About Sandia:

　　Sandia National Laboratories is the nation's premier science and engineering lab for national security and technology innovation, with teams of specialists focused on cutting-edge work in a broad array of areas. Some of the main reasons we love our jobs:

　　Challenging work with amazing impact that contributes to security, peace, and freedom worldwideExtraordinary co-workersSome of the best tools, equipment, and research facilities in the worldCareer advancement and enrichment opportunitiesFlexible work arrangements for many positions include 9/80 (work 80 hours every two weeks, with every other Friday off) and 4/10 (work 4 ten-hour days each week) compressed workweeks, part-time work, and telecommuting (a mix of onsite work and working from home)Generous vacations, strong medical and other benefits, competitive 401k, learning opportunities, relocation assistance and amenities aimed at creating a solid work/life balance

　　World-changing technologies. Life-changing careers. Learn more about Sandia at: http://www.sandia.gov

　　These benefits vary by job classification.

　　What Your Job Will Be Like:

　　We are seeking a cybersecurity professional to join Sandia's unique multidisciplinary team committed to solving the information security challenges facing our nation. As part of our team, selected candidates will engage in work across the technology spectrum including embedded, mobile, enterprise, and cloud systems, specifically supporting the defense of operational technology (OT).

　　On any given day, you may be called on to participate in the following research areas:

　　Cyber threat intelligenceNetwork operation, information protection, and resiliencyCloud security, detections, monitoring, and forensicsCyber vulnerability management, triage, and analysisNetwork operation, information protection, and resiliencyAuthentication and authorizationHardware/software trust and assuranceVirtualization (system and network) and cloud technologiesMobile devices and smart technologiesSupervisory control and data acquisition (SCADA) and industrial control systems (ICS)Intrusion prevention/detection and response, penetration testing, and forensicsDeep vulnerability and malware analysis, including reverse engineering

　　The selected applicant can be a remote worker located in any U.S. State or District of Columbia. Regular or periodic travel to your assigned work location may be required.

　　Salary Range:

　　$101,400 - $201,400

　　*Salary range is estimated, and actual salary will be determined after consideration of the selected candidate's experience and qualifications, and application of any approved geographic salary differential.

　　Qualifications We Require:

　　Bachelor's degree in Computer Science/Engineering, Cybersecurity, Intelligence, or related field plus 5 years of experience; or equivalent (AS + 9 years or no degree + 13 years)Experience with threat intelligence collection, prioritization, aggregation, enrichment, and analysisExperience with threat analysis models:Cyber Kill ChainMITRE ATT&CK for Industrial Control SystemsDiamond ModelsExperience assessing, identifying, and mitigating OT/ICS threat landscape vulnerabilitiesAbility to obtain and maintain a DOE Q clearance

　　Qualifications We Desire:

　　Degree(s) in Computer Science/Engineering, Electrical Engineering, Computer Information Systems, Computer Forensics, Threat Intelligence, or CybersecurityKnowledge of OT threat actors and their tactics, techniques, and proceduresUnderstanding of vulnerability pathways that are leveraged to gain footholds in or exploit an environmentAbility to map vulnerability exploitability to active adversary's tactics, techniques, and procedures, and to forecast vulnerability severity/priority to existing cyber defenses and countermeasuresExperience gathering, maintaining, and distributing priority actionable cyber information to cyber partners and system owners related to pertinent cyber activity, vulnerabilities, and potentialitiesExperience conducting research resulting in creative technical solutionsStrong oral and written communication skills, ability to explain complex ideas clearly and concisely using wording familiar to the audienceExperience auditing code in C/C++, Java, Python, assembly, or other languagesComprehensive working knowledge of one or more of the following: IEC 62443/ISA 99, ISO 27001, NIST SP 800-82, CPNI Process Control and SCADA Security Good Practice GuideExperience deploying or supporting security practices and technologies such as risk or vulnerability assessments, antivirus software, firewalls, intrusion detection systems, centralized alert logging and monitoring in ICS environmentsFamiliarity with secure-system design principles and information assurance principlesAbility to conduct independent technical R&D and strong analytical skillsAbility to work in a highly collaborative teamDisciplined time management and ability to work on multiple R&D projectsWell-developed leadership skills with the ability to prioritize and execute in a disciplined and focused mannerAbility to build trusting, long lasting relationships with partners, customers, and internal stakeholdersActive DOE Q security clearance

　　About Our Team:

　　The Cyber Enterprise Security department is responsible for computer and cyber security research and operations. Research is conducted in all areas of cyber defense, vulnerability assessment, intrusion detection, forensics, malware analysis, and reverse engineering. The results of the research are applied to the protection of Sandia's information and cyber environment. The department partners with various functions across the labs and NSE complex to creatively design, implement, and evolve the capabilities necessary to protect Sandia's information and assets. The department focuses on the following:- Analyzing network communications to discover unauthorized cyber penetrations, conduct forensics analysis, reverse engineering and analyzing potential threats to information systems- Developing analysis methods and tools which process data to extract meaningful information and to hypothesize future outcomes- Developing, designing and conducting vulnerability management of information systems and all related technologies- Designing and developing tools and procedures to safeguard information- Participation and leadership of cross-site teams assembled for the purpose of discovering and sharing new knowledge regarding rapidly advancing cyber threats.

　　Posting Duration:

　　This posting will be open for application submissions for a minimum of seven (7) calendar days, including the 'posting date'. Sandia reserves the right to extend the posting date at any time.

　　Security Clearance:

　　Sandia is required by DOE to conduct a pre-employment drug test and background review that includes checks of personal references, credit, law enforcement records, and employment/education verifications. Applicants for employment need to be able to obtain and maintain a DOE Q-level security clearance, which requires U.S. citizenship. If you hold more than one citizenship (i.e., of the U.S. and another country), your ability to obtain a security clearance may be impacted.

　　Applicants offered employment with Sandia are subject to a federal background investigation to meet the requirements for access to classified information or matter if the duties of the position require a DOE security clearance. Substance abuse or illegal drug use, falsification of information, criminal activity, serious misconduct or other indicators of untrustworthiness can cause a clearance to be denied or terminated by DOE, resulting in the inability to perform the duties assigned and subsequent termination of employment.

　　EEO:

　　All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status and any other protected class under state or federal law.

　　NNSA Requirements for MedPEDs:

　　If you have a Medical Portable Electronic Device (MedPED), such as a pacemaker, defibrillator, drug-releasing pump, hearing aids, or diagnostic equipment and other equipment for measuring, monitoring, and recording body functions such as heartbeat and brain waves, if employed by Sandia National Laboratories you may be required to comply with NNSA security requirements for MedPEDs.

　　If you have a MedPED and you are selected for an on-site interview at Sandia National Laboratories, there may be additional steps necessary to ensure compliance with NNSA security requirements prior to the interview date.

　　Job ID: 692416