Who We Are

Lightship Security is an IT security testing lab. We work with leading product vendors to perform testing against IT security standards – Common Criteria and FIPS 140-2. We are committed to creating real world value through continued innovation in this field. If these values resonate with you… read on:
1. We solve problems for our clients
2. We work hard with integrity
3. We are technical experts
4. We value family
5. We have fun

Who We Want

We are seeking talented, energetic and driven intermediate and senior FIPS 140-2 testers to join our growing team.

Our FIPS testing team participates in the review, consultation and assessment of products against FIPS 140-2, as well as against custom security requirements where applicable. Projects will involve a wide variety of technologies including both hardware and software. Testers must have a solid grounding of cryptographic algorithms such as symmetric and asymmetric cryptography, digital signatures, cryptographic hashing and random number generators. They must be able to discern the cryptographic boundary for a variety of software, hardware and hybrid modules. The ideal candidate will have a solid background and knowledge of relevant security products such as routers, switches, HSM’s, firewalls, smartcards, etc.

The successful candidate will be able to demonstrate expertise with the Linux operating system, virtualization technologies and networking fundamentals. Knowledge and experience using industry standard cryptographic libraries is considered an asset.

All FIPS testers will be expected to interface with customers to provide them with sound technical consulting and support during the testing process.


  • Must have at a minimum of 1 year experience performing successful FIPS 140-2 consulting or testing;
  • Be able to pass the exam;
  • Strong knowledge of cryptography and relevant networking protocols such as: IPSec, SSL/TLS and SSH;
  • Demonstrative experience using Linux and Windows operating systems;
  • Knowledge of relevant vulnerability analysis and penetration testing of both hardware and software targets;
  • A University degree or college diploma in a technical field is required; and
  • Knowledge of Common Criteria, and other related standards are an asset.

You must be eligible for a Government of Canada security clearance to a minimum level of Secret.

This position is ideally based in Ottawa but remote options elsewhere in North America are possible.

Ready to Apply?

Please send us your resume and a cover letter to apply for this position.

Only those selected for an interview will be contacted. No agents, please.