Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cyber Security Engineer
Company Berkeley Lab
Location Berkeley, CA
Preferred GIAC Certifications GCIA or GCIH a plus
Travel 0%
Salary Not provided
Contact Name Apply via Link
Contact Email apply/at/
Expires 2021-11-07

Job Description

Lawrence Berkeley National Lab’s (LBNL) NERSC Division has an opening for a Cyber Security Engineer to join the team.

In this exciting role, you will work independently and collaboratively to monitor for malicious and unauthorized activity, perform vulnerability scanning and application security testing, participate or lead responses to security incidents, and work with other NERSC staff and end-users to remediate or mitigate issues.

NERSC is one of the premier supercomputer centers, and our systems are used by more than 7000 users from around the world. We deploy the latest high-performance computing technologies to support our mission to accelerate scientific discovery. The security team helps to make this possible by keeping NERSC computers, networks, and storage accessible and secure.

At NERSC, you will work in a collaborative, interdisciplinary environment with opportunities to explore new technologies, become involved in cross-team projects, attend NERSC seminars on a diverse range of scientific and technical subjects, and continue to expand your cyber security knowledge by attending conferences and training sessions.

What You Will Do:
Monitoring and incident response
• Perform security duties including threat awareness, proactive network traffic analysis, incident response, forensic analysis, monitoring ticketing queue, and resolution of security incidents.
• Track security issues, and work with NERSC staff and end-users to remediate vulnerabilities.
• Maintain awareness of cybersecurity threats by monitoring a variety of information sources.
• Participate in 24/7 on-call rotation, occasionally working outside of scheduled hours as needed.

Maintenance and improvement of security infrastructure
• Maintain existing security systems using automated tools.
• Participate or lead efforts to upgrade existing systems to meet evolving needs.
• Improve monitoring and data analysis including improvements in security data management and log analysis.
• Develop and add signatures to existing monitoring infrastructure.
• Promote a strong security culture through outreach and technical security consulting.

Project lead in one or more of the following areas
• Secure deployment of containerized environments.
• Specification, purchase, and deployment of new security infrastructure.
• Development and improvement of automated tools, techniques, and documentation used in existing operations.
• Security guidance and oversight in the deployment of Federated Identity and Access Management systems.
• Evaluate Edge Computing Networks and Zero Trust architectures by working with internal and external collaborators.
• Use visualization and machine learning to perform data analysis on a wide range of sources.

What is Required:
• Bachelor’s degree and a minimum of 8 years of related experience; or 6 years and a Master’s degree; or equivalent experience.
• Experience with threat hunting, intrusion detection systems, firewalls, log analysis, and network traffic analysis.
• Experience leading a project or team, leading the implementation or administration of systems, or providing direction for a project or team.
• Experience working in a predominantly Linux environment.
• Demonstrated proficiency using vulnerability scanning and application security testing tools.
• Knowledge of penetration testing including target identification, vulnerability scanning, attack chaining, documentation, and reporting.
• Knowledge of Intrusion Detection Systems (e.g. Snort/Suricata/Zeek).
• Proficiency in administering Linux or Unix systems using configuration automation tools such as puppet or ansible.
• Knowledge of TCP/IP networks and upper layer protocols.
• Demonstrated ability to work both independently and collaboratively in an interdisciplinary team.
• Excellent oral and written communication skills.

Desired Qualifications:
• Cloud technologies and deployment models.
• Federated Identity and Access Management systems.
• Edge Computing Networks and Zero Trust architectures.
• Data analytics tools and their application to security analysis.
• Scripting or programming in C/C++, Java, Python, Shell, or other languages.
• Policy compliance management and technical documentation.
• Prior work in High-Performance Computing, higher education or a research environment.

• This is a full-time career appointment, exempt (monthly paid) from overtime pay.
• This position may be subject to a background check. Any convictions will be evaluated to determine if they directly relate to the responsibilities and requirements of the position. Having a conviction history will not automatically disqualify an applicant from being considered for employment.
• This position will be hired at a level commensurate with the business needs and the skills, knowledge, and abilities of the successful candidate.
• The position will be regular working hours, with participation in an on-call rotation
• Must be able to complete an export control permit to create an account on a DOE system.

Berkeley Lab is committed to Inclusion, Diversity, Equity and Accountability (IDEA) and strives to continue building community with these shared values and commitments.

Berkeley Lab is an Equal Opportunity and Affirmative Action Employer. We heartily welcome applications from women, minorities, veterans, and all who would contribute to the Lab’s mission of leading scientific discovery, inclusion, and professionalism. In support of our diverse global community, all qualified applicants will be considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or protected veteran status.