Cyber Security Engineer III/II

Posting TitleCyber Security Engineer III/II

.

LocationCO - Golden

.

Position TypeRegular

.

Hours Per Week40

.

Working at NRELThe National Renewable Energy Laboratory (NREL), located at the foothills of the Rocky Mountains in Golden, Colorado is the nation's primary laboratory for research and development of renewable energy and energy efficiency technologies.

Join a team of world-class scientists, engineers, and visionaries dedicated to shaping the world’s energy future through cutting-edge research and innovation. From our vision to our NREL community, we are unique in the research community. We are focused on impact. From our work in basic sciences to systems engineering, analysis, demonstration, and deployment, we are focused on solving market-relevant problems that result in advanced, secure, reliable, and affordable energy systems. We are trusted clean energy leaders, developing cost-saving solutions that make U.S. industries more competitive, and support job creation and economic growth across rural and urban communities.

At NREL, we offer a unique, mission-driven work environment with cutting-edge facilities and multidisciplinary research teams. NREL's environment offers strong partnerships with industry, academia, and other national laboratories, as well as professional development opportunities and a competitive benefits package for employees.

Learn about NREL’s critical objectives: NREL's Mission and Vision.

Job Description

The Advanced Computing Operations (ACO) group in the Computational Science Center (CSC) is in need of a talented individual for a Cybersecurity Engineer. This candidate must have an interest in making a difference in the world by helping to envision, develop, deploy, monitor, maintain, analyze security posture and defense in an environment that support a variety of applications and data-sharing platforms related to sustainable energy technologies and markets.

This candidate will work to ensure information security is built into and maintained for systems deployed in and by the laboratory's Advanced Computing Operation Group. The ideal candidate excels at building relationships with project teams, effectively communicating complex security concepts in a clear and approachable manner. They are proactive and persistent in following up to ensure security best practices are implemented and maintained, with a collaborative and solutions-oriented approach to problem-solving. A strong sense of initiative and the ability to manage multiple priorities while fostering a culture of security across diverse teams are essential for success in this role.

In this position you will be part of a team focused implementing systems security and how to configure the security posture of the systems the team oversees. You will work with your team to write scripts that fulfill the security requirements the team is expected to implement. You will produce security-related artifacts (screen shots, log data), monitor vulnerabilities, that will span multiple IT platforms, servers, networks, web applications, and cloud-based systems.

• You will communicate effectively and confidently across diverse groups within the lab, and with users and stakeholders
• You will work with log collection tools to analyze data and produce meaningful reporting
• You will work alongside and with a tight-knit team and write thorough, readable, and correct documentation
• You will work with the team to respond to security-related artifact and documentation requests
• You will work with the team to modify system security plans
• You will work with the team to implement new capabilities as needed or required by DOE to enhance the implementation of cybersecurity in ACO managed systems
• You will also work with developers, researchers, and systems administrators to ensure appropriate security controls are considered in all stages of a project.

You will need to develop a good rapport and work closely with the NREL Cyber Security group, HPC Operations systems administrators and Cloud engineers.

Required Qualifications:

• UNIX/Linux experience
• Ability to script and automate tasks using BASH and Python
• Basic knowledge of security tools such as IDS/IPS, firewalls, and vulnerability scanners
• Basic knowledge of networking fundamentals including TCP/IP, DNS, and networking protocols
• Basic knowledge of encryption and cryptography including SSL/TLS, and key management practices
• Basic knowledge of access control and identity management
• Basic knowledge of common threats, vulnerabilities, and attack vectors
• Basic knowledge of incident response practices including identifying, containing, and mitigating threats

.

Basic QualificationsRelevant Bachelor's Degree and 5 or more years of experience or equivalent relevant education/experience. Or, relevant Master's Degree and 3 or more years of experience or equivalent relevant education/experience. Or, relevant PhD or equivalent relevant education/experience. Complete understanding and wide application of principles, concepts and techniques in specific field. General knowledge of related IS disciplines. Strong leadership and project management skills. Skilled in analytical techniques, practices and problem solving. Advanced programming, design and analysis abilities with various computer software programs and information systems.

