Our client, a prestigious Systems Engineering Company, is looking for CST Lab Manager based in Ottawa, Ontario.
Cryptographic and Security Test (CST) Lab Manager
CST Lab performs cryptographic testing in accordance with the FIPS 140-2 and ISO/IEC 19790 standards for Cryptographic Modules and testing of Scanning products in accordance with the Security Content Automation Protocol (SCAP). This position is for a technologically savvy individual with comprehensive knowledge of FIPS 140-2 and/or ISO/IEC 19790, a strong background in testing cryptographic modules, experience managing multiple projects at the same time, and experience developing quotes and statements of work. The successful applicant will also have excellent customer relationship management skills and proven ability to handle interactions with the Cryptographic Module Validation Program (CMVP) and Cryptographic Algorithm Validation Program (CAVP) authorities.
Under the direction and guidance of the Information Technology Security Evaluation and Test (ITSET) Facility Director the CST Lab Manager will manage technical, business and project coordination activities in the Cryptographic and Security Test lab (FIPS 140-2, SCAP, ISO 19790). The CST Lab Manager will act as the focal point for communications on the applicable programs external to the facility and will assist the Facility Director in business development, management reviews, assessing the impact of changes to CMVP, CAVP and ISO 19790 requirements and the generation, maintenance and adherence to facility policies and procedures.
The CST Lab Manager will be responsible for:
• Monitoring and reporting on the schedule and cost progress of CST Lab projects;
• Ensuring the records of testing are complete, clear , concise, correct, consistent, unambiguous and meet test program requirements;
• Approving and signing CST Lab generated documentation including reports and work plans;
• Initiating projects, preparing budgets and tracking completion status;
• Developing and coordinating the training programs for staff in the CST Lab;
• Assisting the Facility Director in ensuring the CST Labs maintain their accreditation status under National Voluntary Laboratory Accreditation Program (NVLAP) and Standards Council of Canada (SCC) including ensuring that application and submission packages related to accreditation are complete and accurate, and that all conditions for accreditation are satisfied;
• Ensuring that the validation testing processes for CST Lab projects follows the requirements of the applicable standards, test requirements and any applicable guidance; and
• Assigning Lead Testers and testing staff, and access to other resources, to ensure successful completion of testing or consulting support projects.
A significant duty for the CST Lab Manager will be to mentor and train junior staff.
- Detailed knowledge of the FIPS 140-2 standard and its Derived Test requirements and Implementation Guidance.
- Detailed knowledge of the CMVP, CAVP and SCAP test programs.
- Comprehensive knowledge of NIST Special PUBS related to cryptography, and CMVP, CAVP and SCAP requirements.
- Comprehensive knowledge of ISO 17025 and ISO 19790.
- Working knowledge of NVLAP and SCC IT security test lab accreditation requirements
- Qualified cryptographic module tester with a minimum of 5 years’ experience in the FIPS 140-2 test program and an additional 5 years’ experience in FIPS 140-2 or similar test program involving hardware and/or software
- Minimum 5 years’ experience in customer-facing technical roles.
- Comprehensive knowledge of client relationship management, proposal preparation, and project cost and resource management
- Must be approved by accreditation authorities in NVLAP and CMVP as CST Lab Manager
- Excellent English reading, comprehension and writing skills – must be able to prepare written reports, proposals, plans, etc.
- Excellent English oral communication skills with ability to articulate requirements in technical and non-technical terms to customers, peers, and management.
- Must have demonstrated experience in managing multiple projects with stringent deadlines and working with multi-disciplinary teams.
- Must be able to lead a variety of small teams working on validation testing projects.
- Significant experience in successfully dealing with cross-cultural and/or foreign customers.
- Must be eligible for security clearance to the level of enhanced reliability/secret.
- Occasional overtime may be required to meet project schedules.
- Occasional domestic and international travel will be required.
- Familiarity with the requirements of Common Criteria and Payment Assurance test programs is desirable
- Successful completion of a post-secondary program, preferably in a field related to IT security, Computer Science or Engineering, or equivalent job experience is desirable
- Minimum experience requirements may be relaxed for particularly strong candidates
Our client offers a salary and benefit package competitively placed with the local market. They promote a culture where motivated customer-oriented employees can flourish, experience professional fulfillment and reach their highest potential. Medical, Prescription, Dental, Vision, and Disability Insurance plans; RRSP plan with company match; paid time off (vacation; sick holiday); Employee Assistance Program (EAP); Tuition Reimbursement, and more.
We thank all interest, but only those being considered for interview will be contacted.
Forward resumes to: email@example.com