HPC Cybersecurity Engineer

Oak Ridge National Laboratory•Oak Ridge, TN

1d•Onsite

About The Position

The National Center for Computational Sciences (NCCS) at Oak Ridge National Laboratory (ORNL) operates the fastest High Performance Computers (HPC) in the world. We are seeking an experienced security engineer who can bridge hands-on engineering and security governance to ensure the security, performance, and reliability of the NCCS computing infrastructure. Our efforts support a highly-skilled user base consisting of the best-of-the-best science teams around the world. If you are excited about applying DevSecOps and risk-based security practices to HPC, come help us protect the integrity of open science publications and national interests that rely on NCCS supercomputing resources and expertise. The HPC Cybersecurity Engineering team is one half of the NCCS Security and Information Engineering Group. We architect, develop, deploy, and maintain the supercomputing-specific security program (an enclave within the broader ORNL authorization boundary) and provide HPC security expertise to projects of national interest. We collaborate across incident response, blue team engineering, vulnerability research, policy architecture, and DevSecOps. We work closely with scientific and operations teams and act as liaisons to ORNL’s broader risk management framework. We are a Linux focused environment with security challenges that prioritize scale, performance, and scientific computing integrity. You automate wherever possible, using Infrastructure as Code (IaC) and repeatable patterns so security can scale with operations. You can translate governance requirements into implementable standards and aggregate technical realities into clear risk-based decision options for leadership. You collaborate well, document what matters, and enjoy driving improvements that are both technically sound and audit ready. You may have more than a couple of our Preferred Qualifications and probably do not yet have any prior HPC experience. You may have technical leadership experience and/or want to grow into this role. You may or may not think Hackers is an incredible movie.

Requirements

Bachelor’s degree in Computer Science, Cybersecurity, or related field
Minimum of five years of relevant experience
Equivalent combination of education and experience will be considered

Nice To Haves

Master’s degree in Computer Science, Cybersecurity, or related field and at least eight years of relevant experience
Strong understanding of U.S. Federal cybersecurity frameworks, standards, and guidelines including FISMA, NIST RMF (SP 800-37) and SP 800-53, FIPS 199/200, FedRAMP, and OMB Memorandums
Experience as an Information Systems Security Officer (ISSO) and/or administering systems in UNIX/Linux environments
Solid understanding of networked computing concepts and common protocols (DNS, DHCP, LDAP, SNMP, SMTP, HTTP(S), TLS/SSL)
Experience representing organization during security cybersecurity audits
Familiarity building or operating security tools such as SIEMs, vulnerability scanners, NIDS/HIDS, server telemetry, and detection engineering
Experience with incident response and Linux forensics
Familiarity with automated configuration management tools
Experience in network, application, and/or security architecture and design, including threat modeling and security review practices
Experience in a high-performance computing environment (nice to have), including multi-tenant compute, high-speed interconnects, and parallel filesystems

Responsibilities

Translate complex technical concepts to communicate effectively with scientific, operations, project, and management staff
Help shape the Supercomputing security architectural vision and lead security reviews of new capabilities, services, and designs against core security plans
Design, implement, and automate policy/control assessments to verify cybersecurity and operational policy compliance
Engineer secure software development frameworks, tools, and guardrails that enable teams to deliver securely at HPC scale
Define and implement best practices, standards, and technical baselines within the organization
Analyze, triage, and respond to application, system, and network security relevant events
Serve as a security liaison for projects of national interest and external partners
Interpret cybersecurity policy and requirements; recommend enhancements to current policies/standards and lead implementation efforts with stakeholders
Lead vulnerability management activities including remediation coordination, patch planning, verification, and approved penetration testing
Document cybersecurity procedures, standards, control narratives, and decision records to support operations, audits, and continuous improvement
Participate in a 24/7 on-call incident response rotation