident response, and forensic investigation capabilities.
  • Develop and deliver cryptographic awareness and training materials to SBA IT staff, developers, and security personnel, fostering a strong understanding of cryptographic best practices and requirements across the agency.
  • Prepare and present detailed technical briefings, reports, and cryptographic program status updates to SBA leadership and stakeholders, clearly communicating cryptographic risks, findings, and recommendations
  • Monitor and analyze developments in cryptographic research, emerging threats, vulnerability disclosures, and changes to federal cryptographic standards and policies, applying new knowledge to continuously improve SBA's cryptographic posture.
  • Mentor and provide technical guidance to junior cryptographic engineers and security staff, fostering professional development and building organizational cryptographic expertise.

Education and Experience:

Required:
  • Bachelor's degree in Computer Science, Mathematics, Electrical Engineering, Cybersecurity, Information Technology, or a related field from an accredited college or university.
  • 8+ years of progressive experience in cryptographic engineering, information security, or a closely related field, with at least 3 years in a lead or senior cryptographic engineering role.
  • Demonstrated experience designing, implementing, and managing cryptographic solutions and key management programs within a federal government or large enterprise IT environment.
  • Deep knowledge of federal cryptographic standards and requirements, including FIPS 140-2/140-3, NIST SP 800-57, NIST SP 800-131A, and applicable CNSS policies and instructions.
  • One or more of the following certifications:
  • Certified Information Systems Security Professional (CISSP)
  • CISSP - Information Systems Security Engineering Professional (CISSP-ISSEP)
  • Certified Encryption Specialist (EC-Council CES)
  • GIAC Security Expert (GSE)
  • CompTIA Advanced Security Practitioner (CASP+)
  • Certified Information Security Manager (CISM)

Desired:
  • Master's degree or PhD in Computer Science, Mathematics, Cryptography, Electrical Engineering, or a related field, with a focus on cryptography or information security.
  • 10+ years of cryptographic engineering experience, with a strong background supporting federal government agency cryptographic programs.
  • Experience with or coursework in advanced cryptographic theory, including lattice-based cryptography, hash-based cryptography, or other post-quantum cryptographic algorithms.

Required Skills and Competencies:
  • Exceptional communication skills in English - both written and oral - with the ability to clearly convey complex cryptographic concepts, technical findings, and recommendations to both technical and non-technical audiences, including senior SBA leadership and government stakeholders.
  • Deep expertise in applied cryptography, including symmetric and asymmetric encryption algorithms, hashing algorithms, digital signatures, key exchange protocols, and cryptographic random number generation.
  • Comprehensive knowledge of federal cryptographic standards, policies, and requirements, including FIPS 140-2/140-3, NIST SP 800-57 (Key Management), NIST SP 800-131A (Transitioning Cryptographic Algorithms and Key Lengths), NIST SP 800-175B, and applicable CNSS instructions.
  • Strong experience designing and implementing enterprise key management solutions, including hardware security modules (HSMs), key management servers, and certificate management platforms.
  • Expertise in Public Key Infrastructure (PKI), including the design, implementation, and management of certificate authority (CA) hierarchies, certificate lifecycle management, and PKI integration with enterprise IAM environments.
  • Demonstrated knowledge of post-quantum cryptography (PQC) concepts, NIST PQC standardization efforts, and the implications of quantum computing for current cryptographic systems and federal agency cryptographic migration planning
  • Experience assessing and remediating cryptographic vulnerabilities in enterprise IT systems, applications, and protocols, including TLS/SSL configuration weaknesses, weak algorithm usage, improper key management practices, and certificate management issues.
  • Proficiency in cryptographic protocol analysis and the ability to evaluate the security of cryptographic implementations in software, hardware, and network protocols.
  • Strong knowledge of secure communications protocols and their cryptographic underpinnings, including TLS, SSH, IPsec, S/MIME, and PGP.
  • Experience integrating cryptographic solutions into cloud environments, including the use of cloud-native key management services such as AWS KMS, Azure Key Vault, and Google Cloud KMS.
  • Familiarity with hardware security modules (HSMs) and trusted platform modules (TPMs), including their configuration, management, and integration into enterprise cryptographic architectures.
  • Experience supporting the NIST RMF and ATO process, including the documentation and assessment of cryptographic controls within SSPs and security assessment reports (SARs).
  • Knowledge of federal cybersecurity frameworks and compliance requirements, including NIST SP 800-53, FISMA, and applicable CISA guidance, as they relate to cryptographic control implementation and assessment.
  • Strong analytical and problem-solving skills with the ability to assess complex cryptographic challenges, identify risks, and develop practical, standards-compliant remediation strategies.
  • Ability to obtain and maintain a Public Trust Clearance.

Desired Skills and Competencies:
  • Prior experience supporting SBA or other federal civilian agency cryptographic engineering programs.
  • Hands-on experience with post-quantum cryptographic algorithm implementation and testing, including CRYSTALS-Kyber, CRYSTALS-Dilithium, FALCON, or SPHINCS+.
  • Experience developing or reviewing cryptographic implementations in programming languages such as C, C++, Python, Java, or Go, with the ability to identify cryptographic vulnerabilities and weaknesses in source code.
  • Familiarity with side-channel attack methodologies and countermeasures, including timing attacks, power analysis attacks, and fault injection techniques, and their implications for cryptographic implementation security.
  • Knowledge of blockchain and distributed ledger technology (DLT) cryptographic mechanisms and their potential application within federal agency environments.
  • Experience with cryptographic agility design patterns and their application in developing systems capable of transitioning between cryptographic algorithms with minimal operational disruption.
  • Familiarity with FedRAMP authorized cloud environments and experience assessing cryptographic controls within FedRAMP boundaries and cloud service provider (CSP) cryptographic implementations.
  • Knowledge of zero-knowledge proof systems, homomorphic encryption, or secure multi-party computation concepts and their potential applications in federal data protection and privacy-enhancing technology initiatives.
  • Experience with code signing, software supply chain security, and the cryptographic mechanisms used to ensure the integrity and authenticity of software artifacts.
  • Certified Cloud Security Professional (CCSP) certification or equivalent cloud security certification with demonstrated experience in cloud cryptographic controls.
  • Experience developing enterprise cryptographic roadmaps, standards, and guidelines, and leading cross-functional teams in the implementation of cryptographic modernization initiatives.

Our Equal Employment Opportunity Policy

The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.

The company is dedicated to seeking all qualified applicants.

If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.

Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.

Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352
group id: 10201473
Find Koniag Government Services on Social Media
Recruiters
user avatar
About Us
Koniag Government Services (KGS) supports the values and traditions of our Native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services, and Operational Management to Federal Government Agencies. We apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and Native communities. Through our wholly-owned subsidiary companies, including SBA Certified 8(a) and HUBZone companies, we provide exceptional service to our Government clients with a committed focus on: Community Mission. Solution Oriented. Exceptional People.

Koniag Government Services Jobs


Job Category
IT - Security
Clearance Level
Public Trust