* Must meet educational requirements prior to employment start date.

Additional Required Qualifications

Additional Qualifications:

• Effective communication skills
• Good analytical and problem-solving skills
• Good written and verbal communication skills
• Must complete a background investigation and receive a favorable determination to obtain a Personal Identity Verification (PIV) card under Homeland Security Presidential Directive 12 (HSPD-12). 

Preferred Qualifications

Level II

• Cloud familiarity
• SIEM experience with Splunk, Elastic, AWS CloudWatch
• Experience in assessing, identifying, and remediating vulnerabilities and collaborating with teams to address risks
• Knowledge of NIST 800-53 and FIPS 199

Level III

• Cloud experience with security tools in AWS, GCP, or Azure
• Experience in incident response including completing investigations, ensuring containment, recovery, and post-incident review
• Experience with implementing and maintaining security solutions for compliance with NIST 800-53 and FIPS 199

.

Job Application Submission Window

The anticipated closing window for application submission is up to 30 days and may be extended as needed.

Annual Salary Range (based on full-time 40 hours per week)Job Profile: IT Professional III / Annual Salary Range: $97,800 - $176,000

Job Profile: IT Professional II / Annual Salary Range: $81,500 - $146,700

NREL takes into consideration a candidate’s education, training, and experience, expected quality and quantity of work, required travel (if any), external market and internal value, including seniority and merit systems, and internal pay alignment when determining the salary level for potential new employees. In compliance with the Colorado Equal Pay for Equal Work Act, a potential new employee’s salary history will not be used in compensation decisions.

Benefits SummaryBenefits include medical, dental, and vision insurance; short*- and long-term disability insurance; pension benefits*; 403(b) Employee Savings Plan with employer match*; life and accidental death and dismemberment (AD&D) insurance; personal time off (PTO) and sick leave; paid holidays; and tuition reimbursement*. NREL employees may be eligible for, but are not guaranteed, performance-, merit-, and achievement- based awards that include a monetary component. Some positions may be eligible for relocation expense reimbursement. Limited-term positions are not eligible for long-term disability or tuition reimbursement.

* Based on eligibility rules

Badging RequirementNREL is subject to Department of Energy (DOE) access restrictions. All employees must also be able to obtain and maintain a federal Personal Identity Verification (PIV) card as required by Homeland Security Presidential Directive 12 (HSPD-12), which includes a favorable background investigation.

Drug Free Workplace

NREL is committed to maintaining a drug-free workplace in accordance with the federal Drug-Free Workplace Act and complies with federal laws prohibiting the possession and use of illegal drugs. Under federal law, marijuana remains an illegal drug.

If you are offered employment at NREL, you must pass a pre-employment drug test prior to commencing employment. Unless prohibited by state or local law, the pre-employment drug test will include marijuana. If you test positive on the pre-employment drug test, your offer of employment may be withdrawn.

Submission Guidelines

Please note that in order to be considered an applicant for any position at NREL you must submit an application form for each position for which you believe you are qualified. Applications are not kept on file for future positions. Please include a cover letter and resume with each position application.

.

EEO Policy

NREL is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard basis of age (40 and over), color, disability, gender identity, genetic information, marital status, domestic partner status, military or veteran status, national origin/ancestry, race, religion, creed, sex (including pregnancy, childbirth, breastfeeding), sexual orientation, and any other applicable status protected by federal, state, or local laws.

EEO is the Law | Pay Transparency Nondiscrimination | Reasonable Accommodations

E-Verify www.dhs.gov/E-Verify For information about right to work, click here for English or here for Spanish.

E-Verify is a registered trademark of the U.S. Department of Homeland Security. This business uses E-Verify in its hiring practices to achieve a lawful workforce.