Los Alamos National Laboratory Cybersecurity Technical Staff 3 (Information Security System Engineer) in Los Alamos, New Mexico
What You Will Do_
The Sensitive and Special Operations Office (SSO) is seeking an experienced information security professional for our Field Intelligence Element Cyber Security Team. The Cyber Security Team provides a secure and compliant classified computing environment for execution of mission-driven national security programs.
The successful candidate will have the opportunity to perform the full spectrum of Information System Security Engineer (ISSE) duties. The ISSE works with customers and IT professionals to ensure information technology systems are designed, developed, implemented and maintained with required security features and safeguards implementing controls using a Risk Management Framework (RMF). The employee must have the ability to convey complicated technology and security concepts to stakeholders at multiple levels and ideally has technical knowledge and/or experience in multiple relevant areas. A proficiency in a risk management framework and conducting risk assessments in a regulated environment is desired.
Some of the responsibilities an ISSE 3 include:
Employing best practices when implementing security requirements within an information system including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques
Evaluate and deploy new cyber security tools and processes while proposing operationally effective solutions to cyber security issues
Performs identification, monitoring, detection, analysis, exploitation and/or mitigation of complex computer and network security vulnerabilities, incidents, and suspicious activity
Ensuring information technology systems are designed, developed, and implemented with required security features and safeguards
Proposing the categorization of the information system and documenting the results in the system security plan
Ensuring enhancements to existing systems provide equal or improved security features and safeguards
Establishes direction and milestones for well-defined tasks involving more than one person. Scopes tasks within a project and defines deliverables at a task level within the approved scope, schedule, and budget
Ensuring the appropriate system documentation is accomplished as early as possible for ongoing coordination on security decisions
Test and evaluate servers, workstations and applications for vulnerabilities
In addition to the responsibilities outlined above, the ISSE will participate on a team that:
Serves as a technical expert for key security solutions
Develops advanced methods, techniques, and standards to implement network monitoring tools
Implements and supports IT solutions to ensure protection of system confidentiality, integrity and availability
Designs, develops, implements and maintains continuous monitoring systems
What You Need
Minimum Job Requirements:
Have a strong software development and software testing background
A deep understanding of the cyber security environment, including network and host system security issues and concepts, compliance, and certification
Advanced understanding of common network and host-based attacks, attack methods, network defense architectures, and security tools
Advanced knowledge of information security practices for one or more of the following disciplines: Windows server and workstations, cloud computing, UNIX/Linux Oss, high performance computing and networking
Advanced working knowledge of cloud computing risks, threats, and mitigations
Ability to collaborate well in a dynamic team environment
Strong analytical, documentation, and communication skills
Advanced technical knowledge of classic and contemporary cyber threats and vulnerabilities and demonstrated ability to apply that knowledge to system engineering, analytics, or operations
Demonstrated knowledge of traditional datacenter computing in addition to cloud computing architectures
Knowledge of building information security capabilities and implementation of technical security controls
Knowledgeable in cyber security best practices and standards including Committee on National Security Systems Policies and Instructions (CNSSP/CNSSI), National Institute of Standards and Technology (NIST) publications and Intelligence Community Directives and Standards (ICDs/ICSs)
Knowledge of UNIX/Linux operating systems
Knowledge of Risk Management Framework (RMF)
Experience operating host based security systems, intrusion detection systems and network scanning tools
Professional certifications desired
Working knowledge of networking topology and switches, routers, encryptors and load balancers
Demonstrated experience maintaining situational awareness of network topologies, vulnerabilities and threats
Understanding of Department of Energy (DOE), National Nuclear Security Administration (NNSA), and LANL computer and information security policies, practices, and procedures
Experience with network logging consolidation tools such as Splunk or Elm
Bachelor’s degree (Master’s preferred) in Computer Engineering, Computer Science, Information Sciences, or other related discipline and a minimum of eight years related experience, or an equivalent combination of education and experience.
Clearance: Q/SCI(Position will be cleared to this level). Applicants selected will be subject to a Federal background investigation and must meet eligibility requirements* for access to classified matter.
*Eligibility requirements: To obtain a clearance, an individual must be at least 18 years of age; U.S. citizenship is required except in very limited circumstances. See DOE Order 472.2 for additional information.
New-Employment Drug Test: The Laboratory requires successful applicants to complete a new-employment drug test and maintains a substance abuse policy that includes random drug testing.
Regular position:Term status Laboratory employees applying for regular-status positions are converted to regular status.
Internal Applicants:Please refer to Laboratory policy P701 for applicant eligibility.
Equal Opportunity:Los Alamos National Laboratory is an equal opportunity employer and supports a diverse and inclusive workforce. All employment practices are based on qualification and merit, without regards to race, color, national origin, ancestry, religion, age, sex, gender identity, sexual orientation or preference, marital status or spousal affiliation, physical or mental disability, medical conditions, pregnancy, status as a protected veteran, genetic information, or citizenship within the limits imposed by federal laws and regulations. The Laboratory is also committed to making our workplace accessible to individuals with disabilities and will provide reasonable accommodations, upon request, for individuals to participate in the application and hiring process. To request such an accommodation, please send an email to email@example.com or call 1-505-665-4444 option 1.
Where You Will Work_
Located in northern New Mexico, Los Alamos National Laboratory (LANL) is a multidisciplinary research institution engaged in strategic science on behalf of national security. LANL enhances national security by ensuring the safety and reliability of the U.S. nuclear stockpile, developing technologies to reduce threats from weapons of mass destruction, and solving problems related to energy, environment, infrastructure, health, and global security concerns.
As an information security professional at LANL, you will have the opportunity to be on the cutting edge of computer and network security design, while enjoying the unique opportunities provided by LANL’s location. You will be part of the team that provides a secure and compliant TS/SCI environment for execution of mission-driven National Security programs to protect against nuclear threats.
Maximum Salary: 161300
Minimum Salary: 96600
Location: Los Alamos, NM, US
Contact Name: Salyer, Reyna Linda
Organization Name: SSO-4/SSO-CYBER SECURITY
Job Title: Cybersecurity Technical Staff 3 (Information Security System Engineer)
Appointment Type: Regular
Req ID: IRC69109