Position Summary:

Do you want to make a difference and help support the resilience and security of the nation?  As part of the Cyber Risk and Resilience Directorate, you will be part of a team of cyber security engineers applying the latest tools, techniques, and methods to cyber security and operational resilience challenges.   The Cybersecurity Engineer will work directly with leaders in government, academia, and industry to protect the services and capabilities that the American public relies on every day for national security and economic stability.   The Cybersecurity Engineer will support the operational capabilities and evolution of the Cybersecurity Assurance Team (CA Team), specifically focusing on cybersecurity, operational resilience, and applied research in these areas.  The CA team develops solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow industry, government, and military components to measure and improve their management of operational and technical risks to mission-critical services.  This includes and is linked to the impact of changes in technology, including artificial intelligence and agentic driven systems. 

As a Cybersecurity Engineer, you will be responsible for direct consulting with mission partners and subject matter experts across the CA portfolio.  You will support cybersecurity assessment standardization, develop and employ security measurement approaches, and transition your knowledge and expertise to the broader community. You will work collaboratively on multidisciplinary teams solving difficult customer challenges in diverse environments. You will serve as a trusted advisor to defense and critical infrastructure customers.  Cybersecurity Engineers also have the opportunity to conduct research into novel methods and approaches to managing cybersecurity resilience across all the component disciplines (for example cyber operations, application of artificial intelligence, continuity planning and management, organizational and social implications and mitigations related to cyber incidents and failures).   
 

Knowledge, Skills and Abilities:

Candidates should have experience/knowledge in several of the following:

• Industry experience at a mid to senior level managing information security risks and implementing controls   
• Industry experience at a mid to senior level managing technology controls and risks, for example change management, managing infrastructure, capacity planning, availability, managing cloud services, technology implementations.
• Industry experience at a mid to senior level managing continuity related controls and risks (business continuity, disaster recovery, for example).
• Experience deploying information technology, for example implementing security technology, or designing, building, and maintaining networks
• Consulting experience with private industry or government customers, including leading projects and engagements
• Familiarity with cybersecurity and resilience standards (e.g., NIST CSF, NIST SP 800 series, ISO 27000 series, etc.).
• Knowledge of audit and assessment methodologies, tactics, techniques, and procedures
• Knowledge of critical infrastructure protection concepts and standards.
• An understanding of maturity model concepts, for example CMMI, Financial Sector Cyber Profile
• Ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.

Requirements:

• Education and Experience: BS degree in a relevant discipline with 8 years of applicable experience, or a MS degree in a relevant discipline with 5 years of applicable experience, or a PhD in a relevant discipline with 2 years of applicable experience.
• Technical Excellence: You have a track record of successfully leading projects for a technical discipline. You are user-centered and accomplishment-focused, driving projects and the people that work on them to successful, high-impact outcomes.
• Leadership: You have the ability to lead diverse teams in analyzing and solving real-world problems by developing engineering guidance as well as applying and tailoring, as appropriate, SEI and non-SEI technologies and resources.  Your ability to lead extends to situations outside your immediate team or span of control (leadership by influence).
• Working in a Creative, Dynamic Environment: You have experience contributing to multiple simultaneous projects and thrive in a creative and high-energy environment. You are willing to experiment with new practices and develop effective processes, practices, and infrastructure to support successful projects.
• Mentorship: You enjoy mentoring, motivating, and empowering less-experienced team members in ways that promote performance and teamwork.
• Communication: You are an outstanding communicator and can interact collaboratively and diplomatically with customers and colleagues at all levels of knowledge and experience. You grasp the big picture, direction, and goals of an effort with ability to dig into the details on problems and technical concepts. You can present complex ideas to people who may not have a deep understanding of the subject area.
• Travel: Frequent (15-35%) to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings.
• Security Clearance: You will be subject to a background investigation and must have the ability to obtain and maintain a Department of Defense security clearance.
• Applicants for this position must be currently legally authorized to work for CMU in the United States. CMU will not sponsor or take over sponsorship of an employment visa for this opportunity.
   

Duties:

• Customer Engagement (50%): You will lead engagements with customers and mission partners  This will include representing the CA Team’s and SEI’s work to mission partners.  
• Project Participation (30%): You will contribute to customer projects designed to advance the state of the art in cybersecurity. You will represent the SEI regularly presenting our mission and our work to our stakeholders.
• Community Engagement (15%): You will engage with our communities of interest; this includes presenting our mission and work via publication and presentation. You will build and maintain relationships with the relevant research and technology communities.
• Professional Development (5%): You will continue to grow your knowledge and skills in cybersecurity and stay current on emerging trends and topics relevant to the team’s portfolio.
   

Desired Experience:

• Strong writing/editing ability. Ability to interact with others and function as a member of a process action team or instructional design working group. Experience with course and information mapping, flowcharting, etc. 
• Certifications: A+ CE, CCNA-Security, CND, Network+ CE, SSCP, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Project Management Professional (PMP),or equivalent experience
• The Software Engineering Institute is a Department of War Federally Funded Research and Development Center (FFRDC). Priority military experience is not required but some military experience can be beneficial in terms of understanding the institute’s mission and stakeholders.

Location

Job Function

Position Type

Full time/Part time

Pay Basis