Oooo for once, my time to shine! Or maybe, my time to shine???
> Is it typically expected of entry-level engineers, senior engineers, principals, tech leads, and/or project managers?
Working at a company that provides FedRAMP-approved services, the knowledge of FIPS within the company is a bit sparse. InfoSec definitely needed to understand it in order to explain to developers that they have to use BouncyCastle over the default java crypto provider, etc, but it took someone else to _really_ understand it and tell InfoSec that they were initially asking for the wrong thing.
Senior? At least minimal understanding of how cryptography works in their language of choice and the impact of FIPS.
Tech leads? Not a well-defined role. Probably.
Project managers? No.
> Have you ever needed to immerse yourself in a FIPS or ISO standard?
Yes. Multiple times. I argue with third-party auditors and the FedRAMP Joint Advisory Board about interpretation of these standards.
> Was it out of necessity for a project (just-in-time learning), or do some of you explore these standards in your spare time?
Necessity. See FedRAMP. However I can say ISO8601 was just for fun. ISO8601 gang represent!
> These standards are complex and mastering them is no small feat. It's interesting that people don't often brag about this expertise on their resumes.
I've seen a couple people who listed those standards or similar (FedRAMP again). Given the choice between two identical candidates while one has FedRAMP/FIPS/ISO experience I'll pick the one listing the standards.
> Have you ever listed such standards as part of your skill set? Why or why not?
I've not updated my resume since acquiring skills in the relevant standards but will probably include them when I do update my resume. They're a specialization that commands a premium when it comes to salary, if you're willing to work in the industries / companies that play in that space. Some people wouldn't include it because they truly hate working with rigorous standards.
> How has your understanding of these standards impacted your career or projects?
Understanding them has certainly proved to be a benefit to my career given how closely I work with them.