Cyber & Digital Systems Security Engineer (Mid-Career)

This job posting is at the Senior level. Member level employees are not eligible for movement into this job. If a Principal level employee applies and is selected, they will be moved into the Senior level and their salary will be adjusted if necessary. Level promotions are not permitted on this requisition.
Employees must remain in their current position for one year before applying for a new position, with the exception of student interns. Application of this requirement will not supersede the Laboratories’ collective bargaining agreements. See collective bargaining labor agreements for represented bidder eligibility requirements for represented employees.

This posting will be open for application submissions for a minimum of seven (7) calendar days, including the ‘posting date’. Sandia reserves the right to extend the posting date at any time.

We are seeking a Cyber & Digital System Security Engineer (job title: R&D S&E, Cybersecurity)

Are you interested in defending and protecting our national security digital systems against advanced cyber threats? We seek a strong technical professional with cyber security background and a multidisciplinary perspective to help bridge our Cyber Enterprise Security (CES) effort with the Nuclear Deterrent (ND) Cyber program. This is an opening for an R&D Cybersecurity Engineer who has operational cyber and information assurance experience and can also readily apply their skill sets to non-traditional IT environments and digital systems. The selected candidate will be required to have demonstrated cybersecurity experience that can support day-to-day Cyber Enterprise Security and the technical aptitude to support a variety of ND Cyber activities such as red-teaming digital systems, vulnerability risk assessment, and digital systems assurance. Collaboration with extended multi-disciplinary teams (in Livermore, CA and across Sandia to our ND partners and CES partners) is critical for this role.

On any given day, you may be called to:

• Protect Sandia systems and information by promptly responding to security threats and incidents
• Conduct research regarding the latest methods, tools, and trends in securing enterprise information systems (digital forensic analysis, threat hunting) and non-traditional digital systems
• Discover, exploit, and mitigate vulnerabilities across our information infrastructure and ND systems
• Provide technical expertise and advice on all areas of cyber and digital systems security
• Support system-level security risk assessment and provide guidance and recommendations
• Support technical reviews, security requirements generation, and validate security implementations of digital systems, and provide clear feedback and actionable solutions.
• Work closely with Nuclear Deterrent systems, major subsystems, and components teams to support RMF and digital assurance needs
• Develop cyber and digital systems security technology solutions
• Champion and define cyber security best practices across the laboratories

This position will require the candidate to be based in the CA site. Some travel will be required.

• Requires Master's degree in Cyber Security, Electrical Engineering, Computer Science, Information Assurance or related subject area plus 1 or more years of experience; or equivalent combination of relevant education and experience
• Experience with day-to-day enterprise security operations (e.g., IDS, IR, digital forensic)
• Experience with secure-system design principles, information assurance, risk assessments, and application of security controls (e.g., NIST RMF)
• Experience in red-teaming and penetration testing (e,g., software, firmware, hardware).
• Ability to obtain and maintain a Q level security clearance

• Experience working with a federal cyber security program
• Technical expertise in all areas of cyber security, including networking, authentication, authorization, cryptography, and application security
• Experience with incident coordination, reporting, threat hunting, and analysis
• Experience in developing, designing and conducting vulnerability management of information systems and all related technologies
• Experience in designing and developing tools and procedures to safeguard information
• Experience in digital systems design and in the field of hardware and embedded security
• Expertise in penetration testing from application to hardware
• Experience crafting cyber security plans and/or performing cyber security assessments
• Knowledge and experience of DOE/NNSA cyber security orders and policies; relevant federal and private standards and requirements (e.g., NIST, ISO, CNSS, STIGS); and understanding of the Risk Management Framework as documented in various NIST publications
• Excellent written and verbal communication skills
• Active DOE Q-level security clearance

The Cyber Risk & Enterprise Security department focuses on two primary functions for the laboratories. The department is the home of the Nuclear Deterrent Digital Systems Security team and Sandia National Laboratories California Enterprise Cyber Security team.

The Nuclear Deterrent Digital Systems Security team provides digital-system security expertise and analysis for Nuclear Deterrent (ND) system and component design, verification, and assessment. We partner with ND programs to assure digital specification, verification, and reliability considerations are well informed regarding cyber security issues and risks. Staff serve as local domain experts for SNL/CA ND systems and components organizations. We conduct research and develop digital-security methods and tools for ND applications, with an emphasis on embedded systems. We partner with external cybersecurity experts and internal cyber organizations across the laboratory to remain cognizant of and contribute to cutting edge digital security research.

The Sandia California Enterprise Cyber Security team is responsible for Sandia California's network security operations, the network security architecture, and information & cyber security research. The department performs research in all areas of cyber defense, vulnerability analyses of networks and networked systems, vulnerability scanning, intrusion detection, incident response, computer and network forensics, counterintelligence technical support, and consulting services to other organizations with information security concerns. The team partners with various organizations across the laboratories and external stakeholders to ensure the protection of Sandia's information and assets.

This Limited Term Employee (LTE) position is a temporary position for one year term, which may be renewed at Sandia's discretion up to a maximum of seven years.

Individuals in LTE positions may bid on regular Sandia positions as internal candidates, and in some cases may be converted to regular career positions during their term if warranted by ongoing operational needs, continuing availability of funds, and satisfactory job performance.

Sandia National Laboratories is the nation’s premier science and engineering lab for national security and technology innovation, with teams of specialists focused on cutting-edge work in a broad array of areas. Some of the main reasons we love our jobs:

• Challenging work with amazing impact that contributes to security, peace, and freedom worldwide
• Extraordinary co-workers
• Some of the best tools, equipment, and research facilities in the world
• Career advancement and enrichment opportunities
• Flexible schedules, generous vacations, strong medical and other benefits, competitive 401k, learning opportunities, relocation assistance and amenities aimed at creating a solid work/life balance*

World-changing technologies. Life-changing careers. Learn more about Sandia at: http://www.sandia.gov

• These benefits vary by job classification.

Sandia is required by DOE to conduct a pre-employment drug test and background review that includes checks of personal references, credit, law enforcement records, and employment/education verifications. Applicants for employment need to be able to obtain and maintain a DOE Q-level security clearance, which requires U.S. citizenship. If you hold more than one citizenship (i.e., of the U.S. and another country), your ability to obtain a security clearance may be impacted.

Applicants offered employment with Sandia are subject to a federal background investigation to meet the requirements for access to classified information or matter if the duties of the position require a DOE security clearance. Substance abuse or illegal drug use, falsification of information, criminal activity, serious misconduct or other indicators of untrustworthiness can cause a clearance to be denied or terminated by DOE, resulting in the inability to perform the duties assigned and subsequent termination of employment.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status and any other protected class under state or federal law.