CERT-SEI

Careers

Working at the CERT Division provides opportunities to have an impact on cybersecurity. At the CERT Division, you will have the chance to research security vulnerabilities in software products, contribute to long-term changes in networked systems, and develop cutting-edge information and training to help improve security.

The dynamic work environment at the CERT Division comes from our operating principles. At the CERT Division, we

  • advocate an entrepreneurial responsibility to develop new products and services, serve new customers, and increase our impact across the community
  • take informed risks, support each other in taking risks, and then celebrate our successes or learn from our mistakes
  • recognize the value of professional growth and take advantage of opportunities to increase subject matter knowledge and leadership capabilities

We work to ensure that systems management practices and technology, survivability engineering methods, network attack detection tools, and skilled staff are used to resist, recognize, and recover from attacks on networked computer systems. Our work environment is collaborative in nature as staff members work on cross-functional teams within the CERT Division, the Software Engineering Institute, other Carnegie Mellon departments, and across the global community.

Staff members say that one of the most satisfying aspects of working in the CERT Division "is being able to contribute to a global community that can impact the state of internet security."

To learn more about the program's technical areas of work, please see About Us. To learn more about working at the CERT Division, see Our Place at Carnegie Mellon University and Living in Pittsburgh.

Current Job Listings

The position you are looking for is not available. Please take a look at our current open positions listed below.

Select Job Location

Sort by Date Posted Title Location

14 Aug
2015
Technical Team Lead - ETVM Technical Solutions - 2001626
Pittsburgh, PA or Arlington, VA

Position Summary: The successful candidate will be a member of the Enterprise Threat and Vulnerability Management (ETVM) team, which focuses on assisting organizations in improving their security posture and incident response capability by researching technical threat areas; developing information security assessment methods and techniques; and providing information, solutions and training for preventing, detecting, and responding to illicit activity. ETVM team members are domain experts in insider threat and incident response, and team capabilities include threat analysis and modeling; development of security metrics and assessment methodologies; and creation and delivery of training, courses, and workshops.  

The successful candidate will be a Team Lead, responsible for the management and oversight of the Technical Solutions team within ETVM.  The Technical Solutions team lead is responsible for the creation, development, and management of novel cybersecurity solutions that support customer driven operational and research missions. The Technical Solutions team will interact with US Government departments and agencies, industry representatives, contractors, academia and others to identify gaps in cybersecurity tools, techniques, and procedures; create prototype capabilities to fill the gaps, and transition the prototype solutions to customers and partner organizations.  The team prepares technical reports and briefings for all customer funded work.  The Team Lead is responsible for developing and communicating a technical vision, developing tasking and budget data for project work statements, generating new work and customers, working with business development staff, executing work with high degree of customer satisfaction, and supervising staff. The successful candidate will conduct research on best practices on difficult information technology solutions and provide reference architecture papers to assist Federal agencies in deploying those solutions.

The successful candidate must have proven experience conducting and leading research efforts in support of the US Federal Government and Department of Defense; managing technical teams; be self-directed, have a track record of creating interdisciplinary approaches to problem solving, and demonstrate exceptionally strong presentation and writing skills. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner. 

The successful candidate will be responsible for the personnel management of the Technical Solutions team, including hiring, performance evaluations, professional development, and mentoring of their team members.  The Technical Solutions Team Lead will work with other SEI teams to encourage inter-departmental collaboration on projects, and assure the widest range of expertise is brought to each solution developed.

 

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science, Information Science, Information Systems Management with ten (10) years applicable experience or MS in Computer Science, Information Technology with eight (8) years applicable experience; or equivalent combination of training and experience.

Experience: 

  • Experienced professional with excellent technical skills, knowledge to successfully manage project work, and a proven track record leading technical projects.  
  • experience working in or with the DOD, intelligence community, or law enforcement in classified environment.
  • experience in both physical and cyber security.
  • working in a team environment on collaborative projects in critical infrastructure sectors involving network, system or data security.
  • 8+ years of software, hardware, or network design, development and test.
  • experience writing device drivers.
  • experience writing application/OS patches.
  • experience working with international standards agencies.

Skills/Abilities:

  • system administration and network administration skills and familiarity with Windows, UNIX, LINUX operating systems.
  • software/application development in at least two of the following languages: Java, Perl, Python, C, C++, C# and the .NET Framework.
  • knowledge of core Internet protocols (TCP/IP, UDP, ICMP, DNS, FTP, SMTP, HTTP, SNMP, etc.).
  • ability to understand and configure Ethernet based switches, routers, firewalls, and VPN concentrators.
  • knowledge of modern versioning control systems and integrated development environments.
  • understanding of network design and implementation at LAN and WAN levels.
  • broad understanding and application of multi-tiered enterprise client/server architectures, design, implementation and security.
  • software / systems development lifecycle, QA testing, build process, revision control, and change management practices.
  • software / systems testing, including unit, system and integration testing process and implementation.
  • proven ability to innovate, develop, implement, and effectively document complex technical systems and approaches.
  • proven ability to integrate multiple technologies, standards and data sources into a consolidated solution.
  • knowledge of common attack methodologies; common types of security vulnerabilities; basic computer security forensics.
  • strong  oral and written communications skills (e.g., technical writing, user guide development, requirements analysis) and ability to interact effectively with technical and non-technical audiences, as well as present in front of small and large groups; participate in external customer and sponsor meetings.
  • ability to travel to various locations within the SEI and CMU community, customer sites, and offsite meetings with weekly/monthly frequency to travel on overnight and on-site assignments; ability to work in varied and diverse situations requiring analytical, interpretative, evaluative and constructive thinking;
  • manage workload and priorities on multiple scheduled assessments;
  • able to function independently or in teams depending on the project;
  • work under pressure; deal with stress;
  • deal with challenging individuals while maintaining composure;
  • ability to exercise tact and discretion when handling highly sensitive and confidential issues;
  • maintain confidentiality while working with highly confidential and sensitive matters.
  • handle sensitive data according to project and/or USG data handling procedures.
  • ability to interpret and communicate information about government regulations and university policies.
  • quantitative and qualitative analytical skills.
  • ability to trouble shoot problems proactively and to answer questions and handle issues as they arise.
  • effective time management skills; and strong problem solving skills;
  • ability to handle change and be flexible with respect to functions and responsibilities;
  • experience managing/supervising a technical teams performance reviews, and dealing with employee issues 

Environmental Conditions:  close contact with computer monitor for extended periods of time.

Other:  Candidate must be able to pass a background investigation, obtain a TS SCI security clearance, and be a US citizen.

 

Preferred Qualifications and Requirements:

Education/Training:  PhD in Computer Science with five (5) years applicable experience; or MS in Computer Science Information Science with eight (8) years applicable experience; six years applicable experience in Information Systems Management; Current Certified Information System Security Profession (CISSP) or similar certification is desired. Advanced understanding of computer operating systems (e.g. Windows8 /7), and computer networking (TCP/IP). Various computer related training or certifications (e.g. MCSA, Cisco, etc.). Thorough understanding of relevant operating systems and their security principles (Windows, Mac OS X, Linux, Solaris)

Experience: 

  • leadership experience with software development and/or system administration in large-scale, distributed computing environments. Experience with wide-area network design, deployment, and troubleshooting.
  • experience developing materials for senior leadership in government or industry.
  • experience interfacing with the DOD, US federal civilian government, intelligence community, or law enforcement.
  • advanced Windows and/or Linux system administration skills.
  • experience working in a classified environment.

Skills/Abilities: 

  • project management experience.
  • leadership and mentoring skills.
  • proven skills working in a team environment on collaborative projects in US government, critical infrastructure sectors involving network, system or data security.

 

Accountability: The individual will be accountable for leading projects, including development and management of budgets and project plans, and managing schedules with sponsors. The individual will also be accountable for managing sensitive, and possibly classified, customer information.

Direction: The individual is expected to act independently following CMU, SEI, and CERT defined policies, practices, and procedures – within the scope of assigned work, and to adhere to any additional sponsor-specified requirements related to the projects involved.

Decisions: The individual must make sound decisions with little supervision in leading and managing project team work. The individual must accurately represent the program in interactions with external customers, sponsors, and the public.

Supervisory Responsibilities: This position will be responsible for supervising a team of 4-8 staff.  Within this context, the candidate will work with staff in setting goals and objectives, appraise performance, mentor staff professional development, and manage staff work assignments.  In addition, the position may be responsible for hiring and managing student interns throughout the academic calendar year as well as in the summer.

                               

Job Functions or Responsibilities:

25%     Set, manage, and contribute to the technical direction for the group.  Lead the planning process and contribute to the development of the ETVM/CERT research agenda.  Contribute to the development of SEI and CERT strategic plans.  Ensure regular updates to the agenda; review feasibility of the agenda, identify risks and define risk mitigation strategy.  Articulate vision for internal and external audiences.

35%     Manage group to effectively implement the research agenda and SEI plan commitments.  Set goals and objectives and manage operational and functional business activities.   Develop, implement and track short and long term operational plans (financial, staffing, infrastructure, project).

15%     Publish findings, deliver technical briefings, and meet with stakeholders.

15%     Provide guidance to and monitor the success of technical staff in meeting strategic and operational goals. Assess performance of direct reports and make salary recommendations for all staff within areas of responsibility.  Responsible for recruitment, hiring, development and retention of all technical and support staff.

10%     Identify opportunities for new technical projects and manage start-up of new, high-priority technical areas of work. Work with Technical Manager & PDT business development managers to develop and implement a funding and transition plan for new work areas.

100% TOTAL EFFORT

                                                                  

Organizational Chart: CERT Program, Director < Risk and Resilience Directorate, Technical Director < Enterprise Threat & Vulnerability Management, Technical Manager < Technical Solutions, Technical Team Lead

                                                                                                          

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran.

 

14 Aug
2015
Technical Manager - Cyber Security Foundations - 2001627
Pittsburgh, PA or Arlington, VA

Position Summary: This position provides the management and leadership to build and demonstrate capabilities in the science and practice of building secure software in the CERT Program. This position will support the Technical Director for Cyber Security Foundations to manage strategy, resources and priorities, to develop business, and to interact with strategic customers.  This position will provide backup and support for the Technical Director’s CSF-wide roles for engaging stakeholders, the research community and customers.

The key responsibilities are:

Technical and business strategy: Establish, maintain and implement a technical and business strategy for the team, aligned with the directorate’s strategy, for a sustainable technical agenda of work of demonstrable value to customers. Business aspect of strategy lays out the vision for engaging with customers and maintaining a revenue stream to support implementation of the technical strategy. Define and track metrics documenting achievement of strategic goals.

Leadership: Represent the team in external engagements describing and promoting the values and skills that the team provided for customers, in both oral (e.g., give a presentation) and written (e.g., write a blog) venues. Collaborate with other parts of CERT (SEI) to support larger engagements covering broader agendas, led by the team or by other teams.

Personnel management: Establish goals and objectives for individuals aligned with team’s goals and objectives; evaluate personnel with both informal feedback and formal reviews; establish appropriate career and growth plans for each individual; mentor high potential individuals.

Organization management: Participate and collaborate as part of the management team (CSF, CERT, SEI) in evolution of the organizations’ strategies and processes. Work with program management to respond to requests for data calls and operational status. Coordinate budgets and pipeline with program management and business development.

Individual contribution: Participate in the generation of deliverables for one or more projects in the team. (May pursue new avenues of related work, not required to attach to any specific existing project.)

 

Minimum Qualifications and Requirements:

Education/Training: MS degree in a technical field such as computer science, information technology, electrical engineering, or equivalent combination of training or experience with eight (8) years applicable experience.

Experience: Years of progressively responsible experience in a technology- or research- based organization in higher education, industry or the government. Experience with software development projects including hands-on development, development team leadership & project management. Demonstrated management experience with responsibility for projects, people, budgets & contracts.

Skills/Abilities: Mastery and broad understanding of computer systems, computer security practices and information security evaluation methods; ability to manage diverse areas and large, complex projects; ability to influence, work with and manage technical staff; able to respond quickly and effectively to changing priorities; excellent analytical, organizational, supervisory, reasoning and problem solving skills; ability to interact effectively with diverse constituencies internally and externally; ability to interface directly with executives and other senior representatives of the Federal Government and the private sector; excellent verbal and written communication skills.

