What We Do:
The SEI helps advance software engineering principles and practices and serves as a national resource in software engineering, computer security, and process improvement. The SEI works closely with defense and government organizations, industry, and academia to continually improve software-intensive systems. Our core purpose is to help organizations improve software engineering capabilities and develop or acquire the right software, defect free, within budget and on time, every time.
As part of the Cyber Risk and Resilience Directorate, you will be part of a team of engineers aimed at applying the latest tools, techniques and methods to resilience challenges. The Cybersecurity Engineer will support the operational capabilities and continued evolution of the Cybersecurity Assurance Team. The CA team develops solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow organizations to assess, analyze, and manage organizational, operational, and technical risks to mission-critical assets, processes, systems, and infrastructures. We support external customers and internal SEI partners enabling growth of knowledge and hands-on skills. This will require establishing strong customer relationships and ongoing research to identify new requirements/opportunities. The goal of the team is to promote innovation and collaboration across customer programs and within SEI.
- BS in computer science, software engineering, computer engineering, or a related field of study with ten (10) years of experience or MS in equivalent fields with eight (8) years of applicable experience or PhD in equivalent fields with five (5)
- Willingness to travel to various locations to support the SEI’s overall mission. This includes within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion. Moderate travel (25%)
- You will be subject to a background check and will need to obtain and maintain a Department of Defense security clearance.
Knowledge, Skills and Abilities:
- Knowledge in the evaluation of cybersecurity controls and practices.
- Experience with the evaluation of network architectures and defenses.
- Knowledge of critical infrastructure protection concepts and standards.
- Ability to work meticulously with careful attention to detail;
- Ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities;
- Ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.
- Knowledge of supply chain risk management concepts and tools.
- Ability to communicate with a range of audiences ranging from junior technical individual contributors to senior customer points of contacts.
- Knowledge of information sharing practices and models.
- Ability to grasp the big picture, direction, and goals of an effort; ability to quickly learn new procedures, techniques, approaches, etc.
- Knowledge of capability maturity model concepts.
- Experience in an operational environment gaining an understanding of service related processes and technologies.
- Knowledge of standards of practice (e.g., NIST CSF, ISO 27000x, etc).
- Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Certified Information Systems Auditor (CISA) or equivalent experience.
- Promotes innovation and problem solving.
- Hands-on experience with the operational responsibilities for systems, network, or security infrastructure.
- Comfortable building relationships with external vendors and business partners.
- In-depth knowledge of network defense concepts and architectures.
Job Function Breakdown:
60% Project Support: Planning and executing on project tasks.
20% Relationship Management: Engaging with project sponsors and maintaining communications regarding requirements and status.
5% Strategy: Participate in discussions of the strategic direction of the CA team.
5% Business Development: Work to develop new engagements in related areas and expand existing relationships.
5% Professional Development: Staying current on topics important to the team.
5% Other: Other duties as assigned.
TOTAL = 100%
Please visit “Why Carnegie Mellon” to learn more about becoming part of an institution inspiring innovations that change the world.
A listing of employee benefits is available at: www.cmu.edu/jobs/benefits-at-a-glance/.
Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran.