Oak Ridge National Laboratory
The Information Technology Services Division (ITSD) at the Oak Ridge National Laboratory (ORNL) is seeking applicants for the position of Senior Cyber Security Engineer. The selected individual will be highly technical and motivated with an understanding of all aspects of cyber security and will provide expert technical advice, analysis and design for next generation cyber capabilities.
Major Duties and Responsibilities:
• Provide expert technical guidance to enhance, implement and operate cyber security proactive/reactive capabilities
• Identify areas in need of improvement in cyber security for information and operations security
• Standardize, document, maintain, and automate the system, network and cyber processes for monitoring, analyzing, and responding to malicious behavior, incidents, etc.
• Review, assess, design, and recommend future cyber capabilities capitalizing on current technologies and architecting next generation roadmaps
• Leverage existing tools to conduct data analysis and generate reports/dashboards, and provide trend analysis
• Work with management and technical teams to ensure alignment of business, technical and security requirements
• Identify information and operational cyber problems, trends, and weaknesses and recommend specific modifications and solutions to reduce threats and risks
• Develop and maintain security architecture artifacts (models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations
• Continuously review and validate IT infrastructure and architecture for security best practices and recommend changes to enhance security and reduce risk where applicable
• Develop presentations that convey status, complex technical concepts, incidents, and issues to management and staff with varying levels of experience and technical expertise
Basic Requirements:
• Bachelor's Degree in Computer Science or related field
• 10 years overall IT experience, 2 years in engineering, and 5 years in cyber security
• Direct, verifiable, documented hands-on experience installing, managing and updating security infrastructure such as firewalls, IPSs, WAFs, endpoint protection, SIEM and log management technology
• Advanced understanding of security engineering and architecture concepts
• Experience planning, designing, and implementing cyber security improvements and associated metrics to assess impact
• Experience leading full life cycle security projects
• Experience with applications security and secure development
• Extensive knowledge of information technology and cyber security topics, including network flow, log analysis, cyber security visualization, and programming
• In-depth experience installing, configuring, updating, and evaluating IDS/IPS solutions
Qualifications Preferred:
• Master's Degree in Computer Science or related field
• Experience in analysis of large data sets and developing new capabilities from analysis
• System administration experience of Windows, Linux and Mac operating systems
• Experience/understanding of network systems, operations, and monitoring
• Experience supporting large-scale deployments and system integration
• Experience with business strategy, improving processes, and making recommendations in business processes and policies for operational metrics and results
• Experience with DOE facilities or other government entities is a plus.
• Relevant technical certifications a plus
Special Requirement:
This position requires the ability to obtain and maintain a “Q” clearance from the Department of Energy. As such, this position is a Workplace Substance Abuse program (WSAP) testing designed position which requires passing a pre-placement drug test and participation in an ongoing random drug testing program in which employees are subject to being randomly selected for testing. The occupant of this position will also be subject to an ongoing requirement to report to ORNL any drug-related arrest or conviction or receipt of a positive drug test result.