Position Summary: The CERT Program is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania and Arlington, Virginia. The CERT Program engages in cutting-edge research and development to improve the state of cybersecurity. As a Senior Information Security Engineer, you have a background in cybersecurity policy and governance.
You are self-directed, have a track record of creating interdisciplinary approaches to problem solving, and demonstrate exceptionally strong presentation and writing skills. You are able to interact with clients and staff of all levels in a highly professional and competent manner. You enjoy the flexibility of an organization that values hard work but appreciates work-life balance and professional development. In your role, you will
- shape National and organizational policy
- analyze and measure effectiveness of policy and governance
- develop roadmaps for improvement of cybersecurity capabilities
- participate in standards making bodies
- assist in implementation of policy and governance
- participate in applied research
Minimum Qualifications and Requirements:
Education/Training: BS or BA in relevant field with ten (10) years of experience; MS in relevant field with eight (8) years of experience
Experience: Eight (8) to ten (10) years of experience in information security policy, governance, or leadership. Other potential career backgrounds include: audit, IT security, compliance, or similar technical occupation.
Experience with and substantial knowledge of;
- cybersecurity concepts and technical implementations
- cybersecurity standards, policies, and frameworks
- strategic planning
- metrics and measurements methodologies
Travel: Up to 25% travel to various customer locations
Physical Mobility: Primarily sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites
Environmental Conditions: normal office conditions; however close contact with CRT for prolonged periods
- ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities
- ability to collaborate diplomatically and successfully with customers, co-workers and other professional colleagues, managers, and staff.
Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.
Job Functions or Responsibilities:
70% Participate in customer engagement to develop, analyze, and implement cybersecurity policy.
20% Participate in research into innovative and cutting-edge tools, techniques, and methods to improve cyber security, policy/governance, and resilience; transition research into applied knowledge for customers.
5% Contribute to conferences and meetings; participate in marketing calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.
5% Engage in professional development activities.
100% TOTAL EFFORT
Organizational Chart: Director CERT Program < Technical Director, Cybersecurity Risk and Resilience Directorate < Technical Manager, Cybersecurity Risk Management Team< Senior Information Security Engineer
Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran