Pacific Northwest National Laboratory Team Lead, Cyber Security Analyst in RICHLAND, Washington

Organization and Job ID

Job ID: 306485

Directorate: Communications & Information Technology

Division: Cyber Security

Group: Cyber Analytics and Forensics

Job Description

The Invitation

Come and work for a billion dollar international research institution. Our collaborative environment and commitment to work/life balance makes Pacific Northwest National Laboratory (PNNL) an ideal place to advance your career, challenge yourself, and make a difference in the world. We offer excellent benefits including pension, matching 401(k), tuition reimbursement plans, health insurance, and flexible work schedules.

The Position

The Cyber Security division at Pacific Northwest National Laboratory (PNNL) is looking for a Team Leader for the Cyber Analytics and Forensics Group. Located in Richland, Washington, PNNL is powered by the creativity and innovation of 4,300 exceptional scientists and engineers that are advancing the frontiers of science and addressing some of the most challenging problems in energy, the environment and national security. This position is responsible for leading the team of cyber defenders that protect PNNL’s research against cyber warfare. We are seeking someone with a passion for leading a team in analyzing computer vulnerabilities--delving into the details of how an organization gets hacked and reverse engineering to create solutions. Equally, you’ll be a member of an experienced cyber security team with a culture of collaboration, creativity, partnership, and execution, so you will need to work well in that environment as well. We’re looking for someone who keeps up with cutting edge research in the field of intrusion detection, vulnerability management, threat analytics, attack path visualizations, incident response, malware analysis, and more.

You @ PNNL

Your key responsibilities and accountabilities would include:

- Provides subject matter expertise on enterprise cyber security risks, threats, technologies, and potential impact.

- Continually monitors against authorized security control requirements and reports system risks and application configurations or vulnerabilities.

- Intercepts and prevents internal and external attacks or attempts against PNNL systems.

- Partners with cyber security researchers on data analysis, prototype implementation, collaboration, and feedback.

- Interprets, analyzes, and executes incident response actions for detected intrusion anomalies and events.

- Conducts system, network, and software vulnerability assessments and penetration testing.

- Prepares and presents technical reports and briefings.

- Contributes to design, development and implementation of countermeasures, cyber security systems integration, and leverages tools specific to cyber security operations.

- As necessary, shares knowledge with external entities including law enforcement, intelligence and other government organizations and agencies.

- Work in a cyber-program focused on collaboration, partnership, and “out of the box” creativity.

Envisioning Success:

Success in this role means delivering results through strong technical skill, communications, and collaboration with a relentless focus on what’s best for our users. Success means continually holding oneself to the highest of professional and ethical standards and demanding the same of co-workers. Success is walking into PNNL every work day with a belief that you can positively impact on the research and development efforts at a national laboratory. You know that your work makes a difference with our clients and users.

Minimum Qualifications

Bachelor's degree and 9-13 years' experience; MS degree and 7-11 years' experience; PhD or JD and 4-8 years experience; or MD and 0-3 years' experience.


Bachelor's degree and 14-19 years' experience; MS degree and 12-17 years' experience; PhD or JD and 9-14 years' experience; or MD and 4-8 years' experience.

Job level will be determined by the candidate's unique experience and qualifications.

Preferred Qualifications

- Ability to reverse engineer malware

- Advanced Security Certification (CISSP, CEH, EnCE, etc)

- Weekend or evening “on-call” duties

- Must be able to obtain a federal security clearance.

- Exceptionally strong peer leadership, interpersonal, collaborative, and customer relationship skills are essential.

- Thorough understanding of the cyber kill chain or attack vectors.

- Keen ability to anticipate and recognize cyber security threats.

- Use practical knowledge to effectively remediate threats, and modify activities and priorities to anticipate and respond to changing conditions.

The candidate should be able to demonstrate hands-on experience in:

- Network protocols, uses, and potential exploitation by malicious software.

- Applying layered computer network defense techniques and network policy architectures

- Tracking malware infections across a wide enterprise

- Clearly communicating technical information in various forms to senior management, peers, and customers.

- Ability to implement and operate intrusion detection/prevention systems, network penetration testing, vulnerability scanning, packet generators and sniffers, firewalls, and router systems.

- Working independently and leading collective team efforts to develop theories, ideas, and concepts around cyber security methodologies.

Equal Employment Opportunity

PNNL is an Equal Opportunity/Affirmative Action Employer that is committed to hiring a diverse, talented workforce. EOE Disability/Vet/M/F/Sexual Orientation/Gender Identity. Staff at PNNL must be able to demonstrate the legal right to work in the United States.

Other Information

This position requires the ability to obtain a federal security clearance in a timely manner. Which requires:

* U.S. Citizenship

* Background Investigation: Applicants selected will be subject to a Federal background investigation and must meet eligibility requirements for access to classified matter in accordance 10 CFR 710, Appendix B.

* Drug Testing: All Security Clearance (L or Q) positions will be considered by the Department of Energy to be Testing Designated Positions which means that they are subject to applicant, random, and for cause drug testing. In addition, applicants must be able to demonstrate non-use of illegal drugs, including marijuana, for the 12 consecutive months preceding completion of the requisite Questionnaire for National Security Positions (QNSP).

Note: Applicants will be considered ineligible for security clearance processing by the U.S. Department of Energy until non-use of illegal drugs, including marijuana, for 12 consecutive months can be demonstrated.

Directorate: Comm & Information Technology

Job Category: Computation and Information Sciences

Group: Cyber Security

Opening Date: 2017-04-11

Closing Date: 2017-06-10