Cyber Security Engineer

Duties:

• Perform security duties including threat awareness, proactive network traffic analysis, incident response, forensic analysis, monitoring ticketing queue, and resolution of security incidents.
• Track security issues, and work closely with NERSC staff and end-users to advise and assist in remediation of vulnerabilities within proper timeframes.
• Support and/or lead cyber incident response activities and participate in the full incident response lifecycle.
• Maintain awareness of cybersecurity threats by monitoring a variety of information sources. Participate in 24/7 on-call rotation, occasionally working outside of scheduled hours as needed.
• Maintain existing security systems using automated tools and occasionally perform manual system administration tasks.
• Participate or lead efforts to upgrade existing systems to meet evolving needs, including the specification, purchase, and deployment of new security systems and infrastructure.
• Improve monitoring and data analysis including improvements in security data management and log analysis.
• Create, modify, and add signatures to existing IDS and security monitoring infrastructure. Promote a strong security culture through outreach and technical security consulting.
• Collaborate with system owners and application developers to assess and advise on proposed deployments, perform in-depth security reviews, and ensure cyber security best practices and policies are followed.
• Assist with developing and documenting cyber security guidance, policies, standards, and procedures.
• Secure deployment of containerized environments.
• Development and improvement of automated tools, techniques, and documentation used in existing operations.
• Security guidance and oversight in the deployment of Federated Identity and Access Management systems.
• Evaluate Edge Computing Networks and Zero Trust architectures by working with internal and external collaborators.
• Apply data modeling, visualization, machine learning, and statistical analysis techniques to large datasets from a wide range of sources in order to identify unusual and suspicious activity.

Requirements:

• Bachelor's degree in Computer Science, Cybersecurity, Mathematics or related field followed by 6 years of progressive, post-baccalaureate experience in the job offered or in a related occupation.
• Alternatively, will accept a Master's degree in Computer Science, Cybersecurity, Mathematics or related field and 4 years of experience in the job offered or in a related occupation.
• Demonstrated experience in: Linux/Unix system administration; Firewalls, log analysis, and network traffic analysis; Security monitoring and analysis, incident response, and risk assessment; Leading a project or team; Leading the implementation or administration of systems; Troubleshooting and solving complex issues where analysis of situations or data requires an in-depth evaluation of variable factors; General cyber security principles and standards; Network security and upper layer protocols; Programming in C and Python; Networking including OSI model and tcp/ip/udp packet inspection; Hardware Maintenance; Network segmentation; OT asset management and critical infrastructure protection; Integration of systems, processes, and organizational structures to optimize operations and enhance digital capabilities; Data logging systems and the acquisition, validation, cleaning, and preparation of data; and Automation of data workflows and troubleshooting data pipelines.