Post-Quantum Cryptography (PQC) Security Engineer

About

ShorePoint is a fast-growing, industry recognized and award‑winning cybersecurity services firm with a focus on high‑profile, high‑threat, private and public‑sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a work hard, play hard mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.

Perks

• 18 days of PTO
• 11 holidays
• 85 % of insurance premium covered
• 401(k)
• Continued education, certifications maintenance and reimbursement
• Major carriers for health care providers

Responsibilities

• Serve as the technical SME on information systems and infrastructure security, designing and enforcing cryptographic‑based security measures and policies.
• Lead engineering aspects of a Post‑Quantum Cryptography (PQC) migration program, advising on emerging technologies and translating strategy into operational outcomes.
• Support modernization of cryptographic inventory from manual to fully automated processes using discovery and inventory tools.
• Design and execute test plans for cryptographic tools, products and services in controlled lab and pre‑production environments, documenting results and configuration settings based on findings.
• Assess quantum vulnerabilities, conduct risk assessments and support migration to quantum‑resistant encryption aligned to NIST FIPS 203, 204 and 205.
• Collaborate with ISOs and ISSOs to enforce security policies and maintain compliance with federal IT security requirements.
• Research evolving PQC standards, tools and methodologies and synthesize findings into actionable engineering guidance.
• Contribute to large deliverables across the full program, including areas adjacent to the primary expertise.
• Communicate proactively across a fully remote, distributed team; written and async communication is core to how this team operates.
• Support Agile ceremonies, sprint coordination, stakeholder engagement and meeting documentation.

Requirements

• Network security architecture and risk assessment across complex federal or enterprise environments.
• Cryptographic principles and standards, including public key infrastructure (PKI), transport layer security (TLS) and the implications of quantum computing on current encryption.
• PQC frameworks and NIST standardization efforts, including the drivers and timelines behind federal migration requirements.
• Ability to independently research an evolving technical domain and translate findings into recommendations others can act on.

Must Haves

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Engineering or 4 + additional years of relevant experience in lieu of degree.
• 5 + years of experience in information security engineering, including network security, cryptographic systems and risk management.
• (ISC)² Certified Information Security Professional (CISSP) or Certified Information Security Manager (CISM).
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Experience implementing security controls and policies in enterprise IT environments.
• Hands‑on experience with security tools and automation.
• Familiarity with NIST cryptographic standards, PKI, TLS and Zero Trust Architecture (ZTA) frameworks.
• Applicants must be a U.S. citizen in compliance with federal contract requirements.

Beneficial to Have

• Prior experience working directly with or in support of federal agency IT programs, including familiarity with federal governance structures, compliance frameworks and inter‑agency coordination.
• ZTA principles and how they intersect with cryptographic security controls.
• Hands‑on experience with PQC concepts or NIST PQC algorithms (FIPS 203, 204, 205).
• Familiarity with automated cryptographic discovery and inventory tools, DevSecOps pipelines or FedRAMP environments.

Location

Remote (Herndon, VA).