Haystack
← Back to Jobs
Employee
Administrative

Cryptographic Engineer Lead with Security Clearance

Koniag Government ServicesWashington, DC🇺🇸United StatesPosted 14 Jul 2026

Quick Overview

Work Type
Hybrid
Schedule
Employee
Level
Mid Senior

Job Description

Koniag Data Solutions, LLC, a Koniag Government Services company, is seeking a Cryptographic Engineer Lead to support KDS and our government customer in Washington, DC. This position requires the candidate to be able to obtain a Public Trust. We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more. Koniag Data Solutions, a Koniag Government Services company, is seeking an experienced Cryptographic Engineer Lead to support the U.S. Small Business Administration (SBA). The ideal candidate is a highly skilled cryptography and information security professional with deep expertise in cryptographic engineering, key management, and the design and implementation of cryptographic solutions within complex federal IT environments. This individual will serve as the primary subject matter expert (SME) for cryptographic engineering activities at the SBA, providing strategic leadership, technical guidance, and hands-on program management to ensure the agency's cryptographic systems, protocols, and controls meet the highest standards of security and comply with applicable federal cryptographic policies, standards, and requirements. The Cryptographic Engineer Lead will serve as the senior technical expert responsible for leading the design, development, implementation, and management of cryptographic solutions and key management programs that protect SBA's sensitive data, systems, and communications. Principal responsibilities will include but are not limited to: * Serve as the primary subject matter expert (SME) and technical lead for all cryptographic engineering activities supporting SBA's cybersecurity program, providing strategic direction, expert guidance, and hands-on technical leadership to ensure the security and integrity of SBA's cryptographic systems and controls. * Lead the design, development, and implementation of cryptographic solutions, protocols, and controls across SBA's enterprise IT environment, including on-premises, cloud, and hybrid infrastructures, ensuring alignment with federal cryptographic standards and best practices. * Oversee the development, implementation, and management of SBA's enterprise key management program, including the lifecycle management of cryptographic keys, certificates, and related cryptographic material in accordance with NIST guidelines and federal key management requirements. * Evaluate and recommend cryptographic algorithms, protocols, and technologies to address identified security gaps, emerging threats, and evolving federal cryptographic requirements, including the transition to post-quantum cryptography (PQC) standards. * Lead SBA's transition planning and implementation efforts for post-quantum cryptography, assessing the agency's current cryptographic inventory, identifying quantum-vulnerable systems and protocols, and developing a comprehensive migration roadmap aligned with NIST PQC standards and applicable OMB and CISA guidance. * Collaborate with SBA IT architects, system owners, developers, and program teams to integrate cryptographic requirements and controls into the design, development, and deployment of new and existing systems and applications throughout the SDLC. * Conduct cryptographic assessments and reviews of SBA's existing systems, applications, and infrastructure, identifying cryptographic weaknesses, misconfigurations, and areas of non-compliance with federal cryptographic standards, and developing remediation recommendations. * Develop and maintain comprehensive cryptographic program documentation, including cryptographic standards and guidelines, key management plans, cryptographic inventories, and technical design documents. * Provide expert guidance on the implementation and management of Public Key Infrastructure (PKI) solutions, including certificate authority (CA) management, certificate lifecycle management, and the integration of PKI with SBA's identity and access management (IAM) environment. * Support the integration of cryptographic requirements into SBA's NIST Risk Management Framework (RMF) and Authorization to Operate (ATO) processes, ensuring cryptographic controls are appropriately selected, implemented, assessed, and documented in system security documentation. * Assess the cryptographic security implications of emerging technologies, including cloud services, artificial intelligence, machine learning, and IoT, as they relate to SBA's technology strategy and cryptographic risk posture. * Collaborate with SBA's SOC, incident response, and cybersecurity architecture teams to ensure cryptographic controls support effective threat detection, incident response, and forensic investigation capabilities. * Develop and deliver cryptographic awareness and training materials to SBA IT staff, developers, and security personnel, fostering