Cybersecurity Cloud Engineer

Requisition Id 14546 

Due to the security clearance requirements of this position, US citizenship is required for consideration.

­­Overview:  

We’re hiring a Cybersecurity Cloud Engineer to support senior level technical staff and independently solve technical problems for engineering or technical projects within the cybersecurity domain.  You’ll apply industry-standard practices to address challenges while ensuring the accuracy and quality of results. Cyber Cloud Engineers design and implement innovative projects, integrate with cybersecurity research and development, and improve ORNL’s cybersecurity posture. The selected individual will ensure an effective monitoring program, serving as an authority for our Security Service Edge and Cyber Threat Intelligence (CTI) integration and analysis. 

This position resides in the Cyber Enhancements group in the Cybersecurity division, in the Information Technology Services Directorate at Oak Ridge National Laboratory (ORNL).

Major Duties/Responsibilities: 

• Provide technical advice and identify cybersecurity areas in need of improvement, including operational and research capabilities. 
• Manage, enhance, and maintain:
  • The Cyber Threat Intelligence platforms, integrating actionable intelligence into operations across platforms like CrowdStrike, Proofpoint and Open Source Feeds.  
  • Netskope SSE and the integrations to tools like: Elastic SIEM, Tines, AWS GuardDuty, Azure Security Center, and GCP Security Command Center for automation and alerting. 
• Support cybersecurity activities related to incidents, malicious activity, protective actions, and remediation on ORNL classified and unclassified systems. 
• Collaborate with cybersecurity, network, data center operations, security operations center, cybersecurity research, and other staff to configure and implement security tools, including the Elastic Stack, Netskope SSE, and cloud platforms like AWS, Azure, and Google Cloud, to capture and analyze security-relevant data effectively. 
• Standardize, document, maintain, and automate processes for monitoring, analyzing, and responding to events, adhering to industry best practices. 
• Develop written and oral presentations to convey complex technical concepts, including evaluations of cybersecurity incidents, to ORNL and DOE staff with varying levels of expertise. 
• Prepare assessments, develop dashboards, document results, and provide status reports and recommendations to the Cyber Enhancements Group Lead, CISO, and ITSD management. 
• Deliver ORNL’s mission by aligning behaviors, priorities, and interactions with our core values of Impact, Integrity, Teamwork, Safety, and Service. Promote equal opportunity by fostering a respectful workplace – in how we treat one another, work together, and measure success.

Basic Qualifications:

• A BS in cybersecurity, computer science, computer engineering, information technology, information systems, science, engineering, business, or a related field of study and a minimum of two (2) to four (4) years of aligned professional experience is required for consideration.
  • Candidates with a MS in cybersecurity, computer science, computer engineering, information technology, information systems, science, engineering, business, or a related field of study and a minimum of one (1) to three (3) years of aligned professional experience are also encouraged to apply.
• Experience running Cyber Threat Intelligence platforms and integrating them into operations. 
• Experience planning, designing, and implementing cybersecurity improvements with measurable outcomes, such as reduced incident response time, enhanced system uptime, and improved compliance metrics. 
• Solid understanding of network flow, log analysis, cybersecurity visualization, and programming. 
• Experience performing log-centric analysis, managing cloud compliance dashboards using your advanced analytical skills for effective communication of results. 
• Experience integrating cybersecurity research to develop capabilities and analyze large datasets. 
• Proficiency in scripting and automating processes to enhance existing toolsets, including experience with SOAR platforms, developing playbooks, APIs, and infrastructure-as-code tools like Terraform and Ansible. 
• Familiarity with network security monitoring tools (e.g., Snort, Corelight, Wireshark, tcpdump) and techniques for analyzing and responding to security events, as well as log ingestion, parsing, retention for compliance purposes, and experience with modern XDR platforms. 
• Effective communication across all organizational levels and work collaboratively in a team environment. 

Preferred Qualifications:

• Familiarity with Agile methodologies and tools such as Atlassian products. 

• Industry certifications (e.g., CISSP, AWS Certified Security – Specialty, Microsoft Certified: Azure Security Engineer Associate, Google Professional Cloud Security Engineer, GCIA, GCIH). 

• Advanced knowledge of Linux, Unix, Mac, and Windows operating systems. 

• Experience with security orchestration, automation, and response (SOAR) integration and user and entity behavior analytics (UEBA). 

• Demonstrated ability to align business strategies with operational improvements and recommend actionable metrics. 

• Experience working in government or large-scale research environments, particularly with the Department of Energy (DOE) or other federal agencies. 

Special Requirements:  

• Visa sponsorship is not available for this position.  
• This position requires the ability to obtain and maintain a clearance from the Department of Energy. As such, this position is a Workplace Substance Abuse (WSAP) testing designated position. WSAP positions require passing a pre-placement drug test and participation in an ongoing random drug testing program. 

Benefits at ORNL:

ORNL offers competitive pay and benefits programs to attract and retain dedicated people. The laboratory offers many employee benefits, including medical and retirement plans and flexible work hours, to help you and your family live happy and healthy. Employee amenities such as on-site fitness, banking, and cafeteria facilities are also provided for convenience.

Other benefits include the following: Prescription Drug Plan, Dental Plan, Vision Plan, 401(k) Retirement Plan, Contributory Pension Plan, Life Insurance, Disability Benefits, Generous Vacation and Holidays, Parental Leave, Legal Insurance with Identity Theft Protection, Employee Assistance Plan, Flexible Spending Accounts, Health Savings Accounts, Wellness Programs, Educational Assistance, Relocation Assistance, and Employee Discounts.

Having difficulty using the online application system or need an accommodation to apply due to a disability? Please email: ORNLRecruiting@ornl.gov.

This position will remain open for a minimum of 5 days after which it will close when a qualified candidate is identified and/or hired.

We accept Word (.doc, .docx), Adobe (unsecured .pdf), Rich Text Format (.rtf), and HTML (.htm, .html) up to 5MB in size. Resumes from third party vendors will not be accepted; these resumes will be deleted and the candidates submitted will not be considered for employment.

If you have trouble applying for a position, please email ORNLRecruiting@ornl.gov.

ORNL is an equal opportunity employer. All qualified applicants, including individuals with disabilities and protected veterans, are encouraged to apply.  UT-Battelle is an E-Verify employer.