Los Alamos National Laboratory Cybersecurity Technical Staff 3 in Los Alamos, New Mexico

What You Will Do_

The Office of the Chief Information Officer (OCIO) orchestrates the information security and technology environment across the Laboratory through strategic planning, cybersecurity advisory support, governance, policy development, risk management, and efficient, effective portfolio management. Depending on your strengths and experience you may perform duties related to risk management, technical vulnerability assessment, certification and accreditation, or act as a senior cybersecurity advisor to key mission and operational organizations at the Laboratory.

The ideal candidate will be a self-starter with an inquisitive, analytical mind that constantly looks for solutions to difficult problems. The employee must have the ability to convey complicated technology and security concepts to stakeholders at multiple levels and ideally has technical knowledge and/or experience in multiple relevant areas. A proficiency in a risk management framework and conducting risk assessments in a regulated environment is desired.

As a Cybersecurity Technical Staff in the OCIO you will perform a range of duties to help ensure cybersecurity for the Laboratory. Areas of potential effort include: technical vulnerability assessment, certification and accreditation of IT systems based on a risk management framework (RMF) approach (i.e. NIST 800-53); contribution to documentation and processes to achieve Authorizations to Operate (ATOs); risk analysis of IT Systems; act in an advisory role to mission organizations to identify and resolve cybersecurity issues; recommend lessons learned and mitigations based upon incidents and penetration testing; information security control evaluation and testing; and the development and implementation of processes and tools to enable the Laboratory’s mission. You will be expected to keep an up-to-date understanding of all relevant federal requirements and RMF best business practices and apply them in your daily work activities, including supporting the development of policy and procedural documents. You may be expected to identify, assess, and defend against cyber system vulnerabilities, risks, and resulting physical or mission impacts. You may be expected to contribute to creating intelligence or operational products and perform cyber analysis. You will be expected to collaborate with other cyber security and information technology experts at the Laboratory, mission stakeholders, and others throughout the Department of Energy complex. As a result, good communication, diplomacy and interpersonal skills are required. Additional detail on potential job related duties and proficiency include but not limited to:

  • Contributes significantly to resolving cyber issues and providing input or guidance as appropriate.

  • Develops and evaluates new tools, risk analysis approaches, researches exploitation methods and techniques, and proposes effective solutions to cyber security issues.

  • Advances the development and implementation of metrics and data analytics for new and unusual features, and manipulates raw data when needed to gather information.

  • Advances the development of automating the implementation, configuration and maintenance of NIST related standards and controls for networks and systems.

  • Advances the development and presentation of technical reports and briefings on complex system vulnerabilities to convey risks, impacts and security control recommendations to senior management and stakeholders.

  • Establishes direction and milestones for well-defined tasks involving more than one person. Scopes tasks within a project and defines deliverables at a task level within the approved scope, schedule, and budget.

  • Independently researches, assembles, and/or evaluates information or data regarding industry practices or applicable regulatory changes affecting cyber security policies or programs. Recommends sound and practical solutions to complex issues, scrutinizing the facts without making snap or biased judgements.

  • Sets an example as a trusted advisor across functions and organizations and helps maintain OCIO as an ethically and legally pristine organization. Displays the strength to stand by difficult, but sound decisions, while helping steer stakeholders towards outcomes that support mission and operations.

  • Understands at an advanced level and adheres to all Laboratory and industry regulatory guidance and governance specific to cyber security.

  • Reviews and ensures all results, processes, and final products meet high quality specifications and are completed according to established requirements.

What You Need

Minimum Job Requirements:

  • Advanced knowledge of and demonstrated experience with aspects of current IT technology including software, networks, security tools, services and related protocols.

  • Advanced knowledge of information security practices for one or more of the following disciplines: Mobility and Remote Computing, Cloud Computing, High Performance Computing, Data Base Security, or Industrial Control Systems.

  • Advanced knowledge of and experience in one or more of the following disciplines: computer science, information security, information assurance, or cyber security.

  • Advanced technical knowledge of cyber threats and vulnerabilities and demonstrated ability to apply that knowledge to system engineering, analytics, risk management, policy or operations as well as communicate that knowledge to a spectrum of stakeholders.

  • Safety and security are a primary responsibility for all Laboratory employees. Sets an example in maintaining required safety and security training, assuring safety and security compliance, and making safety and security an integral part of every task, including taking the necessary steps to stop work if continuing the job is unsafe or compromises security.

  • Sets an example and fosters a mutually respectful work environment that is free from discrimination and harassment.

Desired Skills:

  • Knowledge of and demonstrated experience related to vulnerability assessment, detection and mitigation, red teaming, reverse engineering, forensics, or incident response.

  • Demonstrated regulatory compliance knowledge of some of the following: FIPS, HIPAA, FISMA, NIST RMF, CNSS, or FedRAMP.

  • Exposure to Security Architectures and Principles such as OWASP, SSAE-16, SAS70, ISO 27001, or HIPAA.

Education: Position typically requires a Bachelor’s degree (Master’s preferred) in a technical field and eight (8) years of experience, or an equivalent combination of education and experience.

Additional Details:

Clearance: Q (Position will be cleared to this level). Applicants selected will be subject to a Federal background investigation and must meet eligibility requirements* for access to classified matter.

*Eligibility requirements: To obtain a clearance, an individual must be at least 18 years of age; U.S. citizenship is required except in very limited circumstances. See DOE Order 472.2 for additional information.

New-Employment Drug Test: The Laboratory requires successful applicants to complete a new-employment drug test and maintains a substance abuse policy that includes random drug testing.

Regular position:Term status Laboratory employees applying for regular-status positions are converted to regular status.

Internal Applicants:Please refer to Laboratory policy P701 for applicant eligibility.

Equal Opportunity: Los Alamos National Laboratory is an equal opportunity employer and supports a diverse and inclusive workforce. All employment practices are based on qualification and merit, without regards to race, color, national origin, ancestry, religion, age, sex, gender identity, sexual orientation or preference, marital status or spousal affiliation, physical or mental disability, medical conditions, pregnancy, status as a protected veteran, genetic information, or citizenship within the limits imposed by federal laws and regulations. The Laboratory is also committed to making our workplace accessible to individuals with disabilities and will provide reasonable accommodations, upon request, for individuals to participate in the application and hiring process. To request such an accommodation, please send an email to applyhelp@lanl.gov or call 1-505-665-4444 option 1.

Where You Will Work_

Located in northern New Mexico, Los Alamos National Laboratory (LANL) is a multidisciplinary research institution engaged in strategic science on behalf of national security. LANL enhances national security by ensuring the safety and reliability of the U.S. nuclear stockpile, developing technologies to reduce threats from weapons of mass destruction, and solving problems related to energy, environment, infrastructure, health, and global security concerns.

Maximum Salary: 161300

Minimum Salary: 96600

Location: Los Alamos, NM, US

Contact Name: Jiron, Sue Antoinette (Antoinette)

Organization Name: OCIO / Office Of The Chief Information Officer

Email: sajiron@lanl.gov

Job Title: Cybersecurity Technical Staff 3

Appointment Type: Regular

Req ID: IRC68902