Job Description

Cyber Security Engineer

Our client is inviting applications for the position of Cyber Security Engineer. The client's mission is to accelerate scientific discovery through high performance computing and data analysis for the DOE Office of Science programs.

Client provides critical HPC and data systems and support for the client's 10,000 users researching alternative energy sources, climate science, energy efficiency, environmental science, and other DOE mission areas.

In this exciting role, you will be involved in all aspects of cyber security at client's, working both independently and collaboratively with the rest of the security team to monitor for malicious and unauthorized activity, perform vulnerability scanning and application security testing, participate or lead responses to security incidents, work with other company staff and end-users to provide security guidance, perform security assessments and reviews, assist in the remediation or mitigation of cyber security issues, and contribute to the company strategy as we move to exascale and beyond.

At the company, you will work in a collaborative, interdisciplinary environment with opportunities to explore emerging technologies, become involved in cross-team projects, and attend company seminars on a wide range of scientific and technical subjects.

You Will

• Perform security duties including monitoring for potential threats, proactively examining network traffic and log data, investigating anomalous activity, forensic analysis, and resolution of security incidents.
• Support and/or lead cyber incident response activities, participating in the full incident response lifecycle, from initial detection through resolution and post-incident documentation.
• Maintain up-to-date awareness of cybersecurity threats and trends by monitoring a variety of information sources.
• Assess emerging security issues to determine risk and impact to the center, advise on appropriate response strategies, and coordinate mitigation efforts across teams.
• Assist with vulnerability assessment activities,including configuration of scanning tools, assessment of vulnerabilities reported from a variety of sources, prioritization and triage of discovered vulnerabilities, and working closely with company staff and end users to guide remediation efforts.
• Participate in 24/7 on-call rotation, occasionally working outside of scheduled hours as needed.
• Contribute to the design and development of company's security architecture, identify and address operational gaps in monitoring and detection capabilities, and help evaluate and develop new cyber security tools and technologies.
• Participate or lead efforts to upgrade existing systems to meet evolving needs, including the specification, purchase, installation, configuration, and deployment of new hardware and security services. Perform system administration tasks, troubleshooting, and hardware maintenance and support as needed.
• Help maintain and manage existing cybersecurity systems using automation tools.
• Develop comprehensive documentation of the team's technical systems, processes, and procedures.
• Develop and add new signatures to IDS and monitoring infrastructure based on emerging threats and data from past incidents, ensuring detection capabilities align with the latest attack vectors and vulnerabilities.
• Regularly review and refine existing rules and signatures to enhance accuracy, reducing false positives and negatives. Lead or support the design and implementation of security initiatives, including a Zero Trust strategy, that reduce and mitigate risk while continuing to enable company's open science mission.
• Promote a strong security culture through outreach, technical consulting, and security awareness activities.
• Provide guidance on security best practices, assist with the implementation of security controls, and effectively communicate security policies and requirements to company staff and users.
• Collaborate closely with company system engineers and software developers to integrate cyber security tools and processes throughout the center.
• Conduct in-depth security reviews and risk assessments, analyzing both technical and non-technical factors to identify weaknesses in existing and proposed deployments.
• Document review findings in detailed reports, providing actionable recommendations for addressing identified security issues and mitigating risk.
• Serve as a security subject matter expert on cross-functional projects and initiatives, offering guidance based on security best practices, identifying and communicating security issues, and collaborating with others to ensure security is a key consideration across all phases of the project.
• Contribute to the development of cybersecurity requirements, translating high-level policy into actionable security controls and guidelines.
• Assist with maintaining and updating documentation in a central repository.
• Create technical guides, best practices, and other resources to assist company staff and users in understanding.
• May lead technical initiatives or projects focused on advancing security in areas such as containerized environments, secure software practices, Zero Trust Architecture, and secure data movement in HPC and scientific workflows.

We Are Looking For

• Typically requires a minimum of 8 years of related experience with a Bachelor's degree; or 6 years and a Master's degree; or equivalent experience.
• Experience administering Linux/Unix systems or configuring network security devices.
• Experience using cybersecurity tools and technologies, such as intrusion detection/prevention systems, firewalls, SIEM platforms, or vulnerability scanners, with demonstrated proficiency in at least one. Experience designing, implementing, and maintaining network traffic capture and monitoring solutions for complex, high-speed network environments.
• Experience performing or supporting incident response activities, including investigation, analysis, containment, and resolution of incidents.
• Experience collecting, parsing, and analyzing log and telemetry data from a variety of systems (e.g., servers, network devices, user sessions) to detect and respond to incidents.
• Experience leading the implementation or administration of IT infrastructure, leading projects or teams, or providing technical direction for operations or security initiatives.
• Experience developing scripts or programs in Python, Shell, C, C++, or similar languages. Knowledge of common security vulnerabilities and mitigations, attacker TTPs and associated detection methods, and an understanding of core cybersecurity principles. Demonstrated ability to work in a Linux or UNIX environment, primarily at a Command Line Interface (CLI).
• Ability to troubleshoot and resolve complex issues where analysis of situations or data requires an in-depth evaluation of variable factors. In-depth knowledge of network security and upper-layer protocols.
• Ability to network and collaborate with key contacts beyond one's area of expertise, and to work effectively both independently and within interdisciplinary teams.
• Ability to manage multiple tasks and respond to rapidly changing priorities.
• Excellent oral and written communication skills.

Desired Skills/knowledge

• Experience working in High Performance Computing, higher education, or research environments.
• Experience implementing Zero Trust architectures, securing container platforms and workloads, or integrating security into development and deployment processes.
• Experience conducting policy compliance activities, such as auditing against cybersecurity frameworks (e.g., NIST, ISO 27001, CIS Controls), and performing vulnerability or risk assessments. Experience securing large-scale computing or open network environments with broadly accessible infrastructure. Familiarity with configuration automation tools such as puppet or ansible.
• Knowledge of dual-stack (IPv4/IPv6) and IPv6-only network environments, including common security challenges and strategies.
• Knowledge of API security, including secure API design principles and familiarity with OAuth 2.0, JWT, and API key management.
• Understanding of secure coding practices, with the ability to review source code for vulnerabilities and collaborate with development teams on secure solutions.
• Knowledge of data analytics, machine learning, or statistical models and their application to security analysis.

About MY HR:
MY HR is an award-winning, woman and minority-owned firm based in Atlanta. We specialize in providing full-service professional HR services, and are proud to be an equal opportunity employer. With a commitment to excellence and a focus on diversity, we strive to help businesses of all sizes achieve their human resources goals.

Follow us for more info:

linkedin.com/company/my-hr/
facebook.com/myhrsupplier
instagram.com/myhrmanagement/

MY HR is an award-winning Full-Service Professional Human Resources Consulting firm offering Staff Augmentation, Project and SOW staffing, Permanent Placement, Recruitment Process Outsourcing (RPO), Payroll Services, and full range HR Services including compliance, training, and workforce development. With our personal touch, we help small to mid-sized companies as well as Fortune 500 companies grow and strengthen in the HR area by providing customized HR solutions.

Check out our website: myhrmgmt.com

Job Tags

Similar Jobs