Physical Mobility:  Normally sedentary with some mobility, i.e., ability to travel frequently to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings frequency; Ability to adjust to a work schedule that requires weekend and evening hours.

Environmental Conditions:  Work is usually performed in an office setting; close contact with computer for extended periods of time is required. 

Mental:  Ability to meet inflexible deadlines, remain calm during difficult situations, work under pressure and work with frequent interruptions.

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: PhD in a technical field such as computer science, information technology, electrical engineering, or equivalent combination of training or experience with five (5) years of applicable experience.

Experience:  Management experience in higher education, government, military, and/or Fortune 100 technology-based organizations is preferred.  Post-PhD experience in personally performing and publishing academic quality research.

Skills/Abilities: Ability to create and sustain academic, industrial and international research collaborations.

 

Accountability: Manage the direct reports in the area of work and the funding/budgeting required to support the direct reports. Supports the Technical Director in defining a strategic vision for the organization and articulates this vision to internal and external parties. 

Direction: Performs under minimal supervision; all normal duties and responsibilities are handled independently.  Functions within broad precedents and policies as defined by the SEI and Carnegie Mellon.

Decisions: Makes all tactical decisions for work, staff, and resources.  Works with the Technical Director for strategic planning and business development.

Supervisory Responsibilities: Determines overall staffing needs for areas of responsibility and manages the supervision of both professional and support staff, including hiring and training new staff employees; conducts performance appraisals; approves recommendations for salary increases and promotions.  Coaches, develop and motivates peers and subordinates.

 

Job Functions or Responsibilities:

50%     Develop and manage the plans, staff, resources, customers, subcontractors and collaborators to build a stable and sustainable team.

25%     Develop and grow new funding sources with customers.

15%     Support Technical Director and SEI management team in their roles to develop, manage and communicate team’s activities to the SEI’s sponsor, customers, stakeholders and staff.

10%     Pursue research and technical work and collaborations, internal and external, in cyber security or an area highly relevant to cyber security, such as software engineering, human factors, data analytics, etc.

100% Total Effort

 

Organizational Chart:  CERT Program, Director > CERT Program, Technical Director for Cyber Security Foundations > Technical Manager for Cyber Security Foundations.

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran.

 

 

14 Aug
2015
Cyber Security Engineer - 2001621
Pittsburgh, PA or Arlington, VA

Position Summary:  The CERT Division is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT® Division engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems.

The individual in this position will work as a member of the Cyber Risk Management Team within the Cyber Security Solutions Directorate.  The CRM team develops solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow organizations to identify, analyze, and manage organizational, operational, and technical risks to mission-critical assets, processes, systems, and infrastructures.  The individual will conduct applied research and perform assessments, diagnostics, and analysis techniques to better understand and mitigate risks to cyber environments and the organizational processes that depend on them.  Activities will include close work with customers from a variety of organizations, including DoD, government agencies, and commercial organizations.

 

Minimum Qualifications and Requirements:

Education/Training: BS in computer science, software engineering, information systems, or a related scientific/technical field with eight (8) years experience or equivalent combination of training and experience.

Experience: Professional experience as a system or network administrator, software engineer, information systems analyst, database administrator or similarly technical occupation. Experience with and applied knowledge in

  • Information technology and telecommunications systems
  • Cyber security, survivability, and resilience concepts and issues
  • Software and systems engineering
  • Building and maintaining DoD customer relationships
  • Data Analytics and quantitative measures
  • Strategic Planning and requirements definition
  • Process Improvement
  • Program planning, budgeting, and management         

Skills/Abilities: Must exhibit the following skills and abilities:

  • understanding of information technology and telecommunications systems
  • working knowledge of network interoperability, cyber security, and survivability issues, including cyber security best practices and standards
  • working knowledge of DHS critical infrastructure sectors and related security and resilience issues
  • working knowledge of the DoD and Agency resilience needs and cyber security roadmaps
  • development and delivery of information and infrastructure security risk and vulnerability evaluations
  • ability to conduct analytical studies and investigations
  • reasoning and problem-solving skills
  • ability to work independently with limited supervision
  • ability to interact effectively with diverse constituencies internally and externally
  • ability to work well as a member of a cooperative team; ability to work in a matrix organizational structure
  • ability to recognize and deal appropriately with confidential and sensitive information
  • ability to implement project plans, monitor project budgets, and identify and mitigate project risks
  • leadership and mentoring skills
  • excellent written and oral communication skills; ability to contribute to technical research white papers and reports; ability to prepare papers and deliver presentations to technical and non-technical audiences; ability to contribute to customer technical exchanges and marketing presentations
  • ability to work on customer sites with high-ranking members of the Federal Government and US Military to define customer requirements
  • participation in professional society activities, particularly IEEE and ACM
  • Strong interest in cyber security and critical infrastructure protection analysis basis research, applied research, and development

Physical/Mobility: Primarily sedentary in an office setting with some mobility.  Ability to travel frequently to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings.

Environmental Conditions: Close contact with computer for extended periods of time.

Mental: Strong interest in the human, managerial, and technical aspects of cyber security is critical for this position as are these abilities:

  • take or share leadership role in technical projects.
  • work meticulously with careful attention to detail.
  • meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities.
  • deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.
  • ability to understand the big picture, direction, and goals of an effort; ability to develop and communicate innovative ideas; ability to demonstrate initiative and to quickly learn new procedures, techniques, approaches, etc.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: MS in computer science, software engineering, information systems, or a related scientific/technical field with five (5) years experience or equivalent combination of training and experience. PhD in computer science, software engineering, information systems, or a related scientific/technical field with two (2) years experience or equivalent combination of training and experience.

Licenses: CISSP, CISM, GIAC, or similar; certifications from the audit discipline (such as CISA) are also acceptable.

Experience: In addition to the minimum experience above, preferred experience includes:

  • experience in both physical and cyber aspects of security; familiarity with resilience concepts.
  • familiarity with process improvement models such as CMMI or SixSigma, TQM, ISO9000, CERT-RMM.
  • familiarity with standards for measurement (including ISO 15939).
  • familiarity with NIST 800-series standards for information security.
  • familiarity with the DoD RMF standard for information assurance certification and accreditation.
  • familiarity with standards for security (ISO 27000), business continuity (BS 25999), and IT operations (ISO 20000).
  • working in a team environment on collaborative projects in critical infrastructure sectors involving network, system or data security.
  • experience employing software engineering techniques in designing and developing distributed, secure software, and experience with / knowledge of any of the following.
    • system administration
    • networking
    • firewalls, intrusion detection systems, and other security technologies
    • application development/programming
    • relational databases

Skills/Abilities: In addition to the minimum skills/abilities above, preferred skills/abilities include:

  • ability to lead work teams as needed
  • consulting skills
  • demonstrated ability to deliver coursework and training 

 

Accountability: The individual will implement and participate in the planning and execution of projects leading to technical results. The individual will also contribute to project, department, or program objectives and planning document development.  The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction: The individual is expected to act independently with general supervision and mentoring from management and more senior staff.  The individual is responsible for providing regular and timely reports on their activities and task status to both team management and project team members using established formats.

Decisions: Once projects are established, the individual is responsible for decisions on task schedules and scope of work, and is accountable for meeting established deadlines and project milestones.

Supervisory Responsibilities: This position could involve the training and oversight of the work of other staff members, graduate students, resident affiliates, visiting scientists, and independent contractors.   Depending on research project or customer workplan, position may involve task leadership.

 

Job Functions or Responsibilities:

30%     Participate in the examination, analysis, and documentation of assessments, diagnostics, and analysis techniques for information and infrastructure security; examine data on cyber security and technology risks to identify problem areas and propose  mitigation alternatives.

25%     Participate in the delivery of existing NSS cyber security, resilience, and risk assessment and analysis approaches with customers and partners;  participate in research, analysis, and documentation of cyber security issues, concerns, and risks at customer locations.

20%     Participate in research into innovative and cutting-edge tools, techniques, and methods to improve cyber security and resilience; transition research into applied knowledge for customers.

10%     Deliver courses in operational resilience management, cyber security management, and information security risk management.

5%       Contribute to conferences and meetings; participate in marketing calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.

5%       Contribute to and review the literature in cyber security, resilience, and software engineering.

5%       Provide assistance and input to other teams and projects within the SEI.

 

Organizational Chart:  Director, CERT Division > Technical Director, Cyber Security Solutions Directorate  > Deputy Director, Cyber Security Solutions Directorate  > Technical Manager, Cyber Risk Management Team > Cyber Security Engineer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

14 Aug
2015
Machine Learning Research Scientist -2001624
Pittsburgh, PA or Arlington, VA

Position Summary: A small but growing team of data-centric researchers seeks an applied statistician / data scientist to work on established projects as well as develop new ones. Examples of current projects include developing metrics and experimental designs for large-scale cybersecurity research programs, researching human-in-the-loop machine learning, and performing both exploratory and automated analysis of large corpora of cybersecurity incident data. Though you may encounter big data problems in this position, we find that many of our most interesting challenges currently stem from data quality issues and limited sample sizes. You will have the opportunity to apply, learn, and develop new technical approaches.

You will be expected to work with teams of cybersecurity domain experts as well as other statisticians, and needn’t have previous cybersecurity experience of your own. Explicitly, you will be expected to co-author research proposals and execute applied research (i.e., design research studies and study materials, collect and analyze data, author publications, and present findings to DoD sponsors and academic conferences).

 

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s degree and an academic background in machine learning, statistics, or other related quantitative field with eight (8) years of experience; Master’s degree and an academic background in machine learning, statistics, or other related quantitative field with five (5) years of experience; PhD and an academic background in machine learning, statistics, or other related quantitative field with two (2) years of experience; or equivalent combination of training and experience. Candidates without a PhD should instead have experience demonstrating their knowledge of statistical theory and ability to perform research.

Experience: Two plus (2+) years of experience using statistical methods.

Skills/Abilities: An ideal candidate will have expertise in the following areas. Experience with specific tools and methods are less important to us than evidence that you can learn new tools and methods.

Statistics:

  • Design quantitative metrics with real-world utility and validity.
  • Apply a wide range of analysis techniques to diverse, potentially underspecified real problems.
  • Find, read about and evaluate theoretical results as needed.
  • Execute experimental design basics.
  • Advise on the feasibility, needs, and design of the data-centered component of new project proposals.
  • Design and evaluate data collection strategies aligned to project goals.

Hands-on data analysis:

  • Analyze data in R, Python or similar data analysis ecosystem.
  • Comfortably use tools for reproducible, documented data analysis.
  • Rapidly clean, refactor, explore, model, plot, and merge messy raw datasets.

Collaboration:

  • Work closely with subject-matter experts.
  • Communicate with people in other fields about technical statistical concepts.

Physical / Mobility:  Normal sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community.  May require some bending, stretching, pushing as well as lifting several reams of paper, etc.

Environmental Conditions:  Close contact with computer for extended periods of time.

Mental:  Ability to: meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; work in a team environment to achieve research objectives; deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: PhD in machine learning statistics, or other related quantitative field.

Experience: Five plus (5+) years of experience in statistics or machine learning.

Skills/Abilities:

  • Strong software engineering skills
  • Cybersecurity experience
  • Experience supporting test and evaluation for large-scale government research programs.

 

Accountability:  The individual will work independently and within teams to achieve project goals.

Direction:  The individual is expected to act independently using CMU, SEI, and CERT defined policies, practices, and procedures – within the scope of assigned work.

Decisions:  The individual must be able to make decisions about the proper scope of assigned research.  This includes being able to discern applicable paper topics, making decisions regarding experimental design and methods, and exercising strong time management skills.  The individual must accurately represent the program in interactions with customers, sponsors, and the public.

Supervisory Responsibilities:  This position may involve the training and supervision of graduate students.

 

Job Functions or Responsibilities:

40%  Data analysis.

25%  Other types of research support including designing experiments and metrics.

15%  Participating in the research community, including attending and presenting at conferences, and reading and writing academic papers.

10%  Writing proposals and reports.                 

10%  Consulting and project planning with other groups in the SEI.

