Company DescriptionJoin us and make YOUR mark on the World!Are you interested in joining some of the brightest talent in the world to strengthen the United States' security? Come join Lawrence Livermore National Laboratory (LLNL) where our employees apply their expertise to create solutions for BIG ideas that make our world a better place.We are looking for individuals that demonstrate an understanding of working in partnership with team peers, who engage, advocate, and contribute to building an inclusive culture, and provide expertise to solve challenging problems. Job Description We have an opening for a Cyber Security Analyst to provide advanced cyber and technical support for unclassified and classified networks, standalone systems, security systems, user accounts and access, and implementation of security controls. You will manage complex security plans and component configurations, complete self-assessments, and computer security projects. You will interact regularly with team members, customers, management, and sponsors to solve a variety of complex cyber problems in a timely manner. This position is in the Information Technology Operations Division (ITO) within the Computing Directorate.This position will be filled at either the 320.1 or 320.2 level depending on your qualifications. Additional job responsibilities (outlined below) will be assigned if you are selected at the higher level.In this role you will
- Continuously Monitor for cyber threats and enact identification, investigation, containment, and eradication measures while supporting recovery efforts with minimal impact to programmatic work.
- Perform analysis on LLNL intrusion detection systems providing cyber security monitoring and incident response support including troubleshooting and resolution of issues.
- Be granted Information Systems Security Officer (ISSO) authority over federally accredited Information System Security Plans (ISSP) with the authority to develop and maintain cyber related plans, policies, procedures, and risk assessments in support of programmatic work.
- Perform technical assessments using a risk-based approach, document actions, findings, and make remediation recommendations to program managers.
- Research complex IT solutions and manage cyber-security related projects with a diverse scope over multiple environments.
- Perform other duties as assigned.
- Provide highly advanced technical assistance and guidance to team members and the user community.
- Manage multiple complex parallel projects, tasks, and priorities of customers and stakeholders, ensuring deadlines are met, while leveraging team member skills.
- Develop and maintain applications such as Splunk/SCAP/Tenable to generate reports and normalize system logs and create dashboards within multiple environments.
- This position requires an active Department of Energy (DOE) Q-level clearance or active Top-Secret clearance issued by another U.S. government agency at the time of hire.
- Bachelor's degree in Computer Science, Engineering, Cyber Security, Information Assurance, Business Information Systems, or related field, or the equivalent combination of technical training and experience.
- Broad and in-depth knowledge and experience editing and testing ISSP and evaluating risks using Risk Management Framework and NIST 800.53 Controls.
- Experience conducting host forensics, network forensics, log analysis, malware analysis and vulnerability risk assessments in support of continuous monitoring and incident response investigations.
- Ability to effectively manage concurrent technical and operational tasks with conflicting priorities, to approach difficult problems with enthusiasm and creativity and to change focus when necessary, with experience working independently in a fast-paced, customer-focused team environment.
- Advanced verbal and written communication skills necessary to collaborate in a team environment and document, present and explain technical information.
- Extensive experience developing and presenting cyber or IT solutions to a senior management team.
- Advanced knowledge of and technical expertise with cyber-related tools for continuous monitoring such as Splunk, STIG/SCAP, and Tenable.
- Broad technical expertise in configuration management of Windows, Linux, networking (CISCO/Juniper), enterprise appliances (Oracle), virtual architectures (VMWare, Azure, KVM), and/or another IT technologies.
- Expert knowledge of multiple cybersecurity disciplines including network/protocol analysis, intrusion detection, cryptography, reverse engineering, incident response, malware analysis, and/or secure architectures.
- DoD Approved 8570 Information Assurance Manager (IAM) Level II or III Certification: CAP, CISSP, GSLC, CISM, or CASP+ CE.
- Included in 2020 Best Places to Work by Glassdoor!
- Work for a premier innovative national Laboratory
- Comprehensive Benefits Package
- Flexible schedules (depending on project needs)
- Collaborative, creative, inclusive, and fun team environment