a strong understanding of cryptographic best practices and requirements across the agency. * Prepare and present detailed technical briefings, reports, and cryptographic program status updates to SBA leadership and stakeholders, clearly communicating cryptographic risks, findings, and recommendations * Monitor and analyze developments in cryptographic research, emerging threats, vulnerability disclosures, and changes to federal cryptographic standards and policies, applying new knowledge to continuously improve SBA's cryptographic posture. * Mentor and provide technical guidance to junior cryptographic engineers and security staff, fostering professional development and building organizational cryptographic expertise. Education and Experience: Required: * Bachelor's degree in Computer Science, Mathematics, Electrical Engineering, Cybersecurity, Information Technology, or a related field from an accredited college or university. * 8+ years of progressive experience in cryptographic engineering, information security, or a closely related field, with at least 3 years in a lead or senior cryptographic engineering role. * Demonstrated experience designing, implementing, and managing cryptographic solutions and key management programs within a federal government or large enterprise IT environment. * Deep knowledge of federal cryptographic standards and requirements, including FIPS 140-2/140-3, NIST SP 800-57, NIST SP 800-131A, and applicable CNSS policies and instructions. * One or more of the following certifications: * Certified Information Systems Security Professional (CISSP) * CISSP - Information Systems Security Engineering Professional (CISSP-ISSEP) * Certified Encryption Specialist (EC-Council CES) * GIAC Security Expert (GSE) * CompTIA Advanced Security Practitioner (CASP+) * Certified Information Security Manager (CISM) Desired: * Master's degree or PhD in Computer Science, Mathematics, Cryptography, Electrical Engineering, or a related field, with a focus on cryptography or information security. * 10+ years of cryptographic engineering experience, with a strong background supporting federal government agency cryptographic programs. * Experience with or coursework in advanced cryptographic theory, including lattice-based cryptography, hash-based cryptography, or other post-quantum cryptographic algorithms. Required Skills and Competencies: * Exceptional communication skills in English - both written and oral - with the ability to clearly convey complex cryptographic concepts, technical findings, and recommendations to both technical and non-technical audiences, including senior SBA leadership and government stakeholders. * Deep expertise in applied cryptography, including symmetric and asymmetric encryption algorithms, hashing algorithms, digital signatures, key exchange protocols, and cryptographic random number generation. * Comprehensive knowledge of federal cryptographic standards, policies, and requirements, including FIPS 140-2/140-3, NIST SP 800-57 (Key Management), NIST SP 800-131A (Transitioning Cryptographic Algorithms and Key Lengths), NIST SP 800-175B, and applicable CNSS instructions. * Strong experience designing and implementing enterprise key management solutions, including hardware security modules (HSMs), key management servers, and certificate management platforms. * Expertise in Public Key Infrastructure (PKI), including the design, implementation, and management of certificate authority (CA) hierarchies, certificate lifecycle management, and PKI integration with enterprise IAM environments. * Demonstrated knowledge of post-quantum cryptography (PQC) concepts, NIST PQC standardization efforts, and the implications of quantum computing for current cryptographic systems and federal agency cryptographic migration planning * Experience assessing and remediating cryptographic vulnerabilities in enterprise IT systems, applications, and protocols, including TLS/SSL configuration weaknesses, weak algorithm usage, improper key management practices, and certificate management issues. * Proficiency in cryptographic protocol analysis and the ability to evaluate the security of cryptographic implementations in software, hardware, and network protocols. * Strong knowledge of secure communications protocols and their cryptographic underpinnings, including TLS, SSH, IPsec, S/MIME, and PGP. * Experience integrating cryptographic solutions into cloud environments, including the use of cloud-native key management services such as AWS KMS, Azure Key Vault, and Google Cloud KMS. * Familiarity with hardware security modules (HSMs) and trusted platform modules (TPMs), including their configuration, management, and integration into enterprise cryptographic architectures. * Experience supporting the NIST RMF and ATO process, including the documentation and assessment of cryptographic controls within SSPs and security assessment reports (SARs). * Knowledge of federal cybersecurity frameworks and compliance requirements, including NIST SP 800-53,

Similar jobs