Share this Job

Junior Cyber Security Engineer

Date: Sep 9, 2021

Location: Oak Ridge, TN, US, 37830-8050

Company: Oak Ridge National Laboratory

Requisition Id 6529 

The Information Technology Services at the Oak Ridge National Laboratory is seeking qualified applicants for a Junior Cyber Security Engineer position to sit in the Cyber Security Operations and Engineering group.


This position will support all aspects of cyber security operations and engineering to include technical advice, design, and implementation of innovative projects. You will also work collaboratively with Cyber Security Operations Center, Cyber Policy and Risk Management, Security Plans and Exercises, Networking, Platform Services, and Cyber Security Research teams in order to improve our cyber security posture.


Major Duties/Responsibilities:


  • Provide support for cyber capabilities enhancement, collaborating with operations and research
  • Develop and modify tools to analyze data and generate visualizations in support of Leadership   Dashboard of R&D Cyber Security Posture
  • Collaborate with cyber security, network, data center operations, security operations center, cyber security research, and other staff to ensure appropriate configuration and implementation of security tools, both existing and emergent
  • Standardize, document, maintain, and automate processes for monitoring, analyzing, and responding to events
  • Integrate with cyber security research groups to develop new capabilities and leverage expertise in analysis of large data sets
  • Create tactical, ad hoc scripts to supplement existing tool base as needed
  • Work with network security monitoring tools such as Suricata, Zeek, Wireshark, tcpdump, NSM, and must have familiarity with the techniques required to properly analyze and respond to information security events
  • Extract and correlate large data sets (Elastic Stack). Must have experience with technologies such as Elastic, Kafka, NiFi, Logstash, syslog, and Netscaler


Qualifications Required:


  • Bachelor’s degree with a concentration in computer science, cyber, networking, or information technology, with 2-4 years’ experience, though a combination of education and experience may be considered for exceptional candidates
  • Experience with automation tools or scripting (such as Ansible, Puppet, CFEngine)
  • Working knowledge of Azure / AWS or similar technologies
  • Experience with tool integration via API
  • Experience with Hadoop, Accumulo, Elastic Stack, Spark, and/or related technologies
  • Working knowledge of information technology and cyber security topics, including network flow, log analysis, cyber security visualization, and programming
  • Should have scripting and configuration language familiarity such as bash, json, markup (yaml) and be familiar with git version control
  • Intermediate to advanced Linux skills with a focus in cyber security, as well as familiarity with containerization technologies such as Docker
  • Knowledge of end-to-end flow and lifecycle of a log from creation to consumption, which requires understanding of networking concepts and skills such as ports, protocols, listeners, perimeter traversal, packet analysis, etc
  • Should have in-depth understanding of threat hunting (taking the tools, logs, data, and attack frameworks and creating actionable hypothesis to investigate)
  • Strong understanding of Operating Systems Architecture
  • Strong understanding of Networking Fundamentals
  • Strong interpersonal and communication skills


Qualifications Preferred:  

Industry certifications such as CompTIA (A+, Net+, or Sec)+, CEH, Linux, or GIAC (SANS) certifications. A current Top Secret or DOE Q clearance.


This position requires the ability to obtain and maintain a clearance from the Department of Energy, which requires US Citizenship. As such, this position is a Workplace Substance Abuse (WSAP) testing designated position. WSAP positions require passing a pre-placement drug test and participation in an ongoing random drug testing program.


This position will remain open for a minimum of 5 days after which it will close when a qualified candidate is identified and/or hired.

We accept Word (.doc, .docx), Adobe (unsecured .pdf), Rich Text Format (.rtf), and HTML (.htm, .html) up to 5MB in size. Resumes from third party vendors will not be accepted; these resumes will be deleted and the candidates submitted will not be considered for employment.

If you have trouble applying for a position, please email

ORNL is an equal opportunity employer. All qualified applicants, including individuals with disabilities and protected veterans, are encouraged to apply.  UT-Battelle is an E-Verify employer.