CERT
 
CERT Contact Information CERT Statistics Meet CERT Publications by CERT Staff Presentations by CERT Staff Employment Opportunities
 

Job #5492 - Senior Network Security Analyst

Network Situational Awareness (NetSA)

SUMMARY

The CERT Network Situational Awareness (NetSA) group’s analysis team supports internal and external customers by developing cutting-edge analysis techniques for regular operational use in high-impact environments. The analyst will develop new analysis techniques and prototype their software implementation, support customers by preparing analytic reports, prototype new analysis approaches, and participate in preparing research for publication. The successful candidate will have some combination of academic training and real world network or network security experience. As a senior member of the technical staff, the individual will be expected to serve as technical lead for the overall design, execution, and documentation of one or more tasks, as well as to serve as a liaison with customers, potential customers, vendors, and the Internet community as a whole.

ESSENTIAL FUNCTIONS

  1. Lead, perform and publish original work in network security analysis, including work leading to academic publications.
  2. Contribute to overall strategic direction for a diverse security R&D team
  3. Mentor and guide junior network security analysts and researchers

MINIMUM QUALIFICATIONS

Education/Training: Bachelor’s Degree in Computer Science or scientific/technical field with 10 years experience. Masters Degree in Computer Science or scientific/technical field with 8 years experience.

Experience: Professional experience listed above is in network security research and/or operations—the successful applicant will likely have both. Applicants should have a record of significant contribution to the security community, such as academic publication or involvement in open source security tool projects.

Skills/Abilities:

  • Capable of conducting and supporting analytical studies and investigations of network security data
  • Capable of original research in network security analysis
  • Experience with scripting and/or programming in a high level language, including participation in sound software engineering (e.g. version control, documentation, etc.)
  • Deep understanding of and practical experience with various Internet protocols (e.g., TCP/IP, DNS, SMTP, BGP, TLS)
  • Deep knowledge of at least one modern operating system (e.g., Linux, Solaris, Windows 2000/2003/XP)
  • Understanding of network security issues at all protocol layers
  • Understanding of host/operating system security issues
  • Familiarity with and deep understanding of: IDS, firewalls, SIM/SEM, network and vulnerability scanning, routing
  • Ability to set strategic direction and agenda for a diverse group of developers and researchers
  • Ability to function in the role of a consultant
  • Planning and organizational skills
  • Strong problem solving skills
  • Excellent oral and written communication skills
  • Ability to work both independently and with teams
  • Experience with mathematical programming systems (e.g. R, Mathematica, Matlab)
  • Experience with statistics

OTHER

Mobility: Primarily sedentary in an office setting with some mobility. Flexibility to travel to various locations within the SEI and CMU community, including sponsor sites, conferences, and meetings.

Environmental Conditions: Normal office conditions; lose contact with computer display for extended periods of time

Mental:Ability to work meticulously with careful attention to detail; ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort, ability to develop and communicate innovative ideas; ability to take leadership role in technical projects; ability to quickly learn new procedures, techniques, approaches, etc.

Other: Candidate must have the ability to pass a background check investigation, obtain a DOD TS/SCI security clearance, and be a US citizen

PREFERRED QUALIFICATIONS

Experience:

  • in an team environment leading collaborative projects with diverse skills and roles
  • in the public forum of the broader information security community
  • directly with customers from government and/or industry (multiple critical infrastructure)
  • in exploratory data analysis
  • in data visualization
  • in human-computer interface (HCI) design

Skills/Abilities: Same as above


Resumes from recruiting firms will not be accepted.

To apply please go to
Careers@CarnegieMellon

Carnegie Mellon is an Affirmative Action/Equal Opportunity Employer.

The Software Engineering Institute (SEI) is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University.

Copyright 2009 Carnegie Mellon University.

See the conditions for use, disclaimers, and copyright information.

CERT® and CERT Coordination Center® are registered in the U.S. Patent and Trademark Office.

This page was last updated January 14, 2009