Lawrence Berkeley National Laboratory
Cyber Security Engineer
Lawrence Berkeley National Laboratory, Berkeley, California, United States, 94709
Overview
The National Energy Research Scientific Computing Center (NERSC) at Lawrence Berkeley National Laboratory (LBNL) is inviting applications for the position of Cyber Security Engineer. NERSC’s mission is to accelerate scientific discovery through high performance computing and data analysis for the DOE Office of Science programs. NERSC provides critical HPC and data systems and support for NERSC’s 10,000 users researching alternative energy sources, climate science, energy efficiency, environmental science and other DOE mission areas. In this exciting role, you will be involved in all aspects of cyber security at NERSC, working both independently and collaboratively with the security team to monitor for malicious and unauthorized activity, perform vulnerability scanning and application security testing, participate or lead responses to security incidents, provide security guidance to staff and end-users, perform security assessments and reviews, assist in remediation or mitigation of cyber security issues, and contribute to the NERSC strategy as we move to exascale and beyond. At NERSC, you will work in a collaborative, interdisciplinary environment with opportunities to explore emerging technologies, cross-team projects, and attend NERSC seminars on a wide range of scientific and technical subjects. Responsibilities
Perform security duties including monitoring for potential threats, examining network traffic and log data, investigating anomalous activity, forensic analysis, and resolution of security incidents. Support and/or lead cyber incident response activities, participating in the full incident response lifecycle, from initial detection through resolution and post-incident documentation. Maintain up-to-date awareness of cybersecurity threats and trends, assess emerging security issues to determine risk and impact, advise on response strategies, and coordinate mitigation across teams. Assist with vulnerability assessment activities, including configuration of scanning tools, assessment of vulnerabilities, prioritization and triage, and guiding remediation efforts with NERSC staff and end users. Participate in 24/7 on-call rotation, occasionally working outside of scheduled hours as needed. Contribute to design and development of NERSC’s security architecture, address operational gaps in monitoring and detection, and evaluate new cyber security tools and technologies. Participate or lead efforts to upgrade existing systems to meet evolving needs, including specification, purchase, installation, configuration, and deployment of new hardware and security services. Perform system administration tasks, troubleshooting, and hardware maintenance and support as needed; help maintain and manage existing cybersecurity systems using automation tools. Develop comprehensive documentation of the team’s technical systems, processes, and procedures. Develop and update IDS and monitoring rules based on emerging threats and incident data to ensure detection aligns with current attack vectors. Lead or support security initiatives, including a Zero Trust strategy, to reduce risk while enabling open science. Promote a strong security culture through outreach, technical consulting, and security awareness activities; provide guidance on security best practices and communicate policies to staff and users. Collaborate with NERSC system engineers and software developers to integrate cyber security tools and processes across the center. Conduct in-depth security reviews and risk assessments; document findings with actionable recommendations to mitigate risk. Serve as a security subject matter expert on cross-functional projects, ensuring security is considered across all phases. Contribute to cybersecurity requirements and maintain documentation in a central repository; create technical guides and resources for staff and users. May lead technical initiatives or projects in areas such as containerized environments, secure software practices, Zero Trust Architecture, and secure data movement in HPC workflows. We are looking for
Typically requires a minimum of 8 years of related experience with a Bachelor’s degree; or 6 years and a Master’s degree; or equivalent experience. Experience administering Linux/Unix systems or configuring network security devices. Experience using cybersecurity tools and technologies (e.g., intrusion detection/prevention systems, firewalls, SIEM platforms, vulnerability scanners). Experience designing, implementing, and maintaining network traffic capture and monitoring solutions for complex, high-speed network environments. Experience performing or supporting incident response activities, including investigation, analysis, containment, and resolution of incidents. Experience collecting and analyzing log and telemetry data from various systems to detect and respond to incidents. Experience leading IT infrastructure projects or security initiatives and providing technical direction. Experience developing scripts or programs in Python, Shell, C, C++, or similar languages. Knowledge of common security vulnerabilities, attacker TTPs, and core cybersecurity principles. Demonstrated ability to work in a Linux/UNIX environment via CLI. Strong problem-solving abilities and the capacity to manage multiple tasks with changing priorities. Excellent oral and written communication skills. In-depth knowledge of network security and upper-layer protocols. Ability to collaborate across teams and work independently in interdisciplinary settings. Desired skills/knowledge
Experience in High Performance Computing, higher education, or research environments. Experience implementing Zero Trust architectures, securing container platforms, or integrating security into development and deployment processes. Experience with policy compliance activities (e.g., auditing against NIST, ISO 27001, CIS Controls) and performing vulnerability/risk assessments. Experience securing large-scale computing or open network environments with broadly accessible infrastructure. Familiarity with configuration automation tools such as Puppet or Ansible. Knowledge of dual-stack (IPv4/IPv6) and IPv6-only networks; security challenges and strategies. Knowledge of API security, including secure API design, OAuth 2.0, JWT, and API key management. Understanding of secure coding practices and ability to review code for vulnerabilities. Knowledge of data analytics, machine learning, or statistical models and their application to security analysis. We’re here for the same mission, to bring science solutions to the world. Join our team and you will play a supporting role in our goal to address global challenges! Have a high level of impact and work for an organization associated with 17 Nobel Prizes! We invest in our employees by offering a total rewards package you can count on: Exceptional health and retirement benefits, including pension or 401K-style plans A culture where you’ll belong - we are invested in our teams! In addition to vacation and sick time, we also have a Winter Holiday Shutdown every year. Parental bonding leave (for both mothers and fathers) Additional information
Appointment type:
This is a full-time, career appointment, exempt (monthly paid) from overtime pay. Salary range:
The expected salary for this position is $156,864 - $191,724, which fits into the full salary of $139,440 - $235,308 depending upon the candidate’s skills, knowledge, and abilities. This includes education, certifications, and years of experience. Background check:
This position is subject to a background check. Any convictions will be evaluated to determine if they directly relate to the responsibilities and requirements of the position. Having a conviction history will not automatically disqualify an applicant from being considered for employment. Work modality:
This position requires substantial on-site presence, but is eligible for a flexible work mode, and hybrid schedules may be considered. Hybrid work is a combination of performing work on-site at Lawrence Berkeley National Lab, 1 Cyclotron Road, Berkeley, CA and some telework. Individuals working a hybrid schedule must reside within 150 miles of Berkeley Lab. Work schedules are dependent on business needs. Want to learn more about working at Berkeley Lab? Please visit:
careers.lbl.gov Equal Employment Opportunity Employer:
The foundation of Berkeley Lab is our Stewardship Values: Team Science, Service, Trust, Innovation, and Respect; and we strive to build community with these shared values and commitments. Berkeley Lab is an Equal Opportunity Employer. We heartily welcome applications from all who could contribute to the Lab's mission of leading scientific discovery, excellence, and professionalism. In support of our rich global community, all qualified applicants will be considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, protected veteran status, or other protected categories under State and Federal law.
#J-18808-Ljbffr
The National Energy Research Scientific Computing Center (NERSC) at Lawrence Berkeley National Laboratory (LBNL) is inviting applications for the position of Cyber Security Engineer. NERSC’s mission is to accelerate scientific discovery through high performance computing and data analysis for the DOE Office of Science programs. NERSC provides critical HPC and data systems and support for NERSC’s 10,000 users researching alternative energy sources, climate science, energy efficiency, environmental science and other DOE mission areas. In this exciting role, you will be involved in all aspects of cyber security at NERSC, working both independently and collaboratively with the security team to monitor for malicious and unauthorized activity, perform vulnerability scanning and application security testing, participate or lead responses to security incidents, provide security guidance to staff and end-users, perform security assessments and reviews, assist in remediation or mitigation of cyber security issues, and contribute to the NERSC strategy as we move to exascale and beyond. At NERSC, you will work in a collaborative, interdisciplinary environment with opportunities to explore emerging technologies, cross-team projects, and attend NERSC seminars on a wide range of scientific and technical subjects. Responsibilities
Perform security duties including monitoring for potential threats, examining network traffic and log data, investigating anomalous activity, forensic analysis, and resolution of security incidents. Support and/or lead cyber incident response activities, participating in the full incident response lifecycle, from initial detection through resolution and post-incident documentation. Maintain up-to-date awareness of cybersecurity threats and trends, assess emerging security issues to determine risk and impact, advise on response strategies, and coordinate mitigation across teams. Assist with vulnerability assessment activities, including configuration of scanning tools, assessment of vulnerabilities, prioritization and triage, and guiding remediation efforts with NERSC staff and end users. Participate in 24/7 on-call rotation, occasionally working outside of scheduled hours as needed. Contribute to design and development of NERSC’s security architecture, address operational gaps in monitoring and detection, and evaluate new cyber security tools and technologies. Participate or lead efforts to upgrade existing systems to meet evolving needs, including specification, purchase, installation, configuration, and deployment of new hardware and security services. Perform system administration tasks, troubleshooting, and hardware maintenance and support as needed; help maintain and manage existing cybersecurity systems using automation tools. Develop comprehensive documentation of the team’s technical systems, processes, and procedures. Develop and update IDS and monitoring rules based on emerging