IT Professional III - Cybersecurity Analyst

Posting TitleIT Professional III - Cybersecurity Analyst

.

LocationCO - Golden

.

Position TypeRegular

.

Hours Per Week40

.

Working at NRELThe National Renewable Energy Laboratory (NREL), located at the foothills of the Rocky Mountains in Golden, Colorado is the nation's primary laboratory for research and development of renewable energy and energy efficiency technologies.

Join a team of world-class scientists, engineers, and visionaries dedicated to shaping the world’s energy future through cutting-edge research and innovation. From our vision to our NREL community, we are unique in the research community. We are focused on impact. From our work in basic sciences to systems engineering, analysis, demonstration, and deployment, we are focused on solving market-relevant problems that result in advanced, secure, reliable, and affordable energy systems. We are trusted clean energy leaders, developing cost-saving solutions that make U.S. industries more competitive, and support job creation and economic growth across rural and urban communities.

At NREL, we offer a unique, mission-driven work environment with cutting-edge facilities and multidisciplinary research teams. NREL's environment offers strong partnerships with industry, academia, and other national laboratories, as well as professional development opportunities and a competitive benefits package for employees.

Learn about NREL’s critical objectives: NREL's Mission and Vision.

Job Description

The cybersecurity analyst monitors NREL's networks and computing systems for suspicious or unwanted activity, investigates the causes and impacts of the activity, and ensures any related security issues are remediated. The cybersecurity analyst uses a combination of technical tools, analysis techniques, intuition, and soft skills to identify, investigate, respond to, and report instances of or trends in anomalous activity. The ideal candidate is a strong communicator and collaborator who has direct experience or training in incident detection and response. This position is located on NREL’s Golden, CO campus.

Job Duties

• Respond to alerts and investigate security events
• Recognize successful and unsuccessful intrusion attempts through analysis of relevant event information
• Perform incident response, analysis, and recovery actions
• Regularly interact with and educate NREL colleagues who report suspected security threats
• Research and evaluate security tools and attacker tactics, techniques, and procedures to improve NREL's ability to detect and respond to malicious activity
• Contribute to the evolution of the Cyber Incident Response Procedure and create and maintain supporting operating procedures
• Perform forensic tasks to understand the scope and impact of an incident and to collect, preserve and analyze evidence collected during incidents and authorized internal investigations
• Provide input and support to security tool engineering efforts that enhance detection, analysis, and automation capabilities
• Contribute to reporting of trends in security events and incidents observed within NREL information systems for management risk awareness and to support continuous monitoring of NREL’s security posture
• Lead projects (as assigned or independently) that improve the effectiveness and efficiency of NREL’s cybersecurity program, including but not limited to workflow improvements, management tool enhancements, program or NREL strategic initiatives, and user awareness training

.

Basic QualificationsRelevant Bachelor's Degree and 5 or more years of experience or equivalent relevant education/experience. Or, relevant Master's Degree and 3 or more years of experience or equivalent relevant education/experience. Or, relevant PhD or equivalent relevant education/experience. Complete understanding and wide application of principles, concepts and techniques in specific field. General knowledge of related IS disciplines. Strong leadership and project management skills. Skilled in analytical techniques, practices and problem solving. Advanced programming, design and analysis abilities with various computer software programs and information systems.

* Must meet educational requirements prior to employment start date.