100% Total Effort

 

Organizational Chart:  CERT Program, Director > CERT Program, Technical Director for Cyber Security Foundations > Science of Cyber Security Research Manager > Applied Statistician / Data Scientist

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

11 Jun
2015
Cyber Security Engineer - Exercise Developer - 2001200
Pittsburgh, PA or Arlington, VA

This position has multiple openings and can be located in Pittsburgh, PA or Arlington, VA.

Position Summary:  As a member of CERT's Workforce Development program, the candidate will work with other team members in developing cyber-security training exercises and simulations, primarily for US military/government customers. This involves interacting directly with customers, gathering training requirements and objectives, producing and facilitating creative and engaging exercise scenarios, and building supporting physical and virtualized systems and network topologies. As such, the candidate will work regularly with a wide range of software and hardware technologies within CERT labs. The candidate may also assist in developing and teaching cyber security training content to external customers. The candidate will also be involved software and hardware prototype development.  Additionally, the position requires the candidate to have demonstrated and effective leadership/management abilities as he/she may supervise and evaluate full time direct reports as well as the activities of graduate student assistants. The successful candidate must be self-directed, have an interdisciplinary approach to problem solving, and work well communicating technical information to technical and non-technical users. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner.

 

Minimum Qualifications and Requirements:

Education/Training:  Bachelor’s degree in Computer Science, Information Science, or related discipline with three (3) years applicable working experience in information technology, Master’s degree in Computer Science, Information Science, or related discipline with one (1) years of applicable working experience in information technology, or equivalent combination of training or experience.

Experience: Successful candidates must possess "hands-on" experience with Computer/Network Security and I.T. system and network administration. Additionally, he/she must have practical experience with Windows server and desktop platforms and Linux/Unix operating systems. The candidate must have experience in network design and troubleshooting and implementing standard networking protocols. Additionally, demonstrated practical experience working with common commercial and open-source cyber security tools is required. The candidate should have some experience teaching technical content to students, peers, and non-technical individuals and must enjoy doing so.

Skills/Abilities: Candidate must be able to prioritize workload and complete deliverables on time, have good technical problem-solving skills, strong analytical and information organization skills, excellent oral and written communication skills, and strong technical teaching skills. Candidate must be able to multitask and work effectively with multiple project teams and sponsors/customers. Experience with virtualization technologies, particularly VMWare ESX server is highly desired. Programming experience in C, C++, C#, Python, and Java is also highly desirable.

Physical Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites.

Environmental Conditions: Close contact with computer for long periods of time.

Mental: Ability to pay close attention to detail, meet deadlines, work under pressure, and communicate effectively.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training: BS and MS in Computer Science; training in enterprise security tools (i.e. McAfee ePO/HIPS, ArcSight, etc.)

Licenses: CISSP, Network+, Security+ and/or other industry standard certifications

Experience: US military service in a series of positions involving information technology, cyber security, and management of large scale government networks.

Skills/Abilities: Strong presentation/platform skills and excellent writing skills.

 

Accountability:  The incumbent is accountable for the definition, creation, and maintenance of final deliverables and products and may manage unclassified/classified DoD projects in excess of $3M annually.

Direction:  The incumbent is expected to act independently using CMU and SEI defined policies, practices, and procedures.

Decisions: The incumbent must use good judgment to solve customer and personnel problems and is required to envision, design, develop, pilot, and deliver new capabilities, products, and services.  Candidate will also be required to accurately represent SEI/CERT and its technical work in interactions with customers, sponsors, and the public.

Supervisory Responsibilities:  The incumbent may have at least 2 direct reports as well as up to 15 secondary reports and will be required to provide performance management, career guidance, and take personnel corrective actions as required.

 

Job Functions or Responsibilities:

10%      Design and develop technical documents and instructional materials.

10%      Research, evaluate, develop, install/configure hardware and software including promising new technologies that require examination for cyber security research and development.

10%      Deliver technical and management training to customers.

55%      Mentor, guide and interact with team and other staff.

15%      Contribute to transition planning and strategy.

100% TOTAL EFFORT

 

Organizational Chart: Director, CERT Division < Technical Director, Cyber Security Solutions Directorate < Technical Manager, Cyber Workforce Development Initiative < Cyber Workforce Development Team Lead < Cyber Security Engineer - Exercise Developer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

11 Jun
2015
Cyber Security Engineer - Exercise Developer - 2001201
Pittsburgh, PA or Arlington, VA

This position has multiple openings and can be located in Pittsburgh, PA or Arlington, VA.

Position Summary:  As a member of CERT's Workforce Development program, the candidate will work with other team members in developing cyber-security training exercises and simulations, primarily for US military/government customers. This involves interacting directly with customers, gathering training requirements and objectives, producing and facilitating creative and engaging exercise scenarios, and building supporting physical and virtualized systems and network topologies. As such, the candidate will work regularly with a wide range of software and hardware technologies within CERT labs. The candidate may also assist in developing and teaching cyber security training content to external customers. The candidate will also be involved software and hardware prototype development.  Additionally, the position requires the candidate to have demonstrated and effective leadership/management abilities as he/she may supervise and evaluate full time direct reports as well as the activities of graduate student assistants. The successful candidate must be self-directed, have an interdisciplinary approach to problem solving, and work well communicating technical information to technical and non-technical users. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner.

 

Minimum Qualifications and Requirements:

Education/Training:  Bachelor’s degree in Computer Science, Information Science, or related discipline with eight (8) years applicable working experience in information technology, Master’s degree in Computer Science, Information Science, or related discipline with three (3) years of applicable working experience in information technology, PhD Computer Science, Information Science, or related discipline with one (1) year of applicable working experience in information technology, or equivalent combination of training or experience.

Experience: Successful candidates must possess "hands-on" experience with Computer/Network Security and I.T. system and network administration. Additionally, he/she must have practical experience with Windows server and desktop platforms and Linux/Unix operating systems. The candidate must have experience in network design and troubleshooting and implementing standard networking protocols. Additionally, demonstrated practical experience working with common commercial and open-source cyber security tools is required. The candidate should have some experience teaching technical content to students, peers, and non-technical individuals and must enjoy doing so.

Skills/Abilities: Candidate must be able to prioritize workload and complete deliverables on time, have good technical problem-solving skills, strong analytical and information organization skills, excellent oral and written communication skills, and strong technical teaching skills. Candidate must be able to multitask and work effectively with multiple project teams and sponsors/customers. Experience with virtualization technologies, particularly VMWare ESX server is highly desired. Programming experience in C, C++, C#, Python, and Java is also highly desirable.

Physical Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites.

Environmental Conditions: Close contact with computer for long periods of time.

Mental: Ability to pay close attention to detail, meet deadlines, work under pressure, and communicate effectively.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training: BS and MS in Computer Science; training in enterprise security tools (i.e. McAfee ePO/HIPS, ArcSight, etc.)

Licenses: CISSP, Network+, Security+ and/or other industry standard certifications

Experience: US military service in a series of positions involving information technology, cyber security, and management of large scale government networks.

Skills/Abilities: Strong presentation/platform skills and excellent writing skills.

 

Accountability:  The incumbent is accountable for the definition, creation, and maintenance of final deliverables and products and may manage unclassified/classified DoD projects in excess of $3M annually.

Direction:  The incumbent is expected to act independently using CMU and SEI defined policies, practices, and procedures.

Decisions: The incumbent must use good judgment to solve customer and personnel problems and is required to envision, design, develop, pilot, and deliver new capabilities, products, and services.  Candidate will also be required to accurately represent SEI/CERT and its technical work in interactions with customers, sponsors, and the public.

Supervisory Responsibilities:  The incumbent may have at least 2 direct reports as well as up to 15 secondary reports and will be required to provide performance management, career guidance, and take personnel corrective actions as required.

 

Job Functions or Responsibilities:

10%      Design and develop technical documents and instructional materials.

10%      Research, evaluate, develop, install/configure hardware and software including promising new technologies that require examination for cyber security research and development.

10%      Deliver technical and management training to customers.

55%      Mentor, guide and interact with team and other staff.

15%      Contribute to transition planning and strategy.

100% TOTAL EFFORT

 

Organizational Chart: Director, CERT Division < Technical Director, Cyber Security Solutions Directorate < Technical Manager, Cyber Workforce Development Initiative < Cyber Workforce Development Team Lead < Cyber Security Engineer - Exercise Developer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

05 Jun
2015
Information Security Critical Infrastructure Analyst - 2001121
Pittsburgh, PA

Position Summary: The CERT Program is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Program engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems.  The individual in this position will work as a member of the Critical Resilience Center within the Networked Systems Survivability Program. The CRC team develops solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow organizations to identify, analyze, and manage organizational, operational, and technical risks to mission-critical assets, processes, systems, and infrastructures. The individual will conduct applied research and perform assessments, diagnostics, and analysis techniques to better understand and mitigate risks to cyber environments and the organizational processes that depend on them. Activities will include close work with customers from a variety of organizations, including DoD, government agencies, and commercial organizations.

 

Minimum Qualifications and Requirements:

Education/Training: BS in computer science, software engineering, information systems, or a related scientific/technical field with eight (8) years’ experience.

Licenses: CISSP or CISA

Experience: Professional experience in Industrial Control Systems Security in the Water, Chemical, or Energy Sectors. Operational experience in Critical Infrastructure. Experience with and applied knowledge in: data Analysis, Statistics, and Statistical Tools for quantitative methods; information technology and telecommunications systems; cyber security, survivability, and resilience concepts and issues; critical Infrastructure and Key Resources; software and systems engineering.

Skills/Abilities: Must exhibit the following skills and abilities: understanding of information technology and telecommunications systems; working knowledge of network interoperability, cyber security, and survivability issues, including cyber security best practices and standards; working knowledge of DHS critical infrastructure sectors and related security and resilience issues; development and delivery of information and infrastructure security risk and vulnerability evaluations; ability to conduct analytical studies and investigations; reasoning and problem-solving skills; ability to work independently with limited supervision; ability to interact effectively with customer and to represent the SEI and its capabilities; ability to work well as a member of a cooperative team; ability to work in a matrix organizational structure; ability to recognize and deal appropriately with confidential and sensitive information; ability to implement project plans, monitor project budgets, and identify and mitigate project risks; leadership and mentoring skills; excellent written and oral communication skills; ability to contribute to technical research white papers and reports; ability to prepare papers and deliver presentations to technical and non-technical audiences; ability to contribute to customer technical exchanges and marketing presentations; participation in professional society activities, particularly IEEE and ACM.

Physical/Mobility: Primarily sedentary in an office setting with some mobility. Ability to travel frequently to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings.

Environmental Conditions: Close contact with computer for extended periods of time.

Mental: Strong interest in the human, managerial, and technical aspects of cyber security is critical for this position as are these abilities: take or share leadership role in technical projects; work meticulously with careful attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to understand the big picture, direction, and goals of an effort; ability to develop and communicate innovative ideas; ability to demonstrate initiative and to quickly learn new procedures, techniques, approaches, etc.

Other: Strong interest in cyber security and critical infrastructure protection analysis basis research, applied research, and development.  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information, and maintain that clearance as a condition of employment.   

 

Preferred Qualifications and Requirements:

Education/Training: MS in computer science, software engineering, information systems, or a related scientific/technical field with five (5) years’ experience.  PhD in computer science, software engineering, information systems, or a related scientific/technical field with two (2) years’ experience.

Licenses: CISSP, CISM, GIAC, or similar; certifications from the audit discipline (such as CISA) are also acceptable.

Experience: In addition to the minimum experience above, preferred experience includes: experience in both physical and cyber aspects of security; familiarity with resilience concepts; familiarity with process improvement models such as CMMI or SixSigma, TQM, ISO9000, CERT-RMM; familiarity with standards for measurement (including ISO 15939); familiarity with NIST 800-series standards for information security; familiarity with the DoD DIACAP standard for information assurance certification and accreditation; familiarity with standards for security (ISO 27000), business continuity (BS 25999), and IT operations (ISO 20000); working in a team environment on collaborative projects in critical infrastructure sectors involving network, system or data security; experience employing software engineering techniques in designing and developing distributed, secure software, and experience with / knowledge of any of the following; system administration; networking; firewalls, intrusion detection systems, and other security technologies; application development/programming; relational databases.

