What We Do:
The SEI helps advance software engineering principles and practices and serves as a national resource in software engineering, computer security, and process improvement. The SEI works closely with defense and government organizations, industry, and academia to continually improve software-intensive systems. Our core purpose is to help organizations improve software engineering capabilities and develop or acquire the right software, defect free, within budget and on time, every time.
The CERT Division is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Division engages in cutting-edge research and development and develops and transitions focused approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems.
The individual in this position will work as a member of the Enterprise Threat and Vulnerability Management (ETVM) Team within the CERT Division. The goal of the ETVM team and the National Insider Threat Center is to assist organizations in improving their security posture and incident response capability by researching technical threat areas; developing and evaluating information security assessment methods and techniques; and providing information, solutions and training for preventing, detecting, and responding to illicit activity. ETVM team members are domain experts in insider threat, cyber and physical security assessments, and incident response; team capabilities include threat analysis and modeling; development of security metrics and assessment methodologies; anomaly detection tool evaluation, and creation and delivery of training, courses, and workshops.
The selected individual will be part of ETVM’s Threat Research Team, and will participate in the development and execution of new security assessment methodologies, including innovative new methods for conducting operational threat assessments, and internal and external penetration/vulnerability testing. The selected individual also conducts research on the development and validation of best practices on difficult information technology solutions and provides reference architecture papers to assist the DoD, Federal Agencies, Law Enforcement, Industry, and Academia in deploying those solutions. The selected individual may also assist on compliance validation teams which entail conducting on-site assessments, pre- and post-assessment analysis, preparation of technical reports and briefings to customers. Consistent with the mission of a Federally Funded Research and Development (FFRDC), this position is responsible for interacting with senior executives in external and internal organizations; developing, communicating, implementing and measuring cybersecurity strategies, to improve the resiliency and security of those organizations. The individual will work as a member of collaborative project teams and will work closely with customers from a variety of organizations, including government agencies and critical infrastructure providers.
- BS in Computer Science or related field, with ten (10) years of applicable experience, or MS in Computer Science or related field, with eight (8) years of applicable experience.
- Certifications: Certified Information Systems Security Professional (CISSP), and/or Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA).
- Willingness to travel to various locations to support the SEI’s overall mission. This includes within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion.
- You will be subject to a background check and will need to obtain and maintain a Department of Defense security clearance.
Knowledge, Skills and Abilities:
- common risk and cybersecurity assessment methods
- understanding of information technology and telecommunications systems
- working knowledge of network security and survivability/resiliency issues
- ability to conduct analytical studies and investigations
- excellent written and oral communication skills
- proven ability to prepare papers and presentations for technical and non-technical audiences
- demonstrated ability to communicate hard cybersecurity and/or software security challenges to organizations (at conference, workshops, training) and an ability to develop and/or recommend solutions
- reasoning, critical thinking, and problem-solving skills
- ability to work independently with limited supervision; develop work plans, schedules, tasks, and effectiveness measures to evaluate bodies of work
- ability to lead assigned work plan tasks, including managing other team members supporting the task, as well as the task milestones, deliverables, and customer engagements
- ability to recognize and deal appropriately with confidential and sensitive information
- participate by leading and representing work at conferences, workshops, and meetings
- contribute to customer presentations and technology transfer activities
- strong interest in cybersecurity analysis R&D
- ability to create instructional materials and conduct training
- building and maintaining customer relationships
- strategic planning and requirements definition
- operational experience preventing, detecting, and responding to cyber threats (preferably, insider threats)
- experience working in a SOC, a cyber threat intelligence function, a cyber incident response process, an insider threat program, or an information security program
- experience developing software and applying a software development process
- operational experience conducting cybersecurity assessments or audits
- a history of publication and presentation on cybersecurity topics
- experience working in or with the DOD, intelligence community, or law enforcement in a classified environment
- experience in penetration testing, red teaming, or blue teaming
- working in a team environment on collaborative projects in critical infrastructure sectors involving network, system or data security
- experience employing software engineering techniques in designing and developing distributed, secure software, and experience with / knowledge of any of the following
- system administration
- firewalls, intrusion detection systems, and other security technologies
- relational databases
Job Function Breakdown:
40% Participate in ETVM technical project work.
30% Development of new assessment methodologies, as well as accompanying documentation and training.
25% Perform on-site security assessments. Travel to customer sites is required.
5% Participate in team meetings; participate in meetings with customers and potential customers; give talks and lectures as appropriate
TOTAL = 100%
Please visit “Why Carnegie Mellon” to learn more about becoming part of an institution inspiring innovations that change the world.
A listing of employee benefits is available at: www.cmu.edu/jobs/benefits-at-a-glance/.
Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran.