Cybersecurity Engineering I​/II

Cybersecurity Engineer I/II

Location:

CO – Golden. Position Type:
Regular. Hours per week: 40. Join the National Laboratory of the Rockies (NLR) to contribute to advanced energy systems research and development.

Ensure information security is integrated into and maintained for systems deployed by the Advanced Computing Operation Group. Build and maintain relationships with project teams, communicate complex security concepts clearly, and proactively enforce security best practices across diverse platforms.

Implement and harden security controls across AWS, HPC, Open Stack, and purpose‑built environments. Script and automate security tasks using Bash and Python. Monitor vulnerabilities and coordinate remediation with engineering teams. Analyze logs with SIEM tools and produce reportable insights. Implement new capabilities required by the Department of Energy to enhance cybersecurity on ACO‑managed systems.

• Level
  
  I:
  Relevant Bachelor’s degree or equivalent education/experience; basic knowledge of IT security practices, security tools, networking fundamentals, encryption, and access control; basic programming with Bash/Python; good analytical and communication skills.
• Level
  
  II:
  Relevant Bachelor’s degree + 2 or more years of experience or Master’s degree; advanced knowledge of cybersecurity standards, principles and techniques; skilled analytical, communication, and intermediate programming abilities; project management and leadership skills.

• UNIX/Linux administration and troubleshooting.
• Script and automate with Bash and Python.
• Basic familiarity with IDS/IPS, firewalls, and vulnerability scanners.
• Basic networking fundamentals (TCP/IP, DNS, common protocols).
• Basic encryption/cryptography (SSL/TLS, key management).
• Basic access control and identity management.
• Security tools such as SIEM/log analysis (e.g., Splunk, Elastic, Logstash) and NIST SP800‑53/FIPS
  199 compliance.
• Incident‑response fundamentals.

• Experience implementing security controls across heterogeneous platforms (HPC, on‑prem/virtualized, applications).
• Incident‑response experience (investigation, containment, recovery, post‑incident review).
• SIEM/log analysis experience.
• Knowledge of NIST SP800‑53 and FIPS
  199 and related compliance.

• Medical, dental, and vision insurance.
• Short‑term and long‑term disability insurance.
• Pension benefits.
• 403(b) employee savings plan with employer match.
• Life and accidental death and dismemberment insurance.
• Personal time off (PTO) and sick leave.
• Paid holidays.
• Tuition reimbursement.

All qualified applicants will receive consideration for employment without regard to age, color, disability, gender identity, genetic information, marital status, domestic partner status, military or veteran status, national origin/ancestry, race, religion, creed, sex (including pregnancy, childbirth, breastfeeding), sexual orientation, or any other applicable protected status under federal, state, or local laws.

Applicants must be able to obtain and maintain a DOE Q Security Clearance and a federal Personal Identity Verification (PIV) card as required by HSPD‑12. NLR is a DOE contractor with access restrictions. All employees must comply with the federal Drug‑Free Workplace Act.