Skills/Abilities: In addition to the minimum skills/abilities above, preferred skills/abilities include: ability to lead work teams as needed; consulting skills; demonstrated ability to deliver coursework and training.

 

Accountability: The individual will implement and participate in the planning and execution of projects leading to technical results. The individual will also contribute to project, department, or program objectives and planning document development. The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction: The individual is expected to act independently using CMU, SEI, and CERT defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual must make sound technical decisions with little supervision. The individual must accurately represent the program in interactions with customers, sponsors, and the public. The individual is expected to perform analysis on-site at customer locations and immediately assess potential vulnerabilities requiring further investigation.

Supervisory Responsibilities: This position could involve the training and oversight of the work of other staff members, graduate students, resident affiliates, visiting scientists, and independent contractors. Depending on research project or customer work plan, position may involve task leadership.

 

Job Functions or Responsibilities:

30%     Participate in the examination, analysis, and documentation of assessments, diagnostics, and analysis techniques for information and infrastructure security; examine data on cyber security and technology risks to identify problem areas and propose mitigation alternatives.

25%     Participate in the delivery of existing CERT cyber security, resilience, and risk assessment and analysis approaches with customers and partners; participate in research, analysis, and documentation of cyber security issues, concerns, and risks at customer locations.

20%     Participate in research into innovative and cutting-edge tools, techniques, and methods to improve cyber security and resilience; transition research into applied knowledge for customers.

10%     Deliver courses in operational resilience management, cyber security management, and information security risk management.

5%       Contribute to conferences and meetings; participate in marketing calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.

5%       Contribute to and review the literature in cyber security, resilience, and software engineering.

5%       Provide assistance and input to other teams and projects within the SEI.

100% Total Effort

Organizational Chart: Director CERT Program > Technical Director, Cyber Enterprise and Workforce Management Directorate > Technical Manager, Cyber Resilience Center Team > Information Security Critical Infrastructure Analyst

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

05 Jun
2015
Cyber Security Engineer - Exercise Developer - 2001122
Fort George G. Meade

Position Summary:  As a member of CERT's Workforce Development program, the candidate will work with other team members in developing cyber-security training exercises and simulations, primarily for US military/government customers. This involves interacting directly with customers, gathering training requirements and objectives, producing and facilitating creative and engaging exercise scenarios, and building supporting physical and virtualized systems and network topologies. As such, the candidate will work regularly with a wide range of software and hardware technologies within CERT labs. The candidate may also assist in developing and teaching cyber security training content to external customers. The candidate will also be involved software and hardware prototype development.  Additionally, the position requires the candidate to have demonstrated and effective leadership/management abilities as he/she may supervise and evaluate full time direct reports as well as the activities of graduate student assistants. The successful candidate must be self-directed, have an interdisciplinary approach to problem solving, and work well communicating technical information to technical and non-technical users. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner.

 

Minimum Qualifications and Requirements:

Education/Training:  Bachelor’s degree in Computer Science, Information Science, or related discipline with eight (8) years applicable working experience in information technology, Master’s degree in Computer Science, Information Science, or related discipline with five (5) years of applicable working experience in information technology, PhD Computer Science, Information Science, or related discipline with two (2) years of applicable working experience in information technology, or equivalent combination of training or experience.

Experience: Successful candidates must possess "hands-on" experience with Computer/Network Security and I.T. system and network administration. Additionally, he/she must have practical experience with Windows server and desktop platforms and Linux/Unix operating systems. The candidate must have experience in network design and troubleshooting and implementing standard networking protocols. Additionally, demonstrated practical experience working with common commercial and open-source cyber security tools is required. The candidate should have some experience teaching technical content to students, peers, and non-technical individuals and must enjoy doing so.

Skills/Abilities: Candidate must be able to prioritize workload and complete deliverables on time, have good technical problem-solving skills, strong analytical and information organization skills, excellent oral and written communication skills, and strong technical teaching skills. Candidate must be able to multitask and work effectively with multiple project teams and sponsors/customers. Experience with virtualization technologies, particularly VMWare ESX server is highly desired. Programming experience in C, C++, C#, Python, and Java is also highly desirable.

Physical Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites.

Environmental Conditions: Close contact with computer for long periods of time.

Mental: Ability to pay close attention to detail, meet deadlines, work under pressure, and communicate effectively.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training: BS and MS in Computer Science; training in enterprise security tools (i.e. McAfee ePO/HIPS, ArcSight, etc.).

Licenses: CISSP, Network+, Security+ and/or other industry standard certifications.

Experience: US military service in a series of positions involving information technology, cyber security, and management of large scale government networks.

Skills/Abilities: Strong presentation/platform skills and excellent writing skills.

 

Accountability:  The incumbent is accountable for the definition, creation, and maintenance of final deliverables and products and may manage unclassified/classified DoD projects in excess of $3M annually.

Direction:  The incumbent is expected to act independently using CMU and SEI defined policies, practices, and procedures.

Decisions: The incumbent must use good judgment to solve customer and personnel problems and is required to envision, design, develop, pilot, and deliver new capabilities, products, and services.  Candidate will also be required to accurately represent SEI/CERT and its technical work in interactions with customers, sponsors, and the public.

Supervisory Responsibilities:  The incumbent may have at least 2 direct reports as well as up to 15 secondary reports and will be required to provide performance management, career guidance, and take personnel corrective actions as required.

 

Job Functions or Responsibilities:

10%      Design and develop technical documents and instructional materials.

10%      Research, evaluate, develop, install/configure hardware and software including promising new technologies that require examination for cyber security research and development.

10%      Deliver technical and management training to customers.

55%      Mentor, guide and interact with team and other staff.

15%      Contribute to transition planning and strategy.

100% TOTAL EFFORT

 

Organizational Chart: Director, CERT Division < Technical Director, Cyber Security Solutions Directorate < Technical Manager, Cyber Workforce Development Initiative < Cyber Workforce Development Team Lead < Cyber Security Engineer - Exercise Developer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

20 May
2015
Cyber Operations Trainer - 2000969
Arlington, VA

Position Summary:  This position is with the CERT Coordination Center (CERT/CC) at the Software Engineering Institute (SEI) of Carnegie Mellon University. The CERT/CC is world renowned for excellence in neutral, unbiased expert analysis and opinion on technical issues involving cyber security, and has played a key role in internet security since 1988. The location for the position will be at the SEI office in Arlington, Virginia.

Role: This position is highly technical, and will involve developing and providing technical training to security professionals working with the Department of Homeland Security (DHS), Critical Infrastructure and Key Resources (CIKR) entities, Department of Defense (DoD) and other security and governmental organizations. Works closely with senior staff to develop and deliver technical training to sponsor cyber operations centers.

Explores new and innovative ways in which SEI's technical competencies and capabilities can be applied to current and future technical challenges faced by the constituency. This includes, but is not limited to areas such as malicious code, vulnerability, network traffic, and incident analysis.

 

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science or a related field with three (3) years of experience; MS in Computer Science or related scientific/technical field with one (1) year experience; or equivalent combination of training and experience.

Experience: Candidate should possess one to three (1-3) years’ experience in teaching technical material to small groups developing technical training basic system, network, and/or malware analysis customer service

Skills/Abilities: Successful candidate must:

  • possess excellent analytical and technical problem-solving skills;

  • possess strong customer service skills;

  • have experience in basic scripting and/or programming in a high level language;

  • have significant understanding of and practical experience with various Internet protocols (e.g., TCP/IP, DNS, SMTP, BGP).

Have an excellent understanding of:

  • host/operating system security issues;

  • network security architecture and security issues at all protocol layers;

  • incident response methodology and practices;

  • must have strong written and oral communications skills as well as good interpersonal skills.

Physical Mobility: Primarily sedentary, long periods of sitting; ability to travel to various locations within the SEI and Carnegie Mellon community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions:  Normal office conditions, close contact with computer for prolonged periods of time.

Mental: Ability to work with changing priorities, work meticulously with careful attention to detail, and meet inflexible deadlines.             

Other:    U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science or related field with 3 years applicable experience.

Licenses: Information systems security, incident response and analysis, and other similar certifications are desired.

Experience: Ideal candidates will have 3-5 years’ experience in teaching technical material to small groups training requirements solicitation developing technical training advanced system, network, and/or malware analysis customer service.

 

Accountability: The individual is accountable for Active participation in the development of training materials and delivering technical training as primary or secondary instructor.

Direction: The individual is expected to act with minimal direction using CMU, SEI, , and CERT defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual is expected to participate in the decision-making and problem-solving processes of basic requirements elicitation and validation develop new training materials based on customer requirements.

Supervisory Responsibilities: This position does not formally supervise others.

 

Job Functions or Responsibilities:

60%  Develop and update training materials and related documentation.

25%  Deliver technical training to sponsors.

15% Work directly with SEI staff supporting the community with incident, vulnerability, network, or malicious code analysis work, primarily to maintain and grow candidate skill set.

100%      Total Effort

 

Organizational Chart: CERT Program Director > CERT/CC Technical Director > CERT/CC CSIRT Operations Technical Manager > OAT Team Lead > Cyber Operations Trainer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

23 Apr
2015
Cybersecurity Community Developer - 2000854
Arlington, VA

Position Summary: This position is with the CERT Coordination Center (CERT/CC) at the Software Engineering Institute (SEI) of Carnegie Mellon University. The CERT Coordination Center is world renowned for excellence in neutral, unbiased expert analysis and opinion on technical issues involving cyber security and has played a key role in internet security since 1988.

This position is a technical position which also requires extensive customer and community interaction.  It will involve working with several key government stakeholders to include the Department of Homeland Security (DHS) and Department of Defense (DoD).  It will also require working closely with private sector organizations, specifically critical infrastructure and key resources, to build effective shared analysis and collaboration capabilities to better their organizations and national security interests from cyber-attacks and threats.  

Role:

As a Cybersecurity Community Developer, you will work closely with the cyber security analysts in the public and private sectors to define and implement effective information and cyber analysis capabilities supporting incident analysis and response activities for organizations with national or economic security impact. You will often collaborate with these entities to develop processes and models for effective incident information analysis, technical mitigation development, and product development for dissemination to designated stakeholders.  You will also work with mature critical owner/operators and government stakeholders to develop models for sector-wide cybersecurity information sharing and analysis capabilities.

This position will be responsible the development and delivery of key strategic projects in support of the CERT/CC Incident Analysis team. The candidate selected for this role will also act as a liaison between the CERT/CC and its sponsors for strategic projects, ensuring complete understanding of sponsor requirements. As appropriate, you will work with CERT/CC Incident Analysis team leadership to identify and leverage internal and external resources to meet project timelines, and will perform technical work to contribute to the deliverables.

In addition, you will have an opportunity to explore new and innovative ways in which SEI's technical competencies and capabilities can be applied to current and future technical challenges faced by the constituency. This includes, but is not limited to areas such as malicious code, vulnerability, network traffic, and incident analysis.

Responsibilities:

  • Develop model for information sharing and analysis capabilities in support of the critical infrastructure sectors to include gathering requirements and developing models for capabilities to meet those requirements.

  • Provide CERT/CC and DHS leadership with situational awareness of team strategic projects, and respond appropriately to changing priorities or requirements.

  • Develop and maintain collaborative relationships with sponsors and partners and assisting them in strengthening their analysis and cyber defense capabilities, providing on-site support as necessary.

  • Foster collaboration and information sharing amongst entities within the community.

  • Explore new ways to leverage and apply SEI's expertise to protect the infrastructure of critical infrastructure and other national security interests.

  • Work to continually improve the tools, processes, and systems utilized within the community.

 

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science Information Science, Information Systems Management with eight (8) years applicable experience; or MS with five (5) years of experience.

Experience: Must have experience participating on cross-functional, high technology teams, should be able to operate effectively with all organizations within the cybersecurity community.  Must have understanding of the DoD, DHS and critical infrastructure cybersecurity communities.  Successful candidates should possess “hands-on” experience with computer/network security and IT system and network administration.  The individual must possess knowledge/experience in network design and troubleshooting and have deep knowledge of standard networking protocols.

