Refine Search Clear All
Information Technology/Computing | livermore, CA | 06/18/2021
Job Code: SES.2 Science & Engineering MTS 2 / SES.3 Science & Engineering MTS 3
Position Type: Career Indefinite
Security Clearance: Anticipated DOE Q clearance (requires U.S. citizenship and a federal background investigation)
Drug Test: Required for external applicant(s) selected for this position (includes testing for use of marijuana)
Medical Exam: Not applicable
Join us and make YOUR mark on the World!
Are you interested in joining some of the brightest talent in the world to strengthen the United States’ security? Come join Lawrence Livermore National Laboratory (LLNL) where our employees apply their expertise to create solutions for BIG ideas that make our world a better place.
We are committed to a diverse and equitable workforce with an inclusive culture that values and celebrates the diversity of our people, talents, ideas, experiences, and perspectives. This is essential to innovation and creativity for continued success of the Laboratory’s mission.
We have an opening for a Cybersecurity Engineer to independently and collaboratively perform a wide range of activities associated with supporting the Cyber Security Operations Center (CSOC) Incident Response team. This position is within the Information Technology Solutions Division (ITSD) of the Computing Directorate and matrixed to the Cyber Security Program (CSP), in support of the Livermore Information Technology (LivIT) Program.
This position will be filled at either level based on knowledge and related experience as assessed by the hiring team. Additional job responsibilities (outlined below) will be assigned if hired at the higher level.
In this role you will
Protect enterprise systems and information by promptly responding to security threats and incidents, acting individually and as part of a team.
- Proactively hunt for cyber threats and enact identification, containment and eradication measures while supporting recovery efforts.
- Perform analysis on LLNL intrusion detection systems.
- Provide security monitoring and incident response support including troubleshooting and resolution of issues.
- Create and manage processes, systems, and tools exercising a high degree of responsibility.
- Serve as an incident response technical point of contact and interact with internal and external personnel.
- Perform technical assessments, document actions, findings, and make remediation recommendations.
- Perform other duties as assigned.
Additional job responsibilities, at the SES.3 level
- Manage multiple complex parallel tasks and priorities of customers and stakeholders, ensuring deadlines are met, while leveraging team member skills.
- Develop advanced methods, tools, and procedures to improve incident response capabilities and automate various complex tasks.
- Mentor and provide technical guidance to team members in incident response best practices and procedures.
- Ability to maintain a U.S. DOE Q-level security clearance which requires U.S. citizenship.
- Bachelor’s degree in Computer Science, Computer Engineering or related field, or the equivalent combination of education and related experience.
- Broad experience with SIEM, log aggregation, packet analysis, or other cybersecurity tools.
- Experience conducting host forensics, network forensics, log analysis, or malware analysis in support of incident response investigations.
- Proficient written and verbal communication, strong interpersonal skills, ability to collaborate in a multi-disciplinary team environment and to interact with all levels of management and staff.
- Ability to effectively manage concurrent technical tasks with conflicting priorities, to approach difficult problems with enthusiasm and creativity and to change focus when necessary, with experience working independently.
- Current industry specific certifications including but not limited to Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Global Information Assurance Certification (GIAC).
- Ability to work off-hours and on-call to respond to incidents (intermittently, either as-needed or as part of a rotation).
Additional qualifications at the SES.3 level
- Significant knowledge of SIEM solutions, threat hunting, incident response, or incident management.
- Significant experience with log analysis, event correlation, or incident management procedures.
- Advanced ability to provide innovative approaches and apply new technologies to tasks and projects that may not be well defined.
Qualifications We Desire
- Master’s degree in Computer Science, Computer Engineering, or a related field, or equivalent level of knowledge.
- Significant incident response experience, including experience with cloud.
- Experience with programming or scripting languages such as C, C#, Python, Java, PowerShell and PHP.
Why Lawrence Livermore National Laboratory?
- Included in 2021 Best Places to Work by Glassdoor!
- Work for a premier innovative national Laboratory
- Comprehensive Benefits Package
- Flexible schedules (*depending on project needs)
- Collaborative, creative, inclusive, and fun team environment
Learn more about our company, selection process, position types and security clearances by visiting our Career site.
LLNL is a Department of Energy (DOE) and National Nuclear Security Administration (NNSA) Laboratory. Some positions will require a DOE L or Q clearance (please reference Security Clearance requirement above). If you are selected and a clearance is required, we will initiate a Federal background investigation to determine if you meet eligibility requirements for access to classified information or matter. In addition, all L or Q cleared employees are subject to random drug testing. An L or Q clearance requires U.S. citizenship. For additional information please see DOE Order 472.2.
Pre-Employment Drug Test
External applicant(s) selected for this position will be required to pass a post-offer, pre-employment drug test. This includes testing for use of marijuana as Federal Law applies to us as a Federal Contractor.
Equal Employment Opportunity
LLNL is an affirmative action and equal opportunity employer that values and hires a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, marital status, national origin, ancestry, sex, sexual orientation, gender identity, disability, medical condition, pregnancy, protected veteran status, age, citizenship, or any other characteristic protected by applicable laws.
If you need assistance and/or a reasonable accommodation during the application or the recruiting process, please submit a request via our online form.
California Privacy Notice
The California Consumer Privacy Act (CCPA) grants privacy rights to all California residents. The law also entitles job applicants, employees, and non-employee workers to be notified of what personal information LLNL collects and for what purpose. The Employee Privacy Notice can be accessed here.