Additional Required Qualifications

• Experience includes at least three years in an Information Technology role working in security analysis or incident response
• One or more professional security certifications, such as C|EH, GIAC (SANS) certifications, Security+
• Splunk or other SIEM experience
• Experience performing investigations and analysis with an enterprise EDR platform
• Experience performing incident response in virtualized and cloud computing environments
• Experience automating tasks with a SOAR platform
• Experience using incident response triage and tracking systems, workflows, and playbooks
• Technical background in multiple disciplines, including experience with: Windows, Mac and Linux operating systems, including system administration; TCP/IP networking concepts, protocols and architecture; security measures/defense-in-depth; security and availability monitoring
• Strong understanding of common cybersecurity concepts and threats
• Strong troubleshooting skills with ability to synthesize multiple related data points into a coherent understanding of an event or series of related events
• Ability to relay structure technical information in the context of a report
• Ability to perform research, read documentation, and independently learn new skills
• Ability to work both alone and as part of a collaborative team
• Demonstrated skills in critical thinking and problem solving
• Excellent communication skills, including active listening, ability to prepare and deliver presentations, and clear written correspondence and documentation
• Clearance: Must be able to obtain and maintain a DOE (L or Q) Security Clearance. Eligibility requirements: To obtain a clearance, an individual must be at least 18 years of age; U.S. citizenship is required except in very limited circumstances. See DOE O 472.2A for additional information.

Preferred Qualifications

Subject matter expertise in any of the following areas:

• Network packet and protocol analysis
• E-discovery
• Forensic analysis
• Cyber incident response
• Insider threat analysis
• Intrusion detection
• Threat intelligence analysis
• Threat hunting
• Malware analysis
• Network traffic analysis
• Data enrichment and aggregation
• Security intelligence analysis

.

Job Application Submission Window

The anticipated closing window for application submission is up to 30 days and may be extended as needed.

Annual Salary Range (based on full-time 40 hours per week)Job Profile: IT Professional III / Annual Salary Range: $81,500 - $146,700

NREL takes into consideration a candidate’s education, training, and experience, expected quality and quantity of work, required travel (if any), external market and internal value, including seniority and merit systems, and internal pay alignment when determining the salary level for potential new employees. In compliance with the Colorado Equal Pay for Equal Work Act, a potential new employee’s salary history will not be used in compensation decisions.

Benefits SummaryBenefits include medical, dental, and vision insurance; short*- and long-term disability insurance; pension benefits*; 403(b) Employee Savings Plan with employer match*; life and accidental death and dismemberment (AD&D) insurance; personal time off (PTO) and sick leave; paid holidays; and tuition reimbursement*. NREL employees may be eligible for, but are not guaranteed, performance-, merit-, and achievement- based awards that include a monetary component. Some positions may be eligible for relocation expense reimbursement. Limited-term positions are not eligible for long-term disability or tuition reimbursement.

* Based on eligibility rules

Badging RequirementNREL is subject to Department of Energy (DOE) access restrictions. All employees must also be able to obtain and maintain a federal Personal Identity Verification (PIV) card as required by Homeland Security Presidential Directive 12 (HSPD-12), which includes a favorable background investigation.

Drug Free Workplace

NREL is committed to maintaining a drug-free workplace in accordance with the federal Drug-Free Workplace Act and complies with federal laws prohibiting the possession and use of illegal drugs. Under federal law, marijuana remains an illegal drug.

If you are offered employment at NREL, you must pass a pre-employment drug test prior to commencing employment. Unless prohibited by state or local law, the pre-employment drug test will include marijuana. If you test positive on the pre-employment drug test, your offer of employment may be withdrawn.

Submission Guidelines

Please note that in order to be considered an applicant for any position at NREL you must submit an application form for each position for which you believe you are qualified. Applications are not kept on file for future positions. Please include a cover letter and resume with each position application.

.

Equal Opportunity Employer

All qualified applicants will receive consideration for employment without regard basis of age (40 and over), color, disability, gender identity, genetic information, marital status, domestic partner status, military or veteran status, national origin/ancestry, race, religion, creed, sex (including pregnancy, childbirth, breastfeeding), sexual orientation, and any other applicable status protected by federal, state, or local laws.

Reasonable Accommodations

E-Verify www.dhs.gov/E-Verify For information about right to work, click here for English or here for Spanish.

E-Verify is a registered trademark of the U.S. Department of Homeland Security. This business uses E-Verify in its hiring practices to achieve a lawful workforce.