Skills/Abilities:  Successful candidates will:

  • possess excellent analytical and problem-solving skills;

  • have a strong interest in and basic knowledge of network and computer operations and security issues;

  • be able to make decisions independently and in a self-directed manner in support of the goals of the team and organization;

  • be motivated to tackle challenging problems, and leverage subject matter expertise when available and appropriate;

  • have excellent organizational skills;

  • be able to work meticulously with careful attention to detail;

  • strong customer service skills;

  • ability to work in a team environment with other team members with variety of skills;

  • ability to work remotely or with minimal direct supervision and represent CERT/CC and SEI capabilities to the sponsor;

  • be able to communicate effectively within a team environment;

  • be able to effectively prioritize work;

  • be able to develop and explain technical decisions;

  • recognize and deal appropriately with confidential and sensitive information;

  • interact effectively with technical and non-technical audiences via both verbal and written communications;

  • be able to quickly learn new procedures, techniques, and approaches.

Physical Mobility: Primarily sedentary, long periods of sitting; ability to travel to various locations within the SEI and Carnegie Mellon community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions:  Normal office conditions; however close contact with computer for prolonged periods of time.

Mental: Ability to work under pressure and changing priorities; pay attention to detail; meet inflexible deadlines; deal with difficult individuals while maintaining composure.       

Other:    U.S. Citizenship is required. Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information. This position will work full-time in the Pittsburgh SEI CERT/CC location. Candidate will be required to travel on overnight assignments.

 

Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science Information Science, Information Systems Management with six years applicable experience.

Licenses: Current Information System Security Profession (CISSP) or similar certification, Project Management Professional (PMP).

Experience: Ideal candidates will have experience or substantial knowledge in many of the following additional areas:

  • three to five (3-5( of experience in security aspects of system and/or network administration in a U.S. government agency or contractor environment and/or 5 years of experience as a cyber (technical) analyst in an intelligence, counterintelligence or law enforcement role;

  • experience drafting and formatting technical threat intelligence reports and conduct correlating research using multiple formatted and unformatted data sources;

  • experience developing materials for senior leadership in government or industry;

  • experience developing and implementing information security policies and standard operating procedures;

  • advanced understanding of security vulnerabilities;

  • practical network security training (e.g. SANS GIAC Level 2 courses, CCNP, CCIE Security);

  • advanced forensic or digital media analysis experience.

Skills/Abilities:  Preferred candidates will have the ability to adjust quickly to shifting priorities and make quick decisions with limited information.

 

Accountability: Contributes to program objectives and plans development.  Maintains confidentiality of sensitive information such as security, vulnerability, and site information.

Direction:  Performs under minimal supervision, independent judgment is encouraged.  Most normal duties and responsibilities are handled independently with the use of established procedures and policies.  Difficult or unique situations are referred to the supervisor. Ability to work directly on-site at a customer location with minimal direct supervision from direct supervisor.

Decisions:  Must accurately analyze data from multiple sources, generate defensible results, and represent them in interactions with customers, sponsors, and the public. Participate in conferences and workshops where security-related issues are discussed as required.

Supervisory Responsibilities:  This position has no supervisory responsibilities.

 

Job Functions or Responsibilities:

80%      Develop model for information sharing and analysis capabilities to include gathering requirements and developing models for capabilities to meet those requirements. Manage projects, including production of standardized reports, metrics, project status, and other reports as required. Coordinate and collaborate with partner and counterpart organizations. Deliver reports, briefings, and assessments to leadership, facilitating understanding of cyber threat entities and environments. Support information assurance and cyber threat mitigation decision-making.

15%      Work to build collaborative relationships and foster information sharing among partner entities in the interest of improving cyber analysis and response capabilities.

5%       Developing knowledge and understanding of SEI capabilities; learning how SEI capabilities can be applied to customer problems.

100%      Total Effort

 

Organizational Chart: CERT Program Director > Cyber Threat and Vulnerability Analysis CERT/CC Tech Director > CERT/CC Incident Analysis Technical Manager > Cybersecurity Community Developer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

23 Apr
2015
Senior Cyber Security Engineer - 2000852
Pittsburgh, PA or Arlington, VA

Position Summary: The CERT Division is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Division engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems.

The individual in this position will work as a member of the Cyber Risk Management Team within the Cyber Security Solutions Directorate.  The CRM team develops solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow organizations to identify, analyze, and manage organizational, operational, and technical risks to mission-critical assets, processes, systems, and infrastructures.  The individual will conduct applied research and perform assessments, diagnostics, and analysis techniques to better understand and mitigate risks to cyber environments and the organizational processes that depend on them.  Activities will include close work with customers from a variety of organizations, including DoD, government agencies, and commercial organizations.

 

Minimum Qualifications and Requirements:

Education/Training: BS in computer science, software engineering, information systems, or a related scientific/technical field with ten (10) years’ experience, or equivalent combination of training and experience.

Experience: Professional experience as a system or network administrator, software engineer, information systems analyst, database administrator or similarly technical occupation. Experience with and applied knowledge in:

  • information technology and telecommunications systems;

  • cyber security, survivability, and resilience concepts and issues;

  • software and systems engineering;

  • building and maintaining DoD customer relationships;

  • data Analytics and quantitative measures;

  • strategic Planning and requirements definition;

  • process Improvement;

  • program planning, budgeting, and management.           

Skills/Abilities:  Must exhibit the following skills and abilities:

  • understanding of information technology and telecommunications systems;

  • working knowledge of network interoperability, cyber security, and survivability issues, including cyber security best practices and standards;

  • working knowledge of DHS critical infrastructure sectors and related security and resilience issues;

  • working knowledge of the DoD and Agency resilience needs and cyber security roadmaps;

  • development and delivery of information and infrastructure security risk and vulnerability evaluations;

  • ability to conduct analytical studies and investigations;

  • reasoning and problem-solving skills;

  • ability to work independently with limited supervision;

  • ability to interact effectively with diverse constituencies internally and externally;

  • ability to work well as a member of a cooperative team; ability to work in a matrix organizational structure;

  • ability to recognize and deal appropriately with confidential and sensitive information;

  • ability to implement project plans, monitor project budgets, and identify and mitigate project risks;

  • leadership and mentoring skills;

  • excellent written and oral communication skills; ability to contribute to technical research white papers and reports; ability to prepare papers and deliver presentations to technical and non-technical audiences; ability to contribute to customer technical exchanges and marketing presentations;

  • ability to work on customer sites with high-ranking members of the Federal Government and US Military to define customer requirements;

  • participation in professional society activities, particularly IEEE and ACM.

Physical/Mobility: Primarily sedentary in an office setting with some mobility.  Ability to travel frequently to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings.

Environmental Conditions: Close contact with computer for extended periods of time.

Mental: Strong interest in the human, managerial, and technical aspects of cyber security is critical for this position as are these abilities:

  • take or share leadership role in technical projects;

  • work meticulously with careful attention to detail;

  • meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities;

  • deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff;

  • ability to understand the big picture, direction, and goals of an effort; ability to develop and communicate innovative ideas; ability to demonstrate initiative and to quickly learn new procedures, techniques, approaches, etc.

Other:  Strong interest in cyber security and critical infrastructure protection analysis basis research, applied research, and development. U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements

Education/Training: MS in computer science, software engineering, information systems, or a related scientific/technical field with eight (8) years’ experience; PhD in computer science, software engineering, information systems, or a related scientific/technical field with five (5) years’ experience, or equivalent combination of training and experience.

Licenses: CISSP, CISM, GIAC, or similar; certifications from the audit discipline (such as CISA) are also acceptable.

Experience: In addition to the minimum experience above, preferred experience includes:

  • experience in both physical and cyber aspects of security; familiarity with resilience concepts;

  • familiarity with process improvement models such as CMMI or SixSigma, TQM, ISO9000, CERT-RMM;

  • familiarity with standards for measurement (including ISO 15939);

  • familiarity with NIST 800-series standards for information security;

  • familiarity with the DoD DIACAP standard for information assurance certification and accreditation;

  • familiarity with standards for security (ISO 27000), business continuity (BS 25999), and IT operations (ISO 20000);

  • working in a team environment on collaborative projects in critical infrastructure sectors involving network, system or data security.

Experience employing software engineering techniques in designing and developing distributed, secure software, and experience with / knowledge of any of the following:

  • system administration:

  • firewalls, intrusion detection systems, and other security technologies:

  • application development/programming:

  • relational databases.

Skills/Abilities: In addition to the minimum skills/abilities above, preferred skills/abilities include:

  • ability to lead work teams as needed;

  • consulting skills;

  • demonstrated ability to deliver coursework and training.

 

Accountability:  The individual will implement and participate in the planning and execution of projects leading to technical results. The individual will also contribute to project, department, or program objectives and planning document development.  The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction:  The individual is expected to act independently using CMU, SEI, and NSS defined policies, practices, and procedures – within the scope of assigned work.

Decisions:  The individual must make sound technical decisions with little supervision. The individual must accurately represent the program in interactions with customers, sponsors, and the public. The individual is expected to perform analysis on-site at customer locations and immediately assess potential vulnerabilities requiring further investigation. 

Supervisory Responsibilities:  This position could involve the training and oversight of the work of other staff members, graduate students, resident affiliates, visiting scientists, and independent contractors.   Depending on research project or customer work plan, position may involve task leadership.

 

Job Functions or Responsibilities:

30%        Participate in the examination, analysis, and documentation of assessments, diagnostics, and analysis techniques for information and infrastructure security; examine data on cyber security and technology risks to identify problem areas and propose mitigation alternatives.

25%        Participate in the delivery of existing NSS cyber security, resilience, and risk assessment and analysis approaches with customers and partners;  participate in research, analysis, and documentation of cyber security issues, concerns, and risks at customer locations.

20%        Participate in research into innovative and cutting-edge tools, techniques, and methods to improve cyber security and resilience; transition research into applied knowledge for customers.

10%        Deliver courses in operational resilience management, cyber security management, and information security risk management.

5%          Contribute to conferences and meetings; participate in marketing calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.

5%          Contribute to and review the literature in cyber security, resilience, and software engineering.

5%          Provide assistance and input to other teams and projects within the SEI.

100% TOTAL EFFORT

 

Organizational ChartDirector, CERT Division > Technical Director, Cyber Security Solutions Directorate > Deputy Director, Cyber Security Solutions Directorate > Technical Manager, Cyber Risk Management Team > Senior Cyber Security Engineer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

23 Apr
2015
Applied Statistician / Data Scientist - 2000855
Pittsburgh, PA or Arlington, VA

Position Summary: A small but growing team of data-centric researchers seeks an applied statistician / data scientist to work on established projects as well as develop new ones. Examples of current projects include developing metrics and experimental designs for large-scale cybersecurity research programs, researching human-in-the-loop machine learning, and performing both exploratory and automated analysis of large corpora of cybersecurity incident data. Though you may encounter big data problems in this position, we find that many of our most interesting challenges currently stem from data quality issues and limited sample sizes. You will have the opportunity to apply, learn, and develop new technical approaches.

You will be expected to work with teams of cybersecurity domain experts as well as other statisticians, and needn’t have previous cybersecurity experience of your own. Explicitly, you will be expected to co-author research proposals and execute applied research (i.e., design research studies and study materials, collect and analyze data, author publications, and present findings to DoD sponsors and academic conferences).

 

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s degree and an academic background in machine learning, statistics, or other related quantitative field with eight (8) years of experience; Master’s degree and an academic background in machine learning, statistics, or other related quantitative field with five (5) years of experience; PhD and an academic background in machine learning, statistics, or other related quantitative field with two (2) years of experience; or equivalent combination of training and experience. Candidates without a PhD should instead have experience demonstrating their knowledge of statistical theory and ability to perform research.

Experience: Two plus (2+) years of experience using statistical methods.

Skills/Abilities: An ideal candidate will have expertise in the following areas. Experience with specific tools and methods are less important to us than evidence that you can learn new tools and methods.

Statistics:

  • Design quantitative metrics with real-world utility and validity.
  • Apply a wide range of analysis techniques to diverse, potentially underspecified real problems.
  • Find, read about and evaluate theoretical results as needed.
  • Execute experimental design basics.
  • Advise on the feasibility, needs, and design of the data-centered component of new project proposals.
  • Design and evaluate data collection strategies aligned to project goals.

