What We Do:
Our team provides technical guidance in the areas of capability and capacity development to Security Operations Centers (SOCs) and incident management teams (Computer Security Incident Response). Our partners include Federal agencies, academic institutions, foreign governments, private industry, and non-profit organizations. We develop and implement strategic and operational procedures for the cybersecurity community and regularly interact with sponsors and partners.
Our team participates in and leads technical efforts by developing and prototyping new methods of evaluating and measuring operational and mission success. We implement and lead training and engagement efforts across various organizational components such as National Incident Response Teams, Product Security Teams, Security Operation Centers, and general incident management programs.
The CERT Security Operations team seeks to develop cutting edge solutions to address critical and emerging challenges encountered by the DoD, DHS, DoS and the International Community. Key to our success is a diverse team of analysts, researchers, and engineers with a passion for understanding the implications of emerging technologies and best practices on US Government defensive missions.
A strong technical leader with a solid background in Security Operations and Incident Management. Responsible for the development and execution of strategic and operational procedures for the cybersecurity community, and research that advances the state of the art and practice of cyber operations and a member of a diverse team working across the following areas:
- Capable of conducting and supporting analytical studies and investigations of risk, threat, and security data.
- Operational knowledge and significant understanding of methods for evaluating mission operations and success.
- Familiarity with machine learning and natural language processing concepts and activities.
- Deep understanding of enterprise technology security issues.
- Broad knowledge of commonly deployed computer network defense tools and processes to include leading vendor solutions..
- Experience with current operational challenges and technical threats faced by network security and intelligence organizations.
- Familiarity with project planning and management standard methodologies.
- BS in computer science or related discipline with eight (8) years of experience; MS is the same fields with five (5) years of experience; PhD in the same fields with two (2) years of experience or equivalent combination of training or experience.
- Willingness to travel to various locations to support the SEI’s overall mission. This includes within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion. Moderate travel (25%)
- You will be subject to a background check and will need to obtain and maintain a Department of Defense security clearance.
Knowledge, Skills and Abilities:
- Demonstrated technical proficiency with contemporary computing hardware, software and network technologies.
- Knowledge of current and effective Incident Response and Security Operations organizational and functional structures and the technical operations performed by these teams.
- Ability to work independently or within a team with members of varying skill sets and levels.
- Ability to brief strategic and technical topics to senior management, technical and non- technical audiences.
- Ability to write / craft clear, understandable documentation that translates complicated technical processes to a target audience (A writing sample may be requested).Team deliverables include technical publications; industry and government conference presentations; course development and delivery; direct customer engagement; and prototype tools and techniques.
- Background in international capacity and community building.
- Familiarity with metrics and measurement and assessment concepts and practices.
- Active in regional or international trade-related organizations such as the Forum of Incident Response and Security Teams (FIRST), North American Network Operators' Group (NANOG), Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), Anti-Phishing Working Group (APWG), etc.
- Participation in broad public forums through activities such as standards, open source development, or publication.
- Licenses: CISSP, CEH, CISM, CompTIA, or similar.
- Experience effectively developing and delivering training to technical and management level audiences on subject matter related to computer incident response team (CSIRT) development, incident response operations, and security operations centers.
- Background in international capacity and community building.
- Experience publishing research and academic papers.
- Experience with big data analytics and data science concepts.
- Experience working with the government, or within a critical infrastructure sector.
- Experience working within or in collaboration with a national Incident Response or Security Operations organization.
Job Function Breakdown:
45% Create framework and methodology documents, both general and specific, intended to facilitate the organizational and technical capacity development of international partners.
25% Create and deliver training and education materials, exercises, and workshops; along with performing assessments or outreach activities such as developing blogs, podcasts or presentations.
20% Support planning, development, and execution of customer led and/or supported development activities, planning discussions, and awareness raising exercises. Through partnership, awareness, and action evaluate the need for, develop blueprints for, and assist with the implementation of national-level Cybersecurity capabilities.
10% Capture knowledge from engagements, integrate it with lessons learned from other similar work, and help transfer that knowledge for the betterment of the global Cybersecurity community.
TOTAL = 100%
Please visit “Why Carnegie Mellon” to learn more about becoming part of an institution inspiring innovations that change the world.
A listing of employee benefits is available at: www.cmu.edu/jobs/benefits-at-a-glance/.
Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran.