Cryptography Engineer

Valiant Solutions is seeking a Post-Quantum Cryptography (PQC) Engineer to join our rapidly growing and innovative cybersecurity team!

The Post-Quantum Cryptography (PQC) Engineer will play a key role in a groundbreaking federal cybersecurity modernization effort, joining the project at its inception to help design and deliver the Department’s first enterprise-wide PQC solution. Working closely with senior government stakeholders, they will lead the technical journey from concept to implementation: shaping requirements, identifying and evaluating tools, designing the solution architecture, and driving deployment. This role offers a rare opportunity to influence how the federal government transitions to quantum-resilient encryption, advancing capabilities such as Automated Cryptographic Discovery and Inventory (ACDI) and Public Key Infrastructure (PKI) modernization in alignment with the Quantum Computing Cybersecurity Preparedness Act. The successful candidate will combine hands-on engineering excellence with program vision, helping the Department build, integrate, and operationalize next-generation cryptographic protections that secure its mission for the post-quantum era.  

Named one of the in the Washington DC area for 12 consecutive years, Valiant is proud of our employee-centric culture and commitment to excellence. If you are interested in learning more about Valiant and this opportunity, we invite you to apply now!

This position allows for 100% remote work. Remote work requires a high level of trust in our employees, and we strictly adhere to the details outlined in our Remote Work Policy below. 

Required Experience:

• 10+ years of experience performing engineering, technical, or program execution functions.
• Bachelor’s degree in a related field.
• Minimum certification: CISSP (or willingness to obtain within 3 months)
• Strong technical expertise in systems security engineering.
• Knowledge and practical experience with one or more of the following:
• Post-Quantum Cryptography (PQC) engineering and implementation.
• Public Key Infrastructure (PKI) design, integration, and management.
• Automated Cryptographic Discovery and Inventory (ACDI) technologies.
• Understanding of risks associated with PQC, PKI, and ACDI (technical, schedule, integration, etc.).
• Proficiency in engineering documentation, technical standards, and compliance with federal guidance.
• Experience supporting security compliance, risk management, and RMF (NIST SP 800-53).
• Excellent communication skills for working with government stakeholders, cross-functional teams, and technical groups.

Responsibilities:

PQC Solution Engineering

• Provide engineering and technical expertise in PQC, PKI, and Automated Cryptographic Discovery and Inventory (ACDI) implementation.
• Collaborate with stakeholders to define and refine PQC solution requirements.
• Deliver analyses, recommendations, and staffing support to advance PQC program goals.
• Develop engineering, implementation, and operations technical documents, schedules, and roadmaps.
• Support modernization of cryptographic inventory management from manual to automated processes using COTS/GOTS ACDI tools.
• Evaluate emerging technologies and provide recommendations to leadership.

PQC Solution Implementation

• Implement and operationalize the client''s PQC technical solution in line with Department requirements.
• Deploy ACDI capabilities to generate cryptographic inventories of quantum-vulnerable systems.
• Conduct and document post-implementation evaluations to validate PQC solution effectiveness.
• Securely integrate PQC and ACDI with existing Department services (CDM, VM, Zero Trust, etc.).
• Prototype and test NIST-approved PQC algorithms and discovery tools.
• Install and configure hardware/software replacements and upgrades for PQC transition.

PQC Solution Operations & Support

• Provide operations and maintenance (O&M) of the PQC solution (COTS, GOTS, SaaS).
• Monitor solution health, performance, and availability; manage patching, upgrades, and optimization.
• Maintain accurate solution inventories, secure configuration baselines, and user account validation.
• Develop operational documentation including SOPs, playbooks, checklists, and user guides.
• Provide after-hours technical support for planned and emergency maintenance.
• Collaborate with SOC and other technical teams on incident response, process optimization, and integration.

Compliance & Risk Management

• Support PQC compliance with FISMA, NIST, and federal cybersecurity mandates.
• Drive Risk Management Framework (RMF) activities, including POA&M management and A&A processes.
• Prepare and maintain system security documentation (SSP, IRP, DRP, BIA, CP, etc.).
• Support audits by providing evidence, coordination, tracking, and corrective actions.
• Ensure ongoing risk management, continuous monitoring, and compliance with privacy and records management requirements.