Job Description
Lawrence Berkeley National Labs (LBNL) National Energy Research Scientific Computing Center (NERSC) Division has an opening for a Cyber Security Engineer to join the team.
NERSCs mission is to accelerate scientific discovery through high performance computing and data analysis for the DOE Office of Science programs. NERSC provides critical HPC and data systems and support for NERSCs 10,000 users researching alternative energy sources, climate science, energy efficiency, environmental science and other DOE mission areas.
In this exciting role, you will be involved in all aspects of cyber security at NERSC, working both independently and collaboratively with the rest of the security team to monitor for malicious and unauthorized activity, perform vulnerability scanning and application security testing, participate or lead responses to security incidents, work with other NERSC staff and end-users to provide security guidance, perform security assessments and reviews, assist in the remediation or mitigation of cyber security issues, and contribute to the NERSC strategy as we move to exascale and beyond.
At NERSC, you will work in a collaborative, interdisciplinary environment with opportunities to explore emerging technologies, become involved in cross-team projects, and attend NERSC seminars on a wide range of scientific and technical subjects.
What You Will Do:
- Perform security duties including monitoring for potential threats, proactively examining network traffic and log data, investigating anomalous activity, forensic analysis, and resolution of security incidents.
- Support and/or lead cyber incident response activities, participating in the full incident response lifecycle, from initial detection through resolution and post-incident documentation.
- Maintain up-to-date awareness of cybersecurity threats and trends by monitoring a variety of information sources. Assess emerging security issues to determine risk and impact to the center, advise on appropriate response strategies, and coordinate mitigation efforts across teams.
- Assist with vulnerability assessment activities, including configuration of scanning tools, prioritization and triage of discovered vulnerabilities, and working closely with staff and end users to guide remediation efforts.
- Participate in 24/7 on-call rotation, occasionally working outside of scheduled hours as needed.
- Contribute to the design and development of NERSCs security architecture, identify and address operational gaps in monitoring and detection capabilities, and help evaluate and develop new cyber security tools and technologies.
- Participate or lead efforts to upgrade existing systems to meet evolving needs, including the specification, purchase, installation, configuration, and deployment of new hardware and security services.
- Help maintain and manage existing cybersecurity systems using automation tools. Occasionally perform manual system administration tasks, troubleshooting, and hardware maintenance and support.
- Develop and add new signatures to IDS and monitoring infrastructure based on emerging threats and data from past incidents, ensuring detection capabilities align with the latest attack vectors and vulnerabilities.
- Lead or support the design and implementation of a Zero Trust strategy that reduces and mitigates risk while continuing to enable NERSCs open science mission.
- Promote a strong security culture through outreach, technical consulting, and security awareness activities. Provide guidance on security best practices, assist with the implementation of security controls, and effectively communicate security policies and requirements to NERSC staff and users.
- Collaborate closely with NERSC system engineers and software developers to integrate cyber security tools and processes throughout the center.
- Conduct in-depth security reviews and risk assessments, analyzing both technical and non-technical factors to identify weaknesses in existing and proposed deployments.
- Serve as a security subject matter expert on cross-functional projects and initiatives, offering guidance based on security best practices, identifying and communicating security issues, and collaborating with others to ensure security is a key consideration across all phases of the project.
- Contribute to the development of cybersecurity requirements, translating high-level policy into actionable security controls and guidelines.
- May lead technical initiatives or projects focused on advancing security in areas such as containerized environments, secure software practices, Zero Trust Architecture, and secure data movement in HPC and scientific workflows.
What is Required:
- Bachelors degree in Computer Science or a related field and a minimum of 8 years of related experience; or 6 years and a Masters degree; or equivalent experience.
- Prior experience performing cybersecurity work in areas such as network defense, security monitoring and intrusion detection, vulnerability and risk assessment, penetration testing, or threat intelligence.
- Hands-on experience with incident response activities, including investigation, forensics, timeline reconstruction, and remediation of security events.
- Experience configuring and managing security tools such as intrusion detection systems (e.g., Snort, Suricata, Zeek), firewalls, log analysis platforms, and infrastructure for network traffic capture and monitoring.
- Experience with collecting, parsing, and analyzing log data from a variety of systems (e.g., servers, network devices, user sessions) to detect and investigate security incidents.
- Familiarity with a wide range of security tools used for code analysis, penetration testing, and vulnerability scanning, with demonstrated expertise in one or more tools.
- Knowledge of common security vulnerabilities and mitigations, attacker TTPs (tactics, techniques, and procedures) and associated detection methods, core cybersecurity principles, and familiarity with one or more cybersecurity frameworks.
- Understanding of network security concepts and upper-layer protocols.
- Experience developing scripts or programs in C, C++, Python, Shell, or other languages.
- Experience working in Linux/Unix environments, with demonstrated ability to work extensively from the command-line interface to manage and troubleshoot systems. Familiarity with configuration management tools such as Ansible or Puppet.
- Experience leading a project or team, leading the implementation or administration of systems, or providing direction for a project or team.
#J-18808-Ljbffr
Job Tags
Full time, Work at office,