Cyber Security Engineer

Company Description

Join us and make YOUR mark on the World!

Lawrence Livermore National Laboratory (LLNL) has turned bold ideas into world-changing impact advancing science and technology to strengthen U.S. security and promote global stability.

Our mission spans four critical national security areas nuclear deterrence, threat preparedness, energy security, and multi-domain defense empowering teams to take on the toughest challenges of today and tomorrow. With a culture built on innovation and operational excellence, LLNL is a place where your expertise can make a real impact.

We have an opening for a Cybersecurity Engineer to independently and collaboratively perform a wide range of activities associated with supporting the Cyber Security Operations Center (CSOC) Incident Response team. This position is within the Information Technology Solutions Division (ITSD) of the Computing Directorate and matrixed to the Cyber Security Program (CSP), in support of the Livermore Information Technology (LivIT) Program.

This position offers a hybrid schedule, blending in-person and virtual presence. You will have the flexibility to work from home one or more days per week.

This position will be filled at either level based on knowledge and related experience as assessed by the hiring team. Additional job responsibilities (outlined below) will be assigned if hired at the higher level.

• Protect enterprise systems and information by promptly responding to security threats and incidents, acting individually and as part of a team.
• Proactively hunt for cyber threats and enact identification, containment and eradication measures while supporting recovery efforts.
• Perform analysis on LLNL intrusion detection systems.
• Provide security monitoring and incident response support including troubleshooting and resolution of issues.
• Create and manage processes, systems, and tools exercising a high degree of responsibility.
• Serve as an incident response technical point of contact and interact with internal and external personnel.
• Perform technical assessments, document actions, findings, and make remediation recommendations.
• Promote and support plans to promote diversity, equity and inclusion within the program.
• Perform other duties as assigned.

• Manage multiple complex parallel tasks and priorities of customers and stakeholders, ensuring deadlines are met, while leveraging team member skills.
• Develop advanced methods, tools, and procedures to improve incident response capabilities and automate various complex tasks.
• Mentor and provide technical guidance to team members in incident response best practices and procedures.

• Ability to secure and maintain a U.S. DOE Q-level security clearance which requires U.S. citizenship.
• Bachelor’s degree in Computer Science, Computer Engineering or related field, or the equivalent combination of education and related experience.
• Broad experience with SIEM, log aggregation, packet analysis, or other cybersecurity tools.
• Experience conducting host forensics, network forensics, log analysis, or malware analysis in support of incident response investigations.
• Proficient written and verbal communication, strong interpersonal skills, ability to collaborate in a multi-disciplinary team environment and to interact with all levels of management and staff.
• Ability to effectively manage concurrent technical tasks with conflicting priorities, to approach difficult problems with enthusiasm and creativity and to change focus when necessary, with experience working independently.
• Ability to work off-hours and on-call to respond to incidents (intermittently, either as-needed or as part of a rotation).

• Significant knowledge of SIEM solutions, threat hunting, incident response, or incident management.
• Significant experience with log analysis, event correlation, or incident management procedures.
• Advanced ability to provide innovative approaches and apply new technologies to tasks and projects that may not be well defined.

• Master’s degree in Computer Science, Computer…