Hands-on data analysis:

  • Analyze data in R, Python or similar data analysis ecosystem.
  • Comfortably use tools for reproducible, documented data analysis.
  • Rapidly clean, refactor, explore, model, plot, and merge messy raw datasets.

Collaboration:

  • Work closely with subject-matter experts.
  • Communicate with people in other fields about technical statistical concepts.

Physical / Mobility:  Normal sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community.  May require some bending, stretching, pushing as well as lifting several reams of paper, etc.

Environmental Conditions:  Close contact with computer for extended periods of time.

Mental:  Ability to: meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; work in a team environment to achieve research objectives; deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training: PhD in machine learning statistics, or other related quantitative field.

Experience: Five plus (5+) years of experience in statistics or machine learning.

Skills/Abilities:

  • Strong software engineering skills
  • Cybersecurity experience
  • Experience supporting test and evaluation for large-scale government research programs.

 

Accountability:  The individual will work independently and within teams to achieve project goals.

Direction:  The individual is expected to act independently using CMU, SEI, and CERT defined policies, practices, and procedures – within the scope of assigned work.

Decisions:  The individual must be able to make decisions about the proper scope of assigned research.  This includes being able to discern applicable paper topics, making decisions regarding experimental design and methods, and exercising strong time management skills.  The individual must accurately represent the program in interactions with customers, sponsors, and the public.

Supervisory Responsibilities:  This position may involve the training and supervision of graduate students.

 

Job Functions or Responsibilities:

40%  Data analysis.

25%  Other types of research support including designing experiments and metrics.

15%  Participating in the research community, including attending and presenting at conferences, and reading and writing academic papers.

10%  Writing proposals and reports.                 

10%  Consulting and project planning with other groups in the SEI.

100% Total Effort

 

Organizational Chart:  CERT Program, Director > CERT Program, Technical Director for Cyber Security Foundations > Science of Cyber Security Research Manager > Applied Statistician / Data Scientist

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

16 Apr
2015
Computer Security Information Analyst - 2000827
Pittsburgh, PA or Arlington, VA

Position Summary: This position is with the CERT Coordination Center (CERT/CC) at the Software Engineering Institute (SEI) of Carnegie Mellon University. The CERT/CC is world renowned for excellence in neutral, unbiased expert analysis and opinion on technical issues involving cyber security, and has played a key role in internet security since 1988. The location for the position will be at or near the SEI office in Arlington, Virginia. This position is highly technical, and will involve working with the Department of Homeland Security (DHS), Critical Infrastructure and Key Resources (CIKR) entities, and other security and governmental organizations to build effective information sharing and analysis capabilities to better protect national security interests from computer security threats.

Role: As a Computer Security Information Analyst, the successful candidate will work closely with cyber security analysts in the public and private sectors on a team supporting cyber information and analysis capability sharing to support risk management, incident analysis, and response activities. You will often collaborate with these entities to analyze incident and threat information, develop technical mitigations, and produce reporting to disseminate this information to designated stakeholders.

In addition, you will have an opportunity to explore new and innovative ways in which SEI's technical competencies and capabilities can be applied to current and future technical challenges faced by the constituency. This includes, but is not limited to areas such as malicious code, vulnerability, network traffic, and incident analysis.

Responsibilities:

  • Contribute to day-to-day operations of analysis team responsible for the creation of innovative analysis products based on information and capabilities available from the CERT/CC, government, and collaborators
  • Develop and lead execution of stakeholder analyst-to-analyst feedback processes to understand the needs of the constituency
  • Develop and maintain cooperative relationships with sponsors and collaborators, and assist them in strengthening their analysis and cyber defense capabilities, providing on-site support as necessary
  • Engage critical infrastructure stakeholders to identify their requirements for participation in cyber information sharing and collaboration programs with DHS and help the DHS leads to meet these requirements
  • Foster collaboration and information sharing amongst entities within the community
  • Develop and lead implementation of plan for the secure automated sharing of cybersecurity threat information with critical infrastructure stakeholders
  • Explore new ways to leverage and apply SEI's expertise to protect critical infrastructure and other national security interests
  • Work to continually improve the tools, processes, and systems utilized within the community

 

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science, Information Science, Information Systems Management, or a related field with eight (8) years applicable experience.

Experience: Candidate should have advanced computer security incident handling and analysis experience, be comfortable in Windows and Unix/Linux environments and be able to demonstrate knowledge in the following areas:

  • Understanding of commonly utilized communications protocols
  • Common attack and response methodologies
  • Identification and analysis of actionable computer security information
  • Basic system, network, and malware analysis
  • Basic understanding of security vulnerabilities and the impact that they can have on information systems
  • Administering, maintaining, and securing a small network
  • Theoretical underpinnings of computer security

As well as experience with:

  • Communicating complex technical issues to non-technical audiences
  • Understanding and managing risk in large enterprise infrastructures
  • Developing strategies to defend systems and networks from attacks

Skills/Abilities: Successful candidates will:

  • Possess excellent analytical and technical problem-solving skills
  • Possess strong customer service skills
  • Have a strong interest in and knowledge of network and computer security issues
  • Be able to make decisions independently and in a self-directed manner in support of the goals of the team and organization
  • Be motivated to tackle challenging problems
  • Have excellent organizational skills
  • Be able to work meticulously with careful attention to detail
  • Ability to contribute in a team environment with other team members with  varying skillsets and competencies
  • Ability to work remotely or with minimal direct supervision
  • Be able to communicate effectively within a team environment
  • Be able to effectively prioritize work
  • Be able to develop and explain technical decisions
  • Recognize and deal appropriately with confidential and sensitive information
  • Interact effectively with technical and non-technical audiences via both verbal and written communications
  • Be able to quickly learn new procedures, techniques, and approaches
  • Be able to identify the need for improvements, prototype solutions, and communicate requirements

Physical Mobility: Primarily sedentary, long periods of sitting; ability to travel to various locations within the SEI and Carnegie Mellon community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions:  Normal office conditions, close contact with computer for prolonged periods of time.

Mental: Ability to work under pressure and changing priorities; pay attention to detail; meet inflexible deadlines; deal with difficult individuals while maintaining composure.     

Other:    Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance. Candidate must be able to work full-time at a customer site in the Washington D.C. / Northern Virginia metro area. Candidate will be required to travel on overnight assignments.

 

Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science, Information Science, Information Systems Management with five years applicable experience

Licenses: Information systems security, incident response and analysis, and other similar certifications are desired

Experience: Ideal candidates will have experience or substantial knowledge in many of the following additional areas:

  • 3-5 of experience in security aspects of system and/or network administration in a U.S. government agency or contractor environment and/or experience as a cyber (technical) analyst in a computer network defense, intelligence, counterintelligence or law enforcement role
  • Experience drafting and formatting technical threat intelligence reports and conduct correlating analysis using multiple formatted and unformatted data sources and tool sets
  • Experience developing materials for senior leadership in government or industry
  • Experience developing and implementing information security policies and standard operating procedures
  • Advanced understanding of security vulnerabilities
  • Practical network security training (e.g. SANS GIAC Level 2 courses, CCNP, CCIE Security)
  • Advanced malware, forensic, or digital media analysis experience

 

Accountability:  Contributes to program objectives and plans development.  Maintains confidentiality of sensitive information such as security and vulnerability information.

Direction: Performs under minimal supervision, independent judgment is encouraged.  Most normal duties and responsibilities are handled independently with the use of established procedures and policies.  Difficult or unique situations are referred to the supervisor. Ability to work directly on-site at a customer location with minimal direct supervision from direct supervisor.

Decisions: Must accurately analyze data from multiple sources, generate defensible results, and represent them in reporting products and interactions with customers, sponsors, and the public. Participate in conferences and workshops where security-related issues are discussed as required.

Supervisory Responsibilities: This position has no supervisory responsibilities.

 

Job Functions or Responsibilities:

65% Perform duties as a technical cyber information and fusion analyst team member, incident analyst and technical liaison. Review, analyze and correlate threat data from various sources. Create innovative reporting products based on available information and capabilities. Mentor others in conducting effective analysis, and develop standardized processes for performing analysis. Produce standardized reports, metrics, threat, activity, and mitigation information products. Coordinate and collaborate on cyber threat tracking with partner and counterpart organizations. Deliver reports, briefings, and assessments to leadership, facilitating understanding of cyber threat entities and environments. Support information assurance and cyber threat mitigation decision-making.

15% Work to build collaborative relationships and foster information sharing among partner entities in the interest of improving cyber situational awareness and response capabilities.

15% Work directly with SEI staff supporting the community with incident, vulnerability, network, or malicious code analysis work.

5% Develop knowledge and understanding of SEI capabilities; learning how SEI capabilities can be applied to customer problems.

100%      Total Effort

 

Organizational Chart: CERT Program Director > CERT/CC Technical Director > CSIRT Operations Technical Manager >Team Lead > Computer Security Information Analyst

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

10 Apr
2015
CERT/CC CSIRT Operations Technical Manager - 2000766
Pittsburgh, PA or Arlington, VA

Position Summary:  The CSIRT Operations technical area of the CERT Coordination Center (CERT/CC) supports USG Cyber Centers, SOCs, national coordination initiatives and the international response community through directed analysis, applied research and development and capacity building activities.  This approximately 20-person group works from the SEI’s Pittsburgh and Arlington offices, and is embedded at USG facilities in the Washington DC-Baltimore area.  The position of technical manager is responsible for all aspects of developing and executing the body of work to include setting the technical direction; managing financials; business development; and personnel issues.

Minimum Qualifications and Requirements:

Education/Training:  BS in a Computer Science or related scientific/technical field with ten (10) years’ experience, or equivalent combination of training and experience.

 

Experience:  Experience listed above should include:

  • Work in cyber security or intelligence operations;
  • Prior responsibility managing a team comprising a total of at least 5 individuals with commensurate personnel and financial authority. 
  • These individuals should have had cyber operations roles.

Skills/Abilities: Working knowledge of:

  • Current security challenges and threats faced by a subset of the following audiences: USG intelligence, defense, law enforcement, civilian departments, and critical infrastructure;
  • USG missions areas/owners in cyber security;
  • Community best practices in cyber operations and associated tools/techniques
  • Internet protocols, operations, and governance.

Ability to:

  • Set and implement a strategic direction for a technical group;
  • Codify operational experience into best practices;
  • Conduct technical project management;
  • Brief strategic and technical topics to senior management and non-technical audiences;
  • Sustain a team with business development activity;
  • Foster professional growth and develop technical/professional leadership capabilities in technical staff.

Physical Mobility:  Primarily sedentary in an office setting with some mobility.  Requires travel to various domestic locations within the SEI and CMU community to include the SEI Arlington/Pittsburgh office; sponsor sites; conferences; and offsite meetings with routine frequency (up to one 2 day trip every week).

Environmental Conditions:  Normal office conditions; close contact with computer display for extended periods of time.

Mental:  The ability to: work meticulously with careful attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort; develop and communicate innovative ideas; and excellent oral and written communication skills.

Other: U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training: MS in a related technical field with ten (10) years of experience.

Experience:  Experience listed above should include:

  • Working for or supporting the USG;
  • Supporting multiple sponsors/customers;
  • Supporting customers in an operational security environment such as incident response, intelligence, or a security operations center;
  • Supporting elements of the critical infrastructure sectors or international NCSIRTs;
  • Leading community building activities in the critical infrastructure, NCSIRT, or USG space
  • Establishing and defining processes for operational security organizations, and codifying best practices from community and operational experience;
  • Leading workforce/capacity building projects;
  • Prior responsibility in managing a team of 15-20 individuals with commensurate personnel and financial authority;
  • Participation in public and closed community security forums through activities such as publication, presentation, collaborative security operations, and collaborative research.

Skills/Abilities: 

  • Practical experience leading, defining, or applying TTPs for cyber operations;
  • Working knowledge of secure systems and network architecture practices. 

  

Accountability:  This position is accountable for the specification and execution of all any Incident Analysis technical area work plans and a subset of the SEI operational plan.

Direction:  The individual in this position is expected to act autonomously using CMU, SEI, and NSS, defined policies, practices, and procedures.  Additionally, this position will define those set for their technical area and influence those set for CERT.

