Share this Job

HPC Cyber Security Engineer

Date: Jul 31, 2022

Location: Oak Ridge, TN, US, 37830

Company: Oak Ridge National Laboratory

Requisition Id 8188 

Purpose:

The National Center for Computational Sciences (NCCS) at Oak Ridge National Laboratory (ORNL) operates the fastest High Performance Computers (HPC) in the world. We are seeking self-styled ‘hackers’ to play a key role in improving the security, performance, and reliability of the NCCS computing infrastructure. Our efforts support a highly-skilled user base consisting of the best-of-the-best science teams around the world. NCCS enables these teams to perform science that is just not possible anywhere else. In return, and instead of charging for compute and data allocations, we ask these scientists to publish their work in open literature. If you are excited about applying DevSecOps best practices to HPCs, come help us guarantee the integrity of open science publications that utilize NCCS supercomputing resources.

 

The Team:

The HPC Cybersecurity Engineering team is one half of the NCCS Security and Information Engineering Group. It is tasked with architecting, developing, deploying, and maintaining all facets of the Supercomputing-specific technical security program (which is an enclave of the broader ORNL network).  We enjoy blurring lines between security disciplines and try to share incident response, blue team engineering, red team vulnerability research, policy architecture, and DevSecOps responsibilities to keep ourselves sharp and continuously learning. We work hand-in-hand with other teams to help them secure their systems and act as liasons between ORNL’s broader risk management framework.  We are exclusively a Linux shop without enterprise phishing and mobile device security headaches; instead our engineering focuses on securely enabling arbitrary code execution and massive internal and external data transfers related to the science being performed.

 

About You:

You deploy infrastructure and/or security controls as code because automation lets you focus on the more difficult and rewarding problems.  You love working with others because the ‘best solutions’ to a problem are a product of collaboration.  You may have a GitHub account with cool projects.  You may have more than a couple of our Preferred Qualifications and probably do not have any prior HPC experience. You may have technical leadership experience and/or want to grow into this role. You may or may not think Hackers is an incredible movie.

 

Job Duties and Responsibilities:

  • Developing and maintaining security applications deployed with container orchestration tools.
  • Automating policy assessments to verify cyber security and operational policy.
  • Analyzing, triaging, and responding to application, system, and network events.
  • Installing, maintaining, and monitoring common security systems such as (N/H)IDS and SIEM.
  • Interpreting cyber security policy.
  • Responding to system vulnerabilities and coordinating system patches and updates.
  • Performing approved penetration testing and verification.
  • Documenting cyber security procedures.
  • Participating in a 24-hour, 7-day on-call incident response rotation.

 

Basic Qualifications:

  •  Bachelor's Degree in Computer Science or related field.
  • Minimum of 5 years of relevant experience. Equivalent combination of education and experience will be considered

 

Preferred Qualifications:

  • Master’s Degree in Computer Science or related field and 7+ years of relevant experience.
  • Strong understanding of cyber security concepts, best practices, and tools.
  • Experience deploying and maintaining systems in UNIX/Linux environments. 
  • Solid understanding of networked computing environment concepts.
  •  A DevSecOps mindset, including version control and scripting/programming experience 
  • Ability to communicate effectively and work well in a team environment.
  •  Natural ability to understand and use new and emerging technologies
  •  Experience with security tools such as IDS/IPS, Vulnerability Scanning, SIEM
  • Experience in a high-performance computing environment
  • Experience with incident response and engaging in forensics
  • Experience with automated configuration management tools such as Puppet or Ansible.
  • Experience in network, application, and/or security architecture and design.
  • Familiarity with common protocols such as: DNS, DHCP, LDAP, SNMP, SMTP, HTTP, SSL.

 

Special Requirement:

This position requires the ability to obtain and maintain a clearance from the Department of Energy. As such, this position is a Workplace Substance Abuse (WSAP) testing designated position. WSAP positions require passing a pre-placement drug test and participation in an ongoing random drug testing program.

 

Relocation:  

Moving can be overwhelming and expensive. UT-Battelle offers a generous relocation package to ease the transition process. Domestic and international relocation assistance is available for certain positions. If invited to interview, be sure to ask your Recruiter (Talent Acquisition Partner) for details.
 
For more information about our benefits, working here, and living here, visit the “About” tab at jobs.ornl.gov.

 

#LI-KC1

#LI-HYBRID

 

This position will remain open for a minimum of 5 days after which it will close when a qualified candidate is identified and/or hired.

We accept Word (.doc, .docx), Adobe (unsecured .pdf), Rich Text Format (.rtf), and HTML (.htm, .html) up to 5MB in size. Resumes from third party vendors will not be accepted; these resumes will be deleted and the candidates submitted will not be considered for employment.


If you have trouble applying for a position, please email ORNLRecruiting@ornl.gov.


ORNL is an equal opportunity employer. All qualified applicants, including individuals with disabilities and protected veterans, are encouraged to apply.  UT-Battelle is an E-Verify employer.


Nearest Major Market: Knoxville