Cyber Automation Engineer (Hybrid Eligible)

Requisition Id 15547 

Overview:

We’re hiring a Cyber Automation Engineer to support automation capabilities, integrations, and infrastructure for the Cybersecurity Division. The Cyber Automations Engineer in the Cybersecurity Division’s Cyber Enhancements Group is responsible for implementing, operating, and maintaining cybersecurity platforms, automation workflows, and integrations that improve efficiency and security posture while ensuring compliance with federal and industry standards and regulations.

In this role, the engineer will contribute to the development and deployment of automation solutions, manage the Cybersecurity Division’s SOAR (Security Orchestration, Automation, and Response) platform, assist with the integration of cybersecurity platforms and tools, and support accurate records of cybersecurity activities, task tracking, and reporting in support of program enhancement.

This position resides in the Cyber Enhancements Group in the Cybersecurity Division, in the Information Technology Services Directorate at Oak Ridge National Laboratory (ORNL).

Major Duties/Responsibilities:

• Operate and manage the Cybersecurity Division’s SOAR platform, including configuration, maintenance, and onboarding of new automation workflows.
• Manage the Cybersecurity Division’s Ansible Automations Platform, including configuration, maintenance, and onboarding of new automation workflows.
• Develop and maintain automation workflows across SOAR platforms and integrated cyber tooling.
• Build and support integrations with REST APIs for vendor, in-house, and open-source tools.
• Contribute to infrastructure-as-code projects using tools such as Ansible and Git for secure and repeatable automation deployments.
• Collaborate with staff from other groups, divisions, and directorates to integrate automation into security operations with a focus on Elastic for visibility and data capture.
• Support development of dashboards, documentation of results, and preparation of technical reports for leadership.
• Provide technical support in cybersecurity automation, data analysis, and visualization.
• Deliver ORNL’s mission by aligning behaviors, priorities, and interactions with our core values of Impact, Integrity, Teamwork, Safety, and Service. Promote equal opportunity by fostering a respectful workplace – in how we treat one another, work together, and measure success.

Basic Qualifications:

• A BS degree in computer science, computer engineering, information technology, information systems, science, engineering, business, or a related discipline and a minimum of two (2) to four (4) years of relevant and aligned professional experience, or a MS degree degree in computer science, computer engineering, information technology, information systems, science, engineering, business, or a related discipline and a minimum of one (1) to three (3) years of relevant and aligned experience.
• Minimum of two (2) years of experience in cybersecurity, IT automation, or related technical fields.
• Experience configuring and maintaining SOAR platforms (Tines, XSOAR, Swimlane).
• Proficiency with infrastructure automation tools (Ansible Automations Platform).
• Use of Elastic Stack for data ingest, correlation, and visualization.
• Application of IT and cybersecurity concepts (network flow, log analysis, data visualization, scripting).
• Expertise with network security monitoring tools (Snort, Suricata, Zeek, Wireshark, tcpdump).
• Skill in extracting and correlating large data sets using Elastic Stack.
• Strong analytical skills for evaluating data sources and communicating findings.
• Ability to create ad hoc scripts (Python, PowerShell, Bash).
• Familiarity with reading and interpreting computer-generated logs (Kafka, IDS logs, virus logs).
• Capability to work in a fast-paced, enterprise environment.
• Proven ability to collaborate effectively in team settings.
• Excellent interpersonal, verbal, written, and presentation skills.

Preferred Qualifications:

• Active DOE Q, active DOD Top Secret, or active DOD TS/SCI clearance is heavily preferred for consideration.
• Master's degree in cybersecurity, computer science, computer engineering, information technology, information systems, business, or a related discipline.
• Security industry certifications such as GCIA, GCIH, Security+, or equivalent.
• Strong understanding of Linux, Unix, Mac, and Windows operating systems.
• Familiarity with integrating SOAR and SIEM platforms in enterprise environments.
• Advanced experience designing, scaling, and maintaining infrastructure automation workflows using Ansible Automations Platform or similar tools.
• Experience building dashboards and visualizations in Elastic Stack or similar technologies.
• Ability to communicate clearly with both technical and non-technical audiences.
• Demonstrated ability to quickly learn and apply new technologies and applications.
• Technical skills comparable to those of a system administrator, developer, or security engineer.
• Experience working in DOE facilities, other government entities, or large-scale enterprise

Special Requirements:

• Visa sponsorship: Visa sponsorship is not available for this position.
• Q Clearance: This position requires the ability to obtain and maintain clearance from the Department of Energy. As such, this position is a Workplace Substance Abuse (WSAP) testing designated position. WSAP positions require passing a pre-placement drug test and participation in an ongoing random drug testing program.

Hybrid Eligibility:

This position is in Oak Ridge, Tennessee and requires onsite presence. We offer a flexible work environment that supports both the organization and our employees. A hybrid/onsite working arrangement may be available with this position, which provides flexibility to work periodically from your home, while reporting onsite to the Oak Ridge, Tennessee location on a weekly and regular basis.

About ORNL:

As a U.S. Department of Energy (DOE) Office of Science national laboratory, ORNL has an impressive 80-year legacy of addressing the nation’s most pressing challenges. Our team is made up of over 7,000 dedicated and innovative individuals! Our goal is to create an environment where a variety of perspectives and backgrounds are valued, ensuring ORNL is known as a top choice for employment. These principles are essential for supporting our broader mission to drive scientific breakthroughs and translate them into solutions for energy, environmental, and security challenges facing the nation.

ORNL offers competitive pay and benefits programs to attract and retain individuals who demonstrate exceptional work behaviors. The laboratory provides a range of employee benefits, including medical and retirement plans and flexible work hours, to support the well-being of you and your family.

Employee amenities such as on-site fitness, banking, and cafeteria facilities are also available for added convenience.

Other benefits include the following: Prescription Drug Plan, Dental Plan, Vision Plan, 401(k) Retirement Plan, Contributory Pension Plan, Life Insurance, Disability Benefits, Generous Vacation and Holidays, Parental Leave, Legal Insurance with Identity Theft Protection, Employee Assistance Plan, Flexible Spending Accounts, Health Savings Accounts, Wellness Programs, Educational Assistance, Relocation Assistance, and Employee Discounts.

If you have difficulty using the online application system or need an accommodation to apply due to a disability, please email: ORNLRecruiting@ornl.gov.

#LI-CS1

This position will remain open for a minimum of 5 days after which it will close when a qualified candidate is identified and/or hired.

We accept Word (.doc, .docx), Adobe (unsecured .pdf), Rich Text Format (.rtf), and HTML (.htm, .html) up to 5MB in size. Resumes from third party vendors will not be accepted; these resumes will be deleted and the candidates submitted will not be considered for employment.

If you have trouble applying for a position, please email ORNLRecruiting@ornl.gov.

ORNL is an equal opportunity employer. All qualified applicants, including individuals with disabilities and protected veterans, are encouraged to apply.  UT-Battelle is an E-Verify employer.