Berkeley Lab’s (LBNL, https://www.lbl.gov/) Energy Sciences Network (ESnet, http://www.es.net/) Division is a scientific network that interconnects the DOE national laboratory system; is widely-regarded as a global innovator in network architectures, tools, and applications; and is currently the fastest scientific network in the world. This is a full time position on the ESnet security team, which is responsible for protecting ESnet assets, responding to computer security incidents, and advancing information security tools and architectures within the global R&E community in support of scientific inquiry.
We have an immediate opening for a Security Engineer (Computer Systems Engineer) to provide information security services and support to ESnet, primarily acting in a threat hunting and analyst role.
What You Will Do:
Serve as a core member of ESnet’s Security Group performing various potential security duties, such as, supporting/improving existing security services, resolving alerts, investigating incidents, reviewing security logs, developing simple tools or detections, etc.
Uncover potential computer and network vulnerabilities, reducing the risk incurred by vulnerabilities, automating workflow processes supporting ESnet’s security architecture.
Integrate knowledge of network protocols, services, threats, vulnerabilities, mitigation strategies, hardware capabilities, and other information to build a security environment that reduces and mitigates risk while allowing ESnet’s open science mission to succeed.
Represent the security team and work with other teams to understand potential risks and advise on more secure solutions.
Participate in long term projects supporting important deliverables.
Ability to participate in an ‘on call’ rotation.
What is Required:
Bachelor’s degree in computer science or related field with at least 4 years of experience in hands-on technical work in an operational setting; and/or an equivalent combination of experience and education.
An understanding of security principles with a demonstrated ability to think from a risk perspective and with some depth in threat hunting and log analysis.
Strong oral and written communication skills and a demonstrated history of working with other teams on common goals.
Demonstrated ability to work with minimal prescriptive direction, able to determine what is needed to fulfill high level outcomes.
Patience and persistence in service of improving the status quo towards our long term security vision.
Able to work on multiple tasks and respond to rapidly changing priorities.
Experience with Intrusion Detection Systems (IDS) and signature development.
Hands on network/packet level examination using tools such as tcpdump or wireshark.
Strong understanding of complex TCP/IP networks.
Solid understanding of Linux operating systems.
Background with a SIEM application or text manipulation tools such as awk and sed.
Familiarity with R&E or with non-classified government work.
Experience working within security trust groups sharing IOCs.
Ability and demonstrated history of leading incident investigations or response.
Experience working in a distributed environment and working remotely for those located outside Berkeley, CA or Champaign, IL.
This is a full time, 2 years, term appointment with the possibility of extension or conversion to Career appointment based upon satisfactory job performance, continuing availability of funds and ongoing operational needs.
This position will be hired at a level commensurate with the business needs and the skills, knowledge, and abilities of the successful candidate.
This position may be subject to a background check. Any convictions will be evaluated to determine if they directly relate to the responsibilities and requirements of the position. Having a conviction history will not automatically disqualify an applicant from being considered for employment.
Work may be performed on-site, hybrid, full-time telework or remote modes. Work must be performed within the United States.
Based on University of California Policy - SARS-CoV-2 (COVID-19) Vaccination Program and U.S Federal Government requirements, Berkeley Lab requires that all members of our community obtain the COVID-19 vaccine as soon as they are eligible. As a condition of employment at Berkeley Lab, all Covered Individuals must Participate in the COVID-19 Vaccination Program by providing proof of Full Vaccination or submitting a request for Exception or Deferral. Visit covid.lbl.gov (https://covid.lbl.gov/) for more information.
Berkeley Lab is committed to Inclusion, Diversity, Equity and Accountability (IDEA, https://diversity.lbl.gov/ideaberkeleylab/) and strives to continue building community with these shared values and commitments. Berkeley Lab is an Equal Opportunity and Affirmative Action Employer. We heartily welcome applications from women, minorities, veterans, and all who would contribute to the Lab’s mission of leading scientific discovery, inclusion, and professionalism. In support of our diverse global community, all qualified applicants will be considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or protected veteran status.