Cyber Security Engineer

About The Position

Requirements

• Ability to secure and maintain a U.S. DOE Q-level security clearance which requires U.S. citizenship.
• Bachelor’s degree in Computer Science, Computer Engineering or related field, or the equivalent combination of education and related experience.
• Broad experience with SIEM, log aggregation, packet analysis, or other cybersecurity tools.
• Experience conducting host forensics, network forensics, log analysis, or malware analysis in support of incident response investigations.
• Proficient written and verbal communication, strong interpersonal skills, ability to collaborate in a multi-disciplinary team environment and to interact with all levels of management and staff.
• Ability to effectively manage concurrent technical tasks with conflicting priorities, to approach difficult problems with enthusiasm and creativity and to change focus when necessary, with experience working independently.
• Ability to work off-hours and on-call to respond to incidents (intermittently, either as-needed or as part of a rotation).
• Significant knowledge of SIEM solutions, threat hunting, incident response, or incident management.
• Significant experience with log analysis, event correlation, or incident management procedures.
• Advanced ability to provide innovative approaches and apply new technologies to tasks and projects that may not be well defined.

Nice To Haves

• Master’s degree in Computer Science, Computer Engineering, or a related field, or equivalent level of knowledge.
• Significant incident response experience, including experience with cloud services such as AWS/Azure, and experience leading teams.
• Experience with programming or scripting languages such as C, C#, Python, Java, PowerShell and PHP.
• Current industry specific certifications including but not limited to Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Global Information Assurance Certification (GIAC).

Responsibilities

• Protect enterprise systems and information by promptly responding to security threats and incidents, acting individually and as part of a team.
• Proactively hunt for cyber threats and enact identification, containment and eradication measures while supporting recovery efforts.
• Perform analysis on LLNL intrusion detection systems.
• Provide security monitoring and incident response support including troubleshooting and resolution of issues.
• Create and manage processes, systems, and tools exercising a high degree of responsibility.
• Serve as an incident response technical point of contact and interact with internal and external personnel.
• Perform technical assessments, document actions, findings, and make remediation recommendations.
• Promote and support plans to promote diversity, equity and inclusion within the program.
• Perform other duties as assigned.
• Manage multiple complex parallel tasks and priorities of customers and stakeholders, ensuring deadlines are met, while leveraging team member skills.
• Develop advanced methods, tools, and procedures to improve incident response capabilities and automate various complex tasks.
• Mentor and provide technical guidance to team members in incident response best practices and procedures.

Benefits

• Flexible Benefits Package
• 401(k)
• Relocation Assistance
• Education Reimbursement Program
• Flexible schedules (depending on project needs)