Decisions:  The individual in this position is expected to make strategic choices about the direction of the technical area that will be distilled into a technical agenda funded by a defined set of existing or new customers and implemented by a team hired to support the specifics tasking.

Supervisory Responsibilities:  This position has ultimate supervisory responsibility over all staff in the technical areas to include hiring, performance reviews, salary adjustments, task assignment, and setting the tone and culture of the group.

 

Job Functions or Responsibilities:

30%                  Manages group to effectively implement the SEI and task order work plans.  Sets goals and objectives and manages operational and functional business activities.   Develops, implements and tracks short and long term operational plans (financial, staffing, infrastructure, project).

30%                  Provides guidance to and monitors the success of team leads in meeting strategic and operational goals. Assesses performance of direct reports and makes salary recommendations for all staff within areas of responsibility.  Provides oversight of team leads and their supervisory responsibilities of technical staff and conducting performance reviews. Responsible for recruitment, hiring, development and retention of all technical and support staff.

20%                  Sets technical direction of technical area.  Leads planning process and contribute to the development the CERT strategic plan.  Ensures regular update of technical area’s plan; reviews feasibility of plan, identifies risks and defines risk mitigation strategy.  Articulates vision for internal and external audiences.

10%                  Identifies opportunities for new technical projects and manages start-up of new, high-priority technical areas of work. Works with Technical Director of CERT/CC to develop and implement a funding and transition plan for new work areas.

10%                  Directs organizational effectiveness and staff learning and development plans. Identifies operational success measures and process improvements.  Leads corrective action.

100% Total Effort

 

Organizational Chart: Division Director, CERT < CERT/CC Technical Director < CERT CSIRT Operations Technical Manager

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

24 Mar
2015
Cyber Security Engineer - Exercise Developer - 2000687
Arlington, VA

This is located in Arlington, VA

Position Summary:  As a member of CERT's Workforce Development program, the candidate will work with other team members in developing cyber-security training exercises and simulations, primarily for US military/government customers. This involves interacting directly with customers, gathering training requirements and objectives, producing and facilitating creative and engaging exercise scenarios, and building supporting physical and virtualized systems and network topologies. As such, the candidate will work regularly with a wide range of software and hardware technologies within CERT labs. The candidate may also assist in developing and teaching cyber security training content to external customers. The candidate will also be involved software and hardware prototype development.  Additionally, the position requires the candidate to have demonstrated and effective leadership/management abilities as he/she may supervise and evaluate full time direct reports as well as the activities of graduate student assistants. The successful candidate must be self-directed, have an interdisciplinary approach to problem solving, and work well communicating technical information to technical and non-technical users. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner.

Minimum Qualifications and Requirements:

Education/Training:  Bachelor’s degree in Computer Science, Information Science, or related discipline with eight (8) years applicable working experience in information technology, Master’s degree in Computer Science, Information Science, or related discipline with five (5) years applicable working experience in information technology, PhD Computer Science, Information Science, or related discipline with two (2) years applicable working experience in information technology, or equivalent combination of training or experience.

Experience: Successful candidates must possess "hands-on" experience with Computer/Network Security and I.T. system and network administration. Additionally, he/she must have practical experience with Windows server and desktop platforms and Linux/Unix operating systems. The candidate must have experience in network design and troubleshooting and implementing standard networking protocols. Additionally, demonstrated practical experience working with common commercial and open-source cyber security tools is required. The candidate should have some experience teaching technical content to students, peers, and non-technical individuals and must enjoy doing so.

Skills/Abilities: Candidate must be able to prioritize workload and complete deliverables on time, have good technical problem-solving skills, strong analytical and information organization skills, excellent oral and written communication skills, and strong technical teaching skills. Candidate must be able to multitask and work effectively with multiple project teams and sponsors/customers. Experience with virtualization technologies, particularly VMWare ESX server is highly desired. Programming experience in C, C++, C#, Python, and Java is also highly desirable.

Physical Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites.

Environmental Conditions: Close contact with computer for long periods of time.

Mental: Ability to pay close attention to detail, meet deadlines, work under pressure, and communicate effectively.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training: BS and MS in Computer Science; training in enterprise security tools (i.e. McAfee ePO/HIPS, ArcSight, etc.)

Licenses: CISSP, Network+, Security+ and/or other industry standard certifications

Experience: US military service in a series of positions involving information technology, cyber security, and management of large scale government networks.

Skills/Abilities: Strong presentation/platform skills and excellent writing skills.

 

Accountability:  The incumbent is accountable for the definition, creation, and maintenance of final deliverables and products and may manage unclassified/classified DoD projects in excess of $3M annually.

Direction:  The incumbent is expected to act independently using CMU and SEI defined policies, practices, and procedures.

Decisions: The incumbent must use good judgment to solve customer and personnel problems and is required to envision, design, develop, pilot, and deliver new capabilities, products, and services.  Candidate will also be required to accurately represent SEI/CERT and its technical work in interactions with customers, sponsors, and the public.

Supervisory Responsibilities:  The incumbent may have at least 2 direct reports as well as up to 15 secondary reports and will be required to provide performance management, career guidance, and take personnel corrective actions as required.

 

Job Functions or Responsibilities:

10%      Design and develop technical documents and instructional materials.

10%      Research, evaluate, develop, install/configure hardware and software including promising new technologies that require examination for cyber security research and development.

10%      Deliver technical and management training to customers.

55%      Mentor, guide and interact with team and other staff.

15%      Contribute to transition planning and strategy.

100% TOTAL EFFORT

 

Organizational Chart: Director, CERT Division < Technical Director, Cyber Security Solutions Directorate < Technical Manager, Cyber Workforce Development Initiative < Cyber Workforce Development Team Lead < Cyber Security Engineer - Exercise Developer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

18 Mar
2015
Associate Cyber Security Researcher - 2000670
Pittsburgh, PA

Position Summary: The CMU/SEI Forensic Operations and Investigations team is a leading edge analytical resource focusing on critical U.S. Government (USG) needs.  For the past 10 years, CERT has provided analytical and operational support to high-profile investigations including numerous activities of national or international significance. Through this work the FOI can see the current limitations of digital analysis and incident response in the field first hand. Combining applied research with the unique talents, operational experience, research capabilities, and the vast knowledge base of Carnegie Mellon University, FOI is unmatched in its ability to develop new tools and methods to address cyber security limitations and critical gap areas.

This individual will serve in a multi-disciplinary role providing ongoing support to federal law enforcement, defense agencies, and the national intelligence community. As a member of the FOI team this candidate will provide support to on-going operations in the areas of incident response and investigation, full-spectrum digital forensics and applied research in emerging areas of cybercrime. At times, this position will require the team member to develop and deliver training modules related the aforementioned domains.

The successful candidate must have proven computer forensics experience in multi-jurisdiction criminal investigations, be self-directed, have a track record of creating interdisciplinary approaches to problem solving, and demonstrate exceptionally strong presentation and instructional skills. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner.

 

Minimum Qualifications and Requirements:

Education/Training: BS Computer Science, Information Security or other related discipline and a minimum of three (3) years of related experience, or equivalent combination of traning and experience.

Licenses: Certified Encase Examiner, ACE. CISSP, GIAC, SSCP, OSCP or other related/relevant certifications preferred.

Experience:  At least four or more (4+) year’s relevant experience in computer forensics, to include field and laboratory collection/imaging, analysis, with prior court room testimony preferred.  Technical experience required with host and network based forensics investigations and tools, analysis of Microsoft Windows, Unix/Linux and Mac OS operating systems, and removable media data recovery.

Skills/Abilities: Candidate must be able to prioritize workload and complete deliverables on time, have good technical problem-solving skills, have strong analytical and information organization skills, have excellent oral and written communication skills, and strong technical teaching skills.  Candidate must be skilled in instructional design, course development, and evaluation techniques.  Candidate must be able to multi-task and work effectively with multiple project teams and sponsors/customers. Technical proficiency with operating systems and detailed knowledge of network protocols are required.

Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites.

Environmental Conditions: Close contact with CRT for long periods of time.

Mental:  Ability to pay close attention to detail, meet deadlines, work under pressure, and communicate effectively.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements

Education/Training: BS in Computer Science, Information Security or other related discipline with a minimum of three (3) years of applicable experience; MS in Computer Science, Information Security or other related discipline with a minimum of one (1) year of applicable experience; or equivalent combination of training and experience.

Experience: Experience with state or federal law enforcement organization; operational knowledge of recently enacted state and federal laws and procedures relating to computer forensics investigations; coordination with criminal investigators, including courtroom testimony. 

Skills/Abilities:

  • Penetration Testing

  • Information and network security including experience with IDS/IPS

  • Knowledge of common vulnerabilities, exploits and mitigations

  • Digital Forensics (host, network and mobile devices)

  • Incident Response

  • Ability to research and characterize security threats including defining appropriate countermeasures

  • Hardware or software reverse engineering for either vulnerability discovery/assessment or malware analysis

  • Virtual infrastructure and hypervisors

  • Experience with common security controls including firewalls, proxies, IDS/IPS, Web Application Firewalls

  • Technical knowledge of fundamental Internet protocols, services, and technologies to include HTTP, TLS, DNS, SMTP, TCP/IP, ICMP, AJAX, JSON, REST

  • 2+ years with a scripting language including SQL, Python, Ruby, JavaScript, Perl, PHP and/or shell scripting

 

Accountability:  The incumbent is accountable for the definition, creation, and maintenance of final deliverables and products.

Direction: The incumbent is expected to act independently using CMU and SEI defined policies, practices, and procedures.

Decisions:  Required to design, develop, pilot and deliver products.  Required to accurately represent NSS and its technical work in interactions with customers, sponsors, and the public.

Supervision:  Contributes to hiring decisions of program staff; mentors junior staff; supervises student interns.  The experienced candidate may perform project management responsibilities.

 

Job Functions or Responsibilities:

55%     Operational support for SEI customers.

20%     Perform applied research in emerging areas of digital forensics.

15%     Deliver technical and management training to customers.

5%       Mentor, guide and interact with team and other staff.

5%       Contribute to the research and technical agendas of the FOI.                   

100%      Total Effort

 

Organizational Chart:  Director, CERT Program < Technical Manager, FOI < Cyber Security Researcher

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

18 Mar
2015
Cyber Security Researcher - 2000672
Pittsburgh, PA or Arlington, VA

Position Summary: The CMU/SEI Forensic Operations and Investigations team is a leading edge analytical resource focusing on critical U.S. Government (USG) needs.  For the past 10 years, CERT has provided analytical and operational support to high-profile investigations including numerous activities of national or international significance. Through this work the FOI can see the current limitations of digital analysis and incident response in the field first hand. Combining applied research with the unique talents, operational experience, research capabilities, and the vast knowledge base of Carnegie Mellon University, FOI is unmatched in its ability to develop new tools and methods to address cyber security limitations and critical gap areas.

This individual will serve in a multi-disciplinary role providing ongoing support to federal law enforcement, defense agencies, and the national intelligence community. As a member of the FOI team this candidate will provide support to on-going operations in the areas of incident response and investigation, full-spectrum digital forensics and applied research in emerging areas of cybercrime. At times, this position will require the team member to develop and deliver training modules related the aforementioned domains.

The successful candidate must have proven computer forensics experience in multi-jurisdiction criminal investigations, be self-directed, have a track record of creating interdisciplinary approaches to problem solving, and demonstrate exceptionally strong presentation and instructional skills. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner.

 

Minimum Qualifications and Requirements:

Education/Training: BS Computer Science, Information Security or other related discipline and a minimum of eight (8) years of related experience; or equivalent combination of training and experience.

Licenses: Certified Encase Examiner, ACE. CISSP, GIAC, SSCP, OSCP or other related/relevant certifications preferred.

Experience:  At least four or more (4+) year’s relevant experience in computer forensics, to include field and laboratory collection/imaging, analysis, with prior court room testimony preferred.  Technical experience required with host and network based forensics investigations and tools, analysis of Microsoft Windows, Unix/Linux and Mac OS operating systems, and removable media data recovery.

