HPC Cyber Security Engineer

Oak Ridge National Laboratory•Oak Ridge, TN

35d

About The Position

The National Center for Computational Sciences (NCCS) at Oak Ridge National Laboratory (ORNL) operates the fastest High Performance Computers (HPC) in the world. We are seeking innovative and creative Linux-types to play a key role in ensuring the security, performance, and reliability of the NCCS computing infrastructure. Our efforts support a highly-skilled user base consisting of the best-of-the-best science teams around the world. NCCS enables these teams to perform science that is just not possible anywhere else. In return, and instead of charging for compute and data allocations, we ask these scientists to publish their work in open literature. If you are excited about applying DevSecOps best practices to HPCs, come help us guarantee the integrity of open science publications that utilize NCCS supercomputing resources. The HPC Cybersecurity Engineering team is one half of the NCCS Security and Information Engineering Group. It is tasked with architecting, developing, deploying, and maintaining all facets of the Supercomputing-specific technical security program (which is an enclave of the broader ORNL network). We recognize that there are many security disciplines and keep ourselves sharp by sharing incident response, blue team engineering, red team vulnerability research, policy architecture, and DevSecOps responsibilities with each other. We work hand-in-hand with other teams to help them secure their systems and act as liaisons between ORNL's broader risk management framework. We are exclusively a Linux shop without enterprise phishing and mobile device security headaches; instead our security problems revolve around unique challenges such as the scaling of security tools in a high performance environment and maintaining the integrity of scientific computing. About You: You deploy infrastructure and/or security controls as code because automation lets you focus on the more difficult and rewarding problems. You love working with others because the 'best solutions' to a problem are a product of collaboration. You may have a GitHub account with cool projects. You may have more than a couple of our Preferred Qualifications and probably do not yet have any prior HPC experience. You may have technical leadership experience and/or want to grow into this role. You may or may not think Hackers is an incredible movie.

Requirements

Bachelor's Degree in Computer Science or related field.
Minimum of 5-7 years of relevant experience.
Equivalent combination of education and experience will be considered.

Nice To Haves

Master's Degree in Computer Science or related field and 4-6 years of relevant experience.
Strong understanding of cyber security concepts, best practices, and tools.
Experience deploying and maintaining systems in UNIX/Linux environments.
Solid understanding of networked computing environment concepts.
A DevSecOps mindset, including version control and scripting/programming experience
Ability to communicate effectively and work well in a team environment.
Natural ability to understand and use new and emerging technologies
Experience with security tools such as NIDS/HIDS, Vulnerability Scanning, SIEM
Experience in a high-performance computing environment
Experience with incident response and engaging in forensics
Experience with automated configuration management tools such as Puppet or Ansible.
Experience in network, application, and/or security architecture and design.
Familiarity with common protocols such as: DNS, DHCP, LDAP, SNMP, SMTP, HTTP, SSL.

Responsibilities

Translate complex technical concepts to better communicate with scientific and managment staff.
Help shape the Supercomputing security architectural vision and lead teams to evaluate novel scientific capabilities against our core security values.
Develop and maintain security applications deployed with container orchestration tools.
Automate policy assessments to verify cyber security and operational policy.
Engineer secure software development frameworks and tools.
Define and implement best practices and standards within the organization.
Analyze, triage, and respond to application, system, and network events. Install, maintain, and monitor common security systems such as (N/H)IDS and SIEM.
Interpret cyber security policy, recommend enhancements to current policies, and lead subsequent implementation efforts.
Respond to system vulnerabilities and coordinate system patches and updates. Perform approved penetration testing and verification.
Document cyber security procedures.
Participate in a 24-hour, 7-day on-call incident response rotation.