What We Do:
The SEI helps advance software engineering principles and practices and serves as a national resource in software engineering, computer security, and process improvement. The SEI works closely with defense and government organizations, industry, and academia to continually improve software-intensive systems. Our core purpose is to help organizations improve software engineering capabilities and develop or acquire the right software, defect free, within budget and on time, every time.
The CERT Malware Analysis (MA) group is part of the CERT Program in the Software Engineering Institute. This technical area:
- Develops cutting edge approaches for analyzing executable code
- Analyzes, reverse engineers, and finds relationships between malicious code and threat information
- Identifies systemic vulnerabilities in software systems and how attackers adapt their tradecraft to exploit those vulnerabilities
- Builds organic capability in USG operational organizations, and participates in the broader security community
The position of technical manager is responsible for all aspects of developing and executing the MA body of work to include setting the technical direction; managing financials; business development; and personnel issues.
- BS in a scientific or technical field with 10 years experience; MS in a scientific or technical field with 8 years experience; or PhD in a scientifice or technical filed with five (5) years
- You will be subject to a background check and will need to obtain and maintain a Department of Defense security clearance.
- Willingness to travel to various locations to support the SEI’s overall mission. This may include national travel to sponsor sites, conferences, and offsite meetings on occasion (25% travel)
Knowledge, Skills and Abilities:
- Knowledge of: Cyber intelligence tradecraft, internet protocols, operations, and governance, computer network defense detection and mitigation technologies, current challenges and threats faced by USG intelligence, defense, law enforcement, and civilian organizations
- Ability to foster professional growth and develop technical/professional leadership capabilities in technical staff
- Knowledge of Windows, Linux, and Apple operating systems and internals
- Ability to set and implement a strategic direction for a technical group
- Knowledge of all of the following technologies: code analysis tools (e.g., IDA Pro, OllyDbg, WinDBG), run-time environments, virtual machines, relational databases, anti-virus systems, secure systems and network architecture practices, intrusion detection systems and passive DNS'
- Ability to oversee planning and execution of body of work including budgeting, labor planning, and acquisition
- Established and trusted reputation in USG cyber operations community
- Ability to sustain a team with business development activity
- Knowledge of USG organizational policies and missions areas/owners in cyber security
- Experience including some work in operational security or incident response; software development or analysis; and business development activities
- Progressive growth in responsibility managing a team of at least 5 individuals or $3 million with commensurate personnel and financial authority
- Building and developing teams including recruiting, selecting, and developing employees
- Leadership in operational security capability, applied research and development projects, and business development activities
- Prior responsibility in managing projects across organizations and teams
- Participation in public and closed community security forums through activities such as publication, presentation, collaborative security operations, and collaborative research
Job Function Breakdown:
30% Manages group to effectively implement the SEI and task order work plans. Sets goals and objectives and manages operational and functional business activities. Develops, implements and tracks short and long term operational plans (financial, staffing, infrastructure, project)
30% Provides guidance to and monitors the success of team leads in meeting strategic and operational goals. Assesses performance of direct reports and makes salary recommendations for all staff within areas of responsibility. Provides oversight of team leads and their supervisory responsibilities of technical staff and conducting performance reviews. Responsible for recruitment, hiring, development and retention of all technical and support staff.
20% Sets technical direction for MA. Leads planning process and contribute to the development the CERT strategic plan. Ensures regular update of MA plan; reviews feasibility of plan, identifies risks and defines risk mitigation strategy. Articulates vision for internal and external audiences.
10% Identifies opportunities for new technical projects and manages start-up of new, high-priority technical areas of work. Works with Technical Director of Threat Analysis to develop and implement a funding and transition plan for new work areas.
10% Directs organizational effectiveness and staff learning and development plans. Identifies operational success measures and process improvements. Leads corrective action.
TOTAL = 100%
Please visit “Why Carnegie Mellon” to learn more about becoming part of an institution inspiring innovations that change the world.
A listing of employee benefits is available at: www.cmu.edu/jobs/benefits-at-a-glance/.
Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran.