Berkeley Lab is Bringing Science Solutions to the World, and YOU can be a part of it!
In the world of science, Lawrence Berkeley National Laboratory (LBNL) is synonymous with “excellence.” That’s why we hire the best – whether in research, science, or operations. This is a great opportunity to bring your top-notch skills to bear in support of world-class scientific research that addresses national and global challenges!
Berkeley Lab’s Energy Sciences Network (ESnet) Division is a scientific network that interconnects the DOE national laboratory system, is widely-regarded as a global innovator in network architectures, tools, and applications, and is currently the fastest scientific network in the world. We’re a dynamic organization, highly-motivated and focused on results. Our mission: to accelerate science by delivering unparalleled networking capabilities, tools, and innovations. As an organization, we are small enough to be agile, but large enough to offer rewarding challenges on a global scale.
We have an immediate opening for an Information Security Analyst (Computer Systems Engineer) to provide information security services and support to ESnet. This position will be filled at a level II or III, dependent on experience.
Specific Responsibilities – Level II:
- Serve as a core member of ESnet’s Security Group performing varying security duties including threat awareness, proactive and reactive security analysis, incident response, forensic analysis, and resolution of security incidents.
- Uncover computer and network vulnerabilities, reducing the risk incurred by vulnerabilities, automating workflow processes supporting ESnet’s security architecture.
- Integrate knowledge of network protocols, services, threats, vulnerabilities, mitigation strategies, hardware capabilities, and other information to build a security environment that reduces and mitigates risk while allowing ESnet’s open science mission to succeed.
- Examine a wide range of data, including Bro logs, NetFlow data, centralized syslog, and authentication logs to detect security incidents.
- Implement improved methods to detect and mitigate security attacks.
- Ability to be ‘on call’ outside of regular business hours on a regular and recurring basis.
In addition to the above, Level III – Specific Responsibilities:
- Improve ESnet’s security architecture by infusing new security technologies and methods to detect and mitigate security attacks, including building and improving custom security tools.
- Promote a strong security culture by providing conceptual and technical security expertise, especially in the area of network and system protection (Unix), to other ESnet staff.
Required Qualifications – Level II:
- Bachelor’s degree in computer science or related field or equivalent experience; at least 4 years of experience in hands-on, open-source information security (including college work) and/or a combination of experience and education.
- Skilled in developing software and proficiency coding in Python and/or Perl.
- Experience with Intrusion Detection Systems (IDS) and signature development.
- Hands on network/packet level examination using tools such as tcpdump or wireshark.
- Strong understanding of complex TCP/IP networks.
- Solid understanding of Unix/Linux operating systems including RedHat/CentOS, FreeBSD variants, and Mac OS X.
- Background with regular expressions, data and text manipulation tools such as awk and sed.
- Experience streamlining operational capabilities through standardization and automation.
- Able to work on multiple tasks and respond to rapidly changing priorities.
- Self-motivated with excellent written and interpersonal communication skills and the demonstrated ability to work both independently and as part of a team.
In addition to the above, Level III – Required Qualifications:
- Minimum of 8 years of experience in cyber security (may include college work).
- Experience with incident response and driving incidents to resolution.
- Ability to serve as a consultant on long-range vision for security architecture for ESnet.
- Able to identify and implement security enhancements that will maximize the security profile of ESnet while being sensitive to its mission.
- Familiarity with public-key and private-key encryption techniques including DES, RSA, and PGP
- Solid understanding of IPv6.
- Ability to formulate, organize, and present ideas in an effective manner. Develop proposals and clearly articulate cost/benefit tradeoffs to various audiences.
- Self-motivated with demonstrated ability to work highly independently, requiring little direct supervision.
- Experience maintaining and administering production BSD-based operating systems
- Knowledge of Layer2, Wireless, Switching and Routing Protocols
- Experience with securing virtualized environments, enterprise security appliances, SIEMs, and logging environments such as Splunk.
- Proficiency using Bro (open-source network analysis framework).
The posting shall remain open until the position is filled, however for full consideration, please apply by close of business on October 1,, 2016.
- This is a 2 year, term appointment with the possibility of renewal and with the possibility of conversion to career.
- Salary is commensurate with experience.
- Classification will depend upon the applicant’s level of skills, knowledge, and abilities.
- This position requires completion of a background check.
Berkeley Lab addresses the world’s most urgent scientific challenges by advancing sustainable energy, protecting human health, creating new materials, and revealing the origin and fate of the universe. Founded in 1931, Berkeley Lab’s scientific expertise has been recognized with 13 Nobel prizes. The University of California manages Berkeley Lab for the U.S. Department of Energy’s Office of Science.
Equal Employment Opportunity: Berkeley Lab is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or protected veteran status. Berkeley Lab is in compliance with the Pay Transparency Nondiscrimination Provision under 41 CFR 60-1.4. Click here to view the poster and supplement: “Equal Employment Opportunity is the Law.”