Who We Are: You will work within the Monitoring & Response Directorate of the CERT Division of the Software Engineering Institute (SEI). The SEI is a federally funded research and development center on the campus of Carnegie Mellon University in Pittsburgh. CERT engages with the US Government, mainly the defense and intelligence sectors, to research, develop, apply and transition complex cybersecurity solutions. CERT generates some of the highest level of original research and tackles many of the most complex problems facing cybersecurity for the US Government. You will be part of a team that is thoughtfully engaged with its clients involved in emerging technology gaps and aggressively solving problems to migrate solutions to our clients.
What We Do:The CERT Situational Awareness group works with government customers to help them protect and defend their networks. We pioneer innovative ways to monitor and safeguard networked systems. We develop new approaches for identifying and investigating network anomalies. We observe real-world security operations teams and help them improve how they do their jobs. Our work ranges in scope from the close-up investigation and examination of security data to the assessment of large, enterprise-wide networks.
- You want to make an impact beyond your organization.
- You want to be involved with worldwide thought leaders.
- Your strengths are curiosity, love of learning, deep interest in cybersecurity, and a desire to innovate.
Position Summary: As a Network Defense Analyst, you will participate in and lead technical efforts which include developing and prototyping new security analysis techniques, tools, and platforms. You will prepare analytic reports and contribute to research publications. You will serve as a domain expert for customers, commercial vendors, and the Internet community as a whole. We expect you to contribute to and advance the state of art of cybersecurity analytics. Are you interested in helping us to achieve this mission?
- BS in Computer Science or a related discipline with eight (8) years experience in security operations, network operations, or security research; MS in Computer Science or a related discipline with five (5) years experience in security operations, network operations, or security research; PhD in Computer Science or related discipline with two (2) years experience in security operations, network operations, or security research; or equivalent combination of education and experience.
- Travel to various locations within the SEI and CMU community, including sponsor sites, conferences, and meetings. (expected 10-25%)
- You will be subject to a background check and will need to obtain and maintain a Department of Defense security clearance.
Knowledge, Skills and Abilities:
- Capable of conducting and supporting analytical studies and investigations of networksecurity data.
- Significant understanding of and practical experience with various Internet protocols and applications (e.g., TCP/IP, HTTP/HTTPS, DNS, SMTP, FTP, routing protocols).
- Understanding of network, host, and operating system security issues.
- Operational knowledge and significant understanding of networksecurity devices such as Intrusion Detection Systems, Firewalls, Security Information Managers, Network Vulnerability Scanners.
- Operational knowledge and understanding of routing and switching protocols, including Internet routing.
- Ability to function in the role of a consultant with some mentorship from senior staff members.
- Excellent planning and organizational skills.
- Strong analytical skills.
- Excellent oral and written communication skills.
- Ability to work well with minimal direction and with teams.
- Ability to discuss security topics with both technical and nontechnical audiences, and to communicate with customers at various levels of leadership.
- Ability to work meticulously with careful attention to detail; ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities.
- Ability to participate in conversations collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.
- Ability to develop and communicate new ideas; ability to quickly learn new procedures, techniques, and approaches.
- Experience working in a collaborative environment with team members who have diverse skills.
- Participation in the public forum of the broader information security community.
- Prior experience working directly with customers from government and/or industry.
- Experience with data visualization.
- Skilled at working with specialized technologies such as data mining, clustering, machine learning, neural networks, distributed computing and/or big data platforms.
- Strong statistics background.
- Scripting and/or programming in a high level language, including participation in sound software engineering (e.g. version control, documentation).