Skills/Abilities: Candidate must be able to prioritize workload and complete deliverables on time, have good technical problem-solving skills, have strong analytical and information organization skills, have excellent oral and written communication skills, and strong technical teaching skills.  Candidate must be skilled in instructional design, course development, and evaluation techniques.  Candidate must be able to multi-task and work effectively with multiple project teams and sponsors/customers. Technical proficiency with operating systems and detailed knowledge of network protocols are required.

Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites.

Environmental Conditions: Close contact with CRT for long periods of time.

Mental:  Ability to pay close attention to detail, meet deadlines, work under pressure, and communicate effectively.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements

Education/Training: BS in Computer Science, Information Security or other related discipline with a minimum of eight (8) years of applicable experience; MS in Computer Science, Information Security or other related discipline with a minimum of five  (5) years of applicable experience; PhD in Computer Science, Information Security or other related discipline with a minimum of two (2) years of applicable experience; or equivalent combination of training and experience.

Experience: Experience with state or federal law enforcement organization; operational knowledge of recently enacted state and federal laws and procedures relating to computer forensics investigations; coordination with criminal investigators, including courtroom testimony. 

Skills/Abilities:

  • Penetration Testing

  • Information and network security including experience with IDS/IPS

  • Knowledge of common vulnerabilities, exploits and mitigations

  • Digital Forensics (host, network and mobile devices)

  • Incident Response

  • Ability to research and characterize security threats including defining appropriate countermeasures

  • Hardware or software reverse engineering for either vulnerability discovery/assessment or malware analysis

  • Virtual infrastructure and hypervisors

  • Experience with common security controls including firewalls, proxies, IDS/IPS, Web Application Firewalls

  • Technical knowledge of fundamental Internet protocols, services, and technologies to include HTTP, TLS, DNS, SMTP, TCP/IP, ICMP, AJAX, JSON, REST

  • 2+ years with a scripting language including SQL, Python, Ruby, JavaScript, Perl, PHP and/or shell scripting

 

Accountability:  The incumbent is accountable for the definition, creation, and maintenance of final deliverables and products.

Direction: The incumbent is expected to act independently using CMU and SEI defined policies, practices, and procedures.

Decisions:  Required to design, develop, pilot and deliver products.  Required to accurately represent NSS and its technical work in interactions with customers, sponsors, and the public.

Supervision:  Contributes to hiring decisions of program staff; mentors junior staff; supervises student interns.  The experienced candidate may perform project management responsibilities.

 

Job Functions or Responsibilities:

55%     Operational support for SEI customers.

20%     Perform applied research in emerging areas of digital forensics.

15%     Deliver technical and management training to customers.

5%       Mentor, guide and interact with team and other staff.

5%       Contribute to the research and technical agendas of the FOI.       

Organizational Chart:  CERT Division Director, Technical Director, Cyber Security Solutions > Deputy Director, Cyber Security Solutions > Technical Manager, Forensic Operations and Investigations > Cyber Security Researcher

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

22 Jan
2015
Senior Analyst - 2000395
Pittsburgh, PA

Position Summary:  The CERT Program is a division of the Software Engineering Institute, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania.  The Situational Awareness branch within the CERT Coordination Center supports government customers by developing cutting-edge network sensing and analysis tools for operational use in high-impact environments.

The successful candidate will provide technical leadership for a significant portion of cutting-edge applied research and development in computer security.  Challenge problems include strategic large-scale network analysis, quantitative measurements of large-scale US Government networks, development of situational awareness metrics for decision support, deployment and calibration of global sensor grids, and the effective transition of analytic solutions. 

As a senior member of the staff, the individual will be expected to serve as technical lead for the overall design, execution, and documentation of one or more tasks, as well as to serve as a liaison with customers, potential customers, vendors, and the Internet community as a whole.

 

Minimum Qualifications and Requirements:

Education/Training: Master’s Degree in Computer Science or scientific/technical field with eight (8) years’ experience.

Experience

  • Five or more years of professional experience in a technical leadership role which involves network or computer related problem solving

  • A thorough hands-on understanding of current computing platforms and networking protocols

  • In-depth familiarity with current trends in both network security operations and network security research

  • Extensive experience in at least one security or network engineering discipline such as incident handling, network traffic analysis, statistical network analysis, forensics, vulnerability assessment, network auditing, capacity planning or network architecture design

Skills/Abilities:

  • Proven experience applying the principles of discrete mathematics to solve operational problems

  • Theoretical and practical knowledge of network protocols

  • Familiarity with Internet governance and large scale network operations

  • An understanding of the current state of the practice for network analysis techniques, toolsets, and challenge areas

  • Knowledge of modern operating systems

  • The ability to write computational scripts in one or more programming languages such as Python, Perl or Java

  • Strong problem solving skills

  • Technical project management skills

  • Technical writing and reviewing skills

  • Ability to brief technical topics to non-technical senior managers and decision makers

Physical Mobility: Primarily sedentary in an office setting with some mobility.  Flexibility to travel to various locations within the SEI and CMU community, including sponsor sites, conferences, and meetings.                                   

Environmental Conditions:  Normal office conditions; loose contact with computer display for extended periods of time.

Mental:  The ability to:

  • envision operational application of fundamental and applied research ideas

  • work meticulously with careful attention to detail

  • meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities

  • deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff

  • grasp the big picture, direction, and goals of an effort

  • develop and communicate innovative ideas

Other: U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training:  Ph.D. in Mathematics, Computer Science or a related scientific or technical field with five (5) years’ experience.

Experience

  • In-depth experience contributing to the public body of knowledge for any of the following related disciplines:

  • Operational research

  • Network flow

  • Telecommunications planning

  • Statistical analysis of computer behaviors

  • Modelling, simulation and emulation

  • Technical writing skills

  • Knowledge of US Government networks

 

Accountability: The individual is accountable for

  • Active participation in the overall CERT/CC R&D effort

  • Producing original publications in network security analysis

  • Mentoring junior analysts and researchers and/or sustaining the vision for research in a specific problem domain

  • Participating in public speaking engagements, including at remote locations

Direction: The individual in this position is expected to act autonomously using CMU, SEI, and CERT, defined policies, practices, and procedures.

Decisions: The individual in this position is expected to participate in the decision-making and problem solving process of designing, building and operating systems for network security; suggesting and implementing policies and procedures to support these activities; and creating prototyping implementations of tools and approaches for situational awareness.  Further, this position will contribute to key design making for the prioritization of efforts for a specific customer.

Supervisory Responsibilities:  This position does not formally supervise others.  However, the individual will act in a technical leadership or mentoring (non-supervisory) role in regard to a specific body of work.

 

Job Functions or Responsibilities:

60%      Lead, perform and publish original work in network security analysis, including work leading to publications.

10%      Contribute to overall strategic direction for a diverse security R&D team.

20%      Mentor and guide junior network security analysts.

10%      Participate in and/or lead presentations to customers, colleague training sessions, conference presentations or public speaking engagements.

100% Total Effort

 

Organizational Chart: Technical Director, CERT Coordination Center > Technical Manager, Situational Awareness > Security Analyst

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

03 Sep
2014
Information Security Researcher - 101049
Pittsburgh, PA

Position SummaryThe CERT Division is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Division engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems.

The individual in this position will work as a member of the Cybersecurity Assurance (CA) Team within the Networked Systems Survivability Program. The CA team develops solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow organizations to assess analyze, and manage organizational, operational, and technical risks to mission-critical assets, processes, systems, and infrastructures. The individual will conduct applied research and perform assessments, diagnostics, and analysis techniques to better understand and mitigate risks to cyber environments and the organizational processes that depend on them. Activities will include close work with customers from a variety of organizations, including DoD, government agencies, and commercial organizations.

 

Minimum Qualifications and Requirements:

Education/Training:  PhD in computer science, software engineering, information systems, or a related scientific/technical field with five (5) years’ experience, or equivalent combination of training and experience.

Licenses:  CISSP, CISM or CISA.

Experience:  Experience with and applied knowledge in:  information technology and telecommunications systems; cyber security, survivability, and resilience concepts and issues; software and systems engineering; work with Federal Government.  Experience as a principal investigator or technical lead for research, development, or transition projects.  Published academic quality research or other broadly disseminated technical artifacts (books, software, etc.)

Skills/Abilities: Must exhibit the following skills and abilities:  understanding of information technology and telecommunications systems; working knowledge of network interoperability, cyber security, and survivability issues, including cyber security best practices and standards; development and delivery of information and infrastructure security risk and vulnerability evaluations; ability to conduct analytical studies and investigations; reasoning and problem-solving skills; ability to work independently with limited supervision; ability to interact effectively with customer and to represent the SEI and its capabilities; ability to work well as a member of a cooperative team; ability to work in a matrix organizational structure; ability to recognize and deal appropriately with confidential and sensitive information; ability to implement project plans, monitor project budgets, and identify and mitigate project risks; leadership and mentoring skills;  excellent written and oral communication skills; ability to contribute to technical research white papers and reports; ability to prepare papers and deliver presentations to technical and non-technical audiences; ability to contribute to customer technical exchanges and marketing presentations; participation in professional society activities, particularly IEEE and ACM; strong interest in cyber security and critical infrastructure protection analysis basis research, applied research, and development.

Physical/Mobility: Primarily sedentary in an office setting with some mobility.  Ability to travel frequently to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings.

Environmental Conditions: Close contact with computer for extended periods of time.

Mental: Strong interest in the human, managerial, and technical aspects of cyber security is critical for this position as are these abilities:  take or share leadership role in technical projects; work meticulously with careful attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to understand the big picture, direction, and goals of an effort; ability to develop and communicate innovative ideas; ability to demonstrate initiative and to quickly learn new procedures, techniques, approaches, etc.

Other: U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Licenses:  CISSP, CISM, GIAC, CISSP, OSCP or similar.

Experience:  Principal investigator for government funded research.

Skills/Abilities:  Ability to lead work teams as needed, consulting skills, ability to deliver coursework and training, ability to develop and foster external research collaborations.

 

Accountability: The individual will implement and participate in the planning and execution of projects leading to technical results. The individual will also contribute to project, department, or program objectives and planning document development. The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction: The individual is expected to act independently using CMU, SEI, and CERT defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual must make sound technical decisions with little supervision.  The individual must accurately represent the program in interactions with customers, sponsors, and the public.  The individual is expected to perform analysis on-site at customer locations and immediately assess potential vulnerabilities requiring further investigation.

Supervisory Responsibilities: This position could involve the training and oversight of the work of other staff members, graduate students, resident affiliates, visiting scientists, and independent contractors. Depending on research project or customer work plan, position may involve task leadership.

 

Job Functions or Responsibilities:

30%      Participate in the delivery of existing CERT cyber security, resilience, and risk assessment and analysis approaches with customers and partners; participate in research, analysis, and documentation of cyber security issues, concerns, and risks at customer locations.

25%      Participate in research into innovative and cutting-edge tools, techniques, and methods to improve cyber security and resilience; transition research into applied knowledge for customers.

10%      Contribute to conferences and meetings; participate in business development calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.

10%      Contribute to, publish technical notes and reports, and review the literature in cyber security, technical assessment, resilience, and software engineering.

10%       Provide assistance and input to other teams and projects within the SEI.

SECONDARY FUNCTIONS

5%       Contribute to conferences and meetings; participate in marketing calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.

5%       Contribute to and review the literature in cyber security, resilience, and software engineering.

5%       Provide assistance and input to other teams and projects within the SEI.

100% TOTAL EFFORT

 

Organizational ChartDirector, CERT Division < Technical Director, Cyber Security Solutions Directorate < Deputy Director, Cyber Security Solutions Directorate < Technical Manager, Cyber Security Assurance Team < Information Security Researcher

 

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

Apply for Positions

To apply for open positions visit Careers at the Software Engineering Institute.

Accessibility Needs for Applicants, Students and Visitors

Carnegie Mellon University makes every effort to provide physical and programmatic access individuals with disabilities. If you require an accommodation to participate in any part of the employment process, please contact Disability Resources by emailing access@andrew.cmu.edu or calling 412-268-3930.

Carnegie Mellon University considers applicants for employment without regard to, and does not discriminate on the basis of, gender, race, protected veteran status, disability, or any other legally protected status.

We're Hiring