Lawrence Berkeley National Laboratory's Information Technology Division has an opening for a Cyber Security Engineer.
This position will support the operational goal of protecting the Laboratory from malicious and unauthorized computer activity. Working both independently and closely with other security engineers, the Computer Systems Engineer I will conduct Incident Response, including responding to alerts and anomalous activities, triaging tasks, engaging with IT support personnel and end-users on mitigations and resolutions, and proposing solutions to prevent future incidents. When not engaged in Incident Response, this position will assist with cyber security compliance/outreach activities, including identifying non-compliant or vulnerable systems and notifying their owners, reviewing and removing unused configurations, writing documentation, providing guidance on secure implementations, and proposing or implementing improvements to detection/automation.
What You Will Do:
In collaboration with team members, perform cyber security monitoring, incident response, forensic analysis, and resolution of cyber security incidents.
Maintain situational awareness of on-going cyber security threats in the broader community via mailing lists, chat channels, blog posts, social media, and news sources.
Independently examine a wide range of data, including Zeek logs, Netflow data, centralized syslog, and authentication logs to detect cyber security incidents with broad supervision.
Identify non-compliant or vulnerable systems and conduct outreach to system owners to work through resolution, or engage other IT staff for assistance.
Develop high quality documentation of technical systems, policies, processes, and procedures for use internally within the group, throughout the Lab, and externally by partner organizations.
Maintain Cyber Security training course material used by the Lab community, ensuring it is up-to-date, relevant, accurate, and concise.
Working with the Systems Security Architect, review designs and provide guidance to Lab staff and the R&E community on securing computer systems.
Assist with changes to cyber security infrastructure, including network devices, tap aggregation equipment, commodity servers, and specialized appliances.
Develop tools, scripts, or reports to enhance productivity of Incident Response and Threat Hunting.
What is Required:
Bachelor's degree and a minimum of 2 years of experience in the Information Technology field or an equivalent combination of education and experience.
Experience with TCP/IP networks and the functions and services of those networks, including: ARP, DNS, DHCP, wireless networking, IPv6, etc.
Ability to work in a Linux or UNIX environment and primarily at a Command Line Interface (CLI)
Understanding of campus-scale or enterprise-scale IT infrastructure and organizations in an open research network.
Ability to meet responsiveness expectations after-hours, with occasionally nights and weekends work to respond to priority issues.
The following skills are not required, but if you have expertise in any of these areas consider applying to this position, you'd fit in well with our team and technology stack.
Experience with computing in an open network environment and understanding the unique challenges of such an environment.
Experience with Active Directory, especially as it relates to securing Active Directory in an enterprise setting.
Experience with tcpdump, Wireshark, Zeek, Suricata, Snort, Netflow.
Experience provisioning cloud services such as AWS, GCP, Azure, or Cloudflare and integrating with on-premise resources.
Experience with virtualization technologies, including VMware ESXi, Hyper-V, Proxmox, KVM, Xen, etc.
Experience with automation or configuration management tools, such as Puppet, Ansible, Chef, Foreman, SCCM.
Knowledge or demonstrable skills of penetration testing, including vulnerability scanning, attack chaining, credential cracking, and social engineering.
Knowledge of container technologies, including Docker and Kubernetes.
This is a full-time career appointment, exempt (monthly paid) from overtime pay.
This position will be hired at a level commensurate with the business needs and the skills, knowledge, and abilities of the successful candidate.
This position may be subject to a background check. Any convictions will be evaluated to determine if they directly relate to the responsibilities and requirements of the position. Having a conviction history will not automatically disqualify an applicant from being considered for employment.
Work will be primarily performed at Lawrence Berkeley National Lab, 1 Cyclotron Road, Berkeley, CA.
Equal Employment Opportunity: Berkeley Lab is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or protected veteran status. Berkeley Lab is in compliance with the Pay Transparency Nondiscrimination Provision under 41 CFR 60-1.4. Click here to view the poster and supplement: "Equal Employment Opportunity is the Law."
Internal Number: 92649
About Lawrence Berkeley National Laboratory
In the world of science, Lawrence Berkeley National Laboratory (Berkeley Lab) is synonymous with excellence. Thirteen scientists associated with Berkeley Lab have won the Nobel Prize. Fifty-seven Lab scientists are members of the National Academy of Sciences (NAS), one of the highest honors for a scientist in the United States. Thirteen of our scientists have won the National Medal of Science, our nation's highest award for lifetime achievement in fields of scientific research. Eighteen of our engineers have been elected to the National Academy of Engineering, and three of our scientists have been elected into the Institute of Medicine. In addition, Berkeley Lab has trained thousands of university science and engineering students who are advancing technological innovations across the nation and around the world. Berkeley Lab is a member of the national laboratory system supported by the U.S. Department of Energy through its Office of Science. It is managed by the University of California (UC) and is charged with conducting unclassified research across a wide range of scientific disciplines. Located on a 200-acre site in the hills above the UC Berkeley campus that offers spectacular... views of the San Francisco Bay, Berkeley Lab employs approximately 4,200 scientists, engineers, support staff and students. Its budget for 2011 is $735 million, with an additional $101 million in funding from the American Recovery and Reinvestment Act, for a total of $836 million. A recent study estimates the Laboratory's overall economic impact through direct, indirect and induced spending on the nine counties that make up the San Francisco Bay Area to be nearly $700 million annually. The Lab was also responsible for creating 5,600 jobs locally and 12,000 nationally. The overall economic impact on the national economy is estimated at $1.6 billion a year. Technologies developed at Berkeley Lab have generated billions of dollars in revenues, and thousands of jobs. Savings as a result of Berkeley Lab developments in lighting and windows, and other energy-efficient technologies, have also been in the billions of dollars. Berkeley Lab was founded in 1931 by Ernest Orlando Lawrence, a UC Berkeley physicist who won the 1939 Nobel Prize in physics for his invention of the cyclotron, a circular particle accelerator that opened the door to high-energy physics. It was Lawrence's belief that scientific research is best done through teams of individuals with different fields of expertise, working together. His teamwork concept is a Berkeley Lab legacy that continues today.