threats and incident data to ensure detection aligns with current attack vectors. Lead or support security initiatives, including a Zero Trust strategy, to reduce risk while enabling open science. Promote a strong security culture through outreach, technical consulting, and security awareness activities; provide guidance on security best practices and communicate policies to staff and users. Collaborate with NERSC system engineers and software developers to integrate cyber security tools and processes across the center. Conduct in-depth security reviews and risk assessments; document findings with actionable recommendations to mitigate risk. Serve as a security subject matter expert on cross-functional projects, ensuring security is considered across all phases. Contribute to cybersecurity requirements and maintain documentation in a central repository; create technical guides and resources for staff and users. May lead technical initiatives or projects in areas such as containerized environments, secure software practices, Zero Trust Architecture, and secure data movement in HPC workflows. We are looking for
Typically requires a minimum of 8 years of related experience with a Bachelor’s degree; or 6 years and a Master’s degree; or equivalent experience. Experience administering Linux/Unix systems or configuring network security devices. Experience using cybersecurity tools and technologies (e.g., intrusion detection/prevention systems, firewalls, SIEM platforms, vulnerability scanners). Experience designing, implementing, and maintaining network traffic capture and monitoring solutions for complex, high-speed network environments. Experience performing or supporting incident response activities, including investigation, analysis, containment, and resolution of incidents. Experience collecting and analyzing log and telemetry data from various systems to detect and respond to incidents. Experience leading IT infrastructure projects or security initiatives and providing technical direction. Experience developing scripts or programs in Python, Shell, C, C++, or similar languages. Knowledge of common security vulnerabilities, attacker TTPs, and core cybersecurity principles. Demonstrated ability to work in a Linux/UNIX environment via CLI. Strong problem-solving abilities and the capacity to manage multiple tasks with changing priorities. Excellent oral and written communication skills. In-depth knowledge of network security and upper-layer protocols. Ability to collaborate across teams and work independently in interdisciplinary settings. Desired skills/knowledge
Experience in High Performance Computing, higher education, or research environments. Experience implementing Zero Trust architectures, securing container platforms, or integrating security into development and deployment processes. Experience with policy compliance activities (e.g., auditing against NIST, ISO 27001, CIS Controls) and performing vulnerability/risk assessments. Experience securing large-scale computing or open network environments with broadly accessible infrastructure. Familiarity with configuration automation tools such as Puppet or Ansible. Knowledge of dual-stack (IPv4/IPv6) and IPv6-only networks; security challenges and strategies. Knowledge of API security, including secure API design, OAuth 2.0, JWT, and API key management. Understanding of secure coding practices and ability to review code for vulnerabilities. Knowledge of data analytics, machine learning, or statistical models and their application to security analysis. We’re here for the same mission, to bring science solutions to the world. Join our team and you will play a supporting role in our goal to address global challenges! Have a high level of impact and work for an organization associated with 17 Nobel Prizes! We invest in our employees by offering a total rewards package you can count on: Exceptional health and retirement benefits, including pension or 401K-style plans A culture where you’ll belong - we are invested in our teams! In addition to vacation and sick time, we also have a Winter Holiday Shutdown every year. Parental bonding leave (for both mothers and fathers) Additional information
Appointment type:
This is a full-time, career appointment, exempt (monthly paid) from overtime pay. Salary range:
The expected salary for this position is $156,864 - $191,724, which fits into the full salary of $139,440 - $235,308 depending upon the candidate’s skills, knowledge, and abilities. This includes education, certifications, and years of experience. Background check:
This position is subject to a background check. Any convictions will be evaluated to determine if they directly relate to the responsibilities and requirements of the position. Having a conviction history will not automatically disqualify an applicant from being considered for employment. Work modality:
This position requires substantial on-site presence, but is eligible for a flexible work mode, and hybrid schedules may be considered. Hybrid work is a combination of performing work on-site at Lawrence Berkeley National Lab, 1 Cyclotron Road, Berkeley, CA and some telework. Individuals working a hybrid schedule must reside within 150 miles of Berkeley Lab. Work schedules are dependent on business needs. Want to learn more about working at Berkeley Lab? Please visit:
careers.lbl.gov Equal Employment Opportunity Employer:
The foundation of Berkeley Lab is our Stewardship Values: Team Science, Service, Trust, Innovation, and Respect; and we strive to build community with these shared values and commitments. Berkeley Lab is an Equal Opportunity Employer. We heartily welcome applications from all who could contribute to the Lab's mission of leading scientific discovery, excellence, and professionalism. In support of our rich global community, all qualified applicants will be considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, protected veteran status, or other protected categories under State and Federal law.
#J-18808-Ljbffr