Cryptography SME Program Manager

Job Description

Job Description

Defense Technology Integration is seeking a Cryptography Subject Matter Expert to architect, evaluate, and advance cryptographic solutions that protect sensitive federal health-IT environments and meet emerging post-quantum mandates. You will be advising federal cybersecurity leadership; guiding migrations to post-quantum algorithms; and ensuring full compliance with NIST, FIPS 140-3, and HHS cybersecurity directives. This role combines deep technical research with hands-on solution delivery across multiple cloud and on-prem platforms.

Job Duties / Responsibilities

• Architecture & Design – Lead the design and peer review of cryptographic architectures, protocols, and key-management infrastructures (KMS/HSM) for federal systems, including Zero Trust and High-Value Assets.
• Post-Quantum Migration – Drive client migrations in line with OMB M-23-02; develop PQC migration playbooks, inventories, and working-group charters.
• Assessment & Validation – Conduct cryptographic code reviews, threat modeling, and FIPS 140-3 validation support; remediate findings to meet FISMA and FedRAMP baselines.
• Key Management – Define lifecycle procedures (generation, escrow, rotation, revocation) for AWS KMS, Azure Key Vault, GCP KMS, and on-prem HSMs.
• Policy & Compliance – Author and update encryption standards, STIG checklists, and Section 508-aligned documentation; brief executives on risk posture and regulatory impacts.
• Tooling & Development – Build or vet reusable cryptographic libraries (OpenSSL, Bouncy Castle, libsodium) and automation scripts for CI/CD pipelines.
• Incident Response Support – Provide expert guidance during security incidents involving encryption or digital certificates.
• Training & Evangelism – Deliver internal workshops, brown-bag sessions, and mentoring to raise cryptographic maturity across federal project teams.
• Research & Innovation – Monitor academic and industry advances (homomorphic encryption, threshold signatures, MPC); publish white papers and propose R&D pilots.

Requirements

Experience

• Minimum: At least 2 years of experience with Cryptography or degree in Mathematics with 3 years of experience in a role as a Mathematician.
• Preferred: 7+ years in information security, with 3+ years dedicated to applied cryptography in federal or highly regulated sectors.

Hands-On Expertise:

• Symmetric & asymmetric algorithms (AES-GCM, ChaCha20-Poly1305, RSA, ECC, EdDSA).
• PKI, certificate lifecycle automation, OCSP/CRL, hardware tokens.
• TLS 1.3, IPsec, QUIC, secure boot, code signing.
• Cloud KMS and on-prem HSM (Thales, Azure HSM, AWS CloudHSM).
• Vulnerability assessment tools (crypto-lint, TLS scanners, SCAP/NIST 800-53 checklists).
• Demonstrated success leading or advising cryptographic workstreams on large federal programs (HHS, DoD, DHS, or financial services a plus).
• Proven ability to translate complex math into clear, executive-level risk narratives.

Education

• Required: Bachelor’s in Computer Science, Mathematics, Electrical Engineering, Information Security, or related discipline.
• Preferred: Master’s or Ph.D. with research in cryptography, number theory, or quantum-resistant algorithms.

Certifications

• Required: Secret (or higher) clearance
• CISSP, CISM, GIAC GCTY, CCSP, AWS Security Specialty, Microsoft SC-100.
• FIPS 140-3 Implementation/CMVP experience strongly desired.