We are looking for self-starters that can both see the big picture as well as pay attention to detail. In this role you will focus on cyber security engineering and operations in the Cyber Security team within the HPC Core Operations group to support all activities of the supercomputing center.
Job Duties and Responsibilities
Duties of the position include, but are not limited to:
• Interpreting security requirements from frameworks such as FISMA, FedRAMP, HIPAA, and NIST SP 800-53.
• Performing assessments and verifying cyber security policy related to FISMA and HIPAA regulations.
• Analyzing, triaging, and responding to application, system, and network events.
• Generating cyber security operational summaries and reports.
• Performing host and network forensics.
• Using event correlation and reduction tools to understand the current threat state of the environment.
• Automating cyber security tasks.
• Scanning networks for vulnerabilities.
• Responding to system vulnerabilities and coordinating system patches and updates.
• Documenting cyber security procedures.
• Participating in a 24-hour, 7-day on-call incident response rotation.
- Bachelor's Degree in Computer Science or related field.
- Minimum of 5 years of relevant experience. An equivalent combination of education and experience will be considered.
- 7+ of relevant experience. An equivalent combination of education and experience will be considered.
- Strong understanding of cyber security concepts, best practices, and tools.
- Experience hardening UNIX/Linux environments.
- Solid understanding of networked computing environment concepts.
- Ability to communicate effectively and work well in a team environment.
- Ability to learn new and emerging technologies
- Experience deploying and maintaining systems in UNIX/Linux environments.
- Cyber security experience in a US government environment
- Experience in a high-performance computing environment
- Experience using monitoring software or appliances for cyber security.
- Experience using analysis software or appliances for cyber security.
- Experience with incident response and engaging in forensics
- Programming and advanced scripting experience.
- Experience with automated configuration management tools such as Puppet or Ansible.
- Experience in network, application, and/or security architecture and design.
- Familiarity with common protocols such as: DNS, DHCP, LDAP, SNMP, SMTP, HTTP, SSL.
- Ability to perform under pressure and in a fast-paced, dynamic environment.
- Experience in interpretation and development of Site Security Plans (SSPs), Data Use Agreements (DUA),
- Business Associates Agreements (BAA), Interconnection Security Agreement (ISA), and other relevant documents.
- Understanding of security and privacy requirements related to HIPAA, HITECH Act, ITAR and Export Control.
- Experience with writing and implementing security policy.
- Experience with risk management.