Position Summary: The CERT Division is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Division engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems.
The individual in this position will work as a member of the Enterprise Threat and Vulnerability Management (ETVM) team, which focuses on assisting organizations in improving their insider threat mitigation and incident management practices and developing capabilities for preventing, detecting, deterring, and responding to evolving insider threats. ETVM team members are domain experts in insider threat and incident response, and team capabilities include threat analysis and modeling; development of security metrics and assessment and evaluation methodologies; and creation and delivery of controls, training, courses, and workshops.
The individual in this position will be a part of the Technical Solutions team within ETVM. The Technical Solutions Team is responsible for the creation, development, and management of novel cybersecurity solutions that support customer driven operational and research missions. The Technical Solutions Team interacts with US Government departments and agencies, industry representatives, contractors, academia and others to identify gaps in cybersecurity tools, techniques, and procedures; create prototype capabilities to fill the gaps, and transition the prototype solutions to customers and partner organizations. The team frequently communicates their work to the community by publishing technical reports and white papers, and presenting at conferences, symposia, and other working groups.
Minimum Qualifications and Requirements:
Education/Training: BS in computer science, software engineering, information systems, or a related technical field with eight (8) years of experience or equivalent, or MS in computer science, software engineering, information systems, or a related technical field with five (5) years of experience or equivalent.
- professional experience in software engineering or cyber security.
- experience applying the engineering process to solve complex real-world challenges.
- experience using analytical skills and an ability to interpret established standards and guidelines to solve problems.
- system administration and network administration skills and familiarity with Windows, UNIX, LINUX operating systems.
- software development in at least two of the following languages: C, C++, Java, Perl, and Python.
- knowledge of core Internet protocols (TCP/IP, UDP, ICMP, DNS, FTP, SMTP, HTTP, SNMP, etc.).
- knowledge of modern version control systems and integrated development environments.
- understanding of network design and implementation at LAN and WAN levels.
- broad understanding and application of multi-tiered enterprise client/server architectures, design, implementation and security.
- software / systems development lifecycle, QA, testing, build process, revision control, and change management practices.
- proven ability to innovate, develop, implement, and effectively document complex technical systems and approaches.
- proven ability to integrate multiple technologies, standards and data sources into a consolidated solution.
- knowledge of common cyber attack methodologies; common types of security vulnerabilities; basic computer security forensics.
- strong oral and written communications skills (e.g., technical writing, user guide development, requirements analysis) and ability to interact effectively with technical and non-technical audiences, as well as present in front of small and large groups; participate in external customer and sponsor meetings.
- ability to travel to various locations within the SEI and CMU community, customer sites, and offsite meetings with weekly/monthly frequency to travel on overnight and on-site assignments; ability to work in varied and diverse situations requiring analytical, interpretative, evaluative and constructive thinking;
- manage workload and priorities on multiple scheduled assessments;
- able to function independently or in teams depending on the project;
- work under pressure; deal with stress;
- deal with challenging individuals while maintaining composure;
- ability to exercise tact and discretion when handling highly sensitive and confidential issues;
- maintain confidentiality while working with highly confidential and sensitive matters.
- handle sensitive data according to project and/or USG data handling procedures.
- ability to interpret and communicate information about government regulations and university policies.
- quantitative and qualitative analytical skills.
- ability to trouble shoot problems proactively and to answer questions and handle issues as they arise.
- effective time management skills; and strong problem solving skills.
Environmental Conditions: close contact with computer monitor for extended periods of time.
Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.
Preferred Qualifications and Requirements:
Education/Training: MS in Computer Science with five (5) years applicable experience; Current Associate Certified Information System Security Profession (CISSP), IEEE Professional Software Engineering Master Certification, or similar certification is desired.
- experience with software development and/or system administration in large-scale, distributed computing environments.
- experience developing materials for senior leadership in government or industry.
- experience interfacing with the DOD, US federal civilian government, intelligence community, or law enforcement.
- experience working in a classified environment.
- data mining.
- machine learning.
- text and natural language processing.
- proven skills working in a team environment on collaborative projects in US government, critical infrastructure sectors involving network, system or data security.
Accountability: The individual will be accountable for meeting established deadlines and project milestones. The individual will also be accountable for managing sensitive, and possibly classified, customer information.
Direction: The individual is expected to act in accordance with direct supervision from management and senior staff, as well as follow CMU, SEI, and CERT defined policies, practices, and procedures, and to adhere to any additional sponsor-specified requirements related to the projects involved.
Decisions:The individual must make sound decisions, and demonstrate a commitment to those decisions. The individual must also be able to escalate out-of-scope problems to more experienced team members. The individual must accurately represent the program in interactions with external customers, sponsors, and the public.
Supervisory Responsibilities: The individual may be responsible for managing student interns.
Job Functions or Responsibilities:
60% Develop, deploy, and transition technical solutions for insider threat prevention, detection, and response.
15% Participate in research into cutting-edge strategies for insider threat data collection and analysis techniques.
10% Design and develop training materials for insider threat program practitioners.
10% Contribute to conferences and meetings; participate in marketing calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.
5% Provide assistance and input to other teams and projects within the SEI.
100% TOTAL EFFORT
Organizational Chart: CERT Program, Director < Risk and Resilience Directorate, Technical Director < Enterprise Threat & Vulnerability Management, Technical Manager < Technical Solutions, Technical Team Lead < Associate Cyber Security Engineer.
Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran.