Senior Cyber Security Information and Systems Specialist

Requisition Id 14966 

Overview:  

The Research Application Development Group in the Manufacturing Science Division at Oak Ridge National Laboratory seeks a Senior Cyber Security Information and Systems Specialist with a focus on penetration testing, systems monitoring and cyber resilience. This role includes collaboration with engineers, technicians, and researchers to create innovative and secure software solutions. This position is within the Secure and Digital Manufacturing section of the Manufacturing Sciences Division. Our mission is to seamlessly integrate capabilities in communication, computing, storage, and user interfaces for advanced manufacturing process analysis, modeling, and control to foster a secure and energy-efficient manufacturing ecosystem.
 

In your role, you will lead software security assessments and quality assurance initiatives while working with an interdisciplinary team to ensure a secure digital environment for our software applications. You will also provide expert guidance on infrastructure security and systems integration.
 

For more information on the RAD Group, please visit: Research Application Development Group.

Major Duties/Responsibilities: 

• Lead Security Assessments: Conduct and oversee comprehensive tests and security assessments on software applications, ensuring adherence to security standards and protocols. This includes automated penetration testing and other security assessments on networks, systems, and applications.
• Cross-Functional Collaboration: Collaborate closely with System Administrators, software engineers, and Database Administrators (DBAs) to identify security vulnerabilities and provide expert guidance for remediation.
• Technical Consultation: Provide high-level technical assistance and support to team members and customers, overseeing complex issues and strategies for resolution.
• Emerging Technologies Analysis: Analyze and evaluate new and emerging technologies and tools for applicability and potential integration into cybersecurity initiatives.
• Security Planning and Documentation: Lead the planning, development, and rigorous documentation of security protocols for web, mobile, and data collection applications.
• Conduct Project Based Security Audits and Tests: Perform security audits on web applications and systems.
• Training and Mentoring: Mentor junior staff on cybersecurity best practices and frameworks, and lead training sessions to enhance the team’s security knowledge.
• Infrastructure Security: Design and implement robust cybersecurity solutions, and data protection strategies. Develop and maintain secure network architectures for internal servers and virtual machines.
• Systems Integration: Provide expert-level support for systems integration projects, ensuring seamless interoperability between diverse technologies. Oversee operations of virtualized environments using Hyper-V and VMware. Offer guidance and support for cloud-based solutions (SaaS and IaaS).
• Deliver ORNL’s mission by aligning behaviors, priorities, and interactions with our core values of Impact, Integrity, Teamwork, Safety, and Service. Promote equal opportunity by fostering a respectful workplace – in how we treat one another, work together, and measure success.

Basic Qualifications:

• BS with 12+ years relevant experience, MS with 10+ years relevant experience, or PhD with 7+ years relevant experience.
• Familiar with security assessment tools such as Burp Suite, SQLMap, and ZAP.
• Strong understanding of security frameworks and compliance standards (e.g., NIST, SOX, HIPAA).
• Proficient in operating systems including Windows Server. Familiar with Linux and macOS.
• Extensive and varied experience in computing, including systems integration, cybersecurity, telecommunications, and networking.
• Proven experience in designing, implementing, and maintaining local area networks (LANs) and wide area networks (WANs).
• Hands-on experience with firewall management, intrusion detection/prevention systems, and security audits.
• Experience managing and maintaining Microsoft server environments and domain infrastructures.
• Proficiency in virtualization technologies such as Hyper-V and VMware.
• Familiarity with cloud computing platforms (SaaS, IaaS).
• Excellent troubleshooting and problem-solving skills.
• Strong communication and interpersonal skills, with the ability to explain technical concepts to non-technical audiences.   

Preferred Qualifications:

• Demonstrated leadership abilities in project management and team collaboration.
• CISSP or other equivalent security certifications are highly desirable.
• Experience in technical writing/publications.

Special Requirements:

Two letters of references are required.

Please submit two letters of reference when applying to this position. You may upload these directly to your application or have them sent to ORNLRecruiting@ornl.gov with the position title and number referenced in the subject line.

Instructions to upload documents to your candidate profile:

• Login to your account via jobs.ornl.gov
• View Profile
• Under the My Documents section, select Add a Document

This position requires the ability to obtain and maintain an HSPD-12 PIV badge.

About ORNL

As a U.S. Department of Energy (DOE) Office of Science national laboratory, ORNL has an impressive 80-year legacy of addressing the nation’s most pressing challenges. Our team is made up of over 7,000 dedicated and innovative individuals! Our goal is to create an environment where a variety of perspectives and backgrounds are valued, ensuring ORNL is known as a top choice for employment. These principles are essential for supporting our broader mission to drive scientific breakthroughs and translate them into solutions for energy, environmental, and security challenges facing the nation.

ORNL offers competitive pay and benefits programs to attract and retain individuals who demonstrate exceptional work behaviors. The laboratory provides a range of employee benefits, including medical and retirement plans and flexible work hours, to support the well-being of you and your family. Employee amenities such as on-site fitness, banking, and cafeteria facilities are also available for added convenience.

Other benefits include the following: Prescription Drug Plan, Dental Plan, Vision Plan, 401(k) Retirement Plan, Contributory Pension Plan, Life Insurance, Disability Benefits, Generous Vacation and Holidays, Parental Leave, Legal Insurance with Identity Theft Protection, Employee Assistance Plan, Flexible Spending Accounts, Health Savings Accounts, Wellness Programs, Educational Assistance, Relocation Assistance, and Employee Discounts.

If you have difficulty using the online application system or need an accommodation to apply due to a disability, please email: ORNLRecruiting@ornl.gov.

#LI-DNI

This position will remain open for a minimum of 5 days after which it will close when a qualified candidate is identified and/or hired.

We accept Word (.doc, .docx), Adobe (unsecured .pdf), Rich Text Format (.rtf), and HTML (.htm, .html) up to 5MB in size. Resumes from third party vendors will not be accepted; these resumes will be deleted and the candidates submitted will not be considered for employment.

If you have trouble applying for a position, please email ORNLRecruiting@ornl.gov.

ORNL is an equal opportunity employer. All qualified applicants, including individuals with disabilities and protected veterans, are encouraged to apply.  UT-Battelle is an E-Verify employer.