Pacific Northwest National Laboratory Cyber Security Analyst in RICHLAND, Washington
Organization and Job ID
Job ID: 311598
Directorate: Communications & Information Techology
Division: Cyber Security
Group: Cyber Security Operations
PNNL seeks a Cyber Security Analyst to join our Cyber Security Operations Center (CSOC) team. We are seeking someone with a passion for cyber security who strives to deeply understand our adversaries, develop innovative analytics and detection solutions and proactively hunt and respond to adversary actions against PNNL. Equally, you’ll need to be comfortable operating as a member of continually evolving culture of collaboration, creativity, partnership, and execution. This team member will help grow and create a culture of security innovation within the framework of an industry-standard security operations center. The following are some key functions of the role:
Providing an adversary mindset and understanding that drives a kill-chain activity-based approach to detection, response and recovery
Providing continuous monitoring of authorized security control requirements and reporting system risks, application configurations or vulnerabilities
Intercepting and preventing internal and external attacks against PNNL systems
Assessing open source reporting and situational awareness data feeds to ensure the security of laboratory information and technology systems
Interpreting, analyzing, and executing incident response actions for detected intrusions
Occasional weekend or evening “on-call” duties may be required to include rotational support schedules as well as infrequent, ad hoc emergency incident response coordination
Success in this role means delivering results through strong technical skill, communications, and collaboration with a relentless focus on what’s best for our users. Success means continually holding oneself to the highest of professional and ethical standards and demanding the same of co-workers. Success is walking into PNNL every work day with a belief that you can positively impact the research and development efforts at a national laboratory. You know that your work makes a difference with our clients and users.
The hiring level will be determined based on the education, experience and skill set of the successful candidate based on the following:
Level I: Applies basic cyber analytic structures or concepts to well defined tasks with minimal oversight. Requires conceptual knowledge of scientific or engineering theories, practices and procedures within Specialization Basic competency in at least one field under the cyber analysis domain while starting to build knowledge across breadth. Working locally as an individual contributor
Level II: Building reputation through application of cyber analytic principles and theories and developing technical approaches to solve challenges. Ability to use structured analytic techniques and understand and follow analytic workflows and best practices. Fully applies and interprets standard theories, principles, methods, tools and technologies within specialty in cyber analysis domain. Developing professional expertise, applies organizational policies and procedures to resolve a variety of issues. Mentoring junior staff and students.
- BS/BA with 0-1 years of experience or MS/MA with 0 years of experience in Cyber Security, Computer Science, Management Information Systems, Information Technology, or a related field.
BS/BA with 2 years of experience or MS/MA with 0-2 years of experience or PhD with 0 years of experience in Cyber Security, Computer Science, Management Information Systems, Information Technology, or a related field.
Advanced Security Certification (CISSP, CISM, CEH, EnCE, SANS GIAC, etc.)
Strong peer leadership, interpersonal, collaborative, and customer relationship skills are essential.
Basic understanding of the cyber kill chain or attack vectors, red teaming and proactive cyber adversary hunting.
Ability to conduct incident response lifecycle activities across detection & analysis, investigation & response and recovery
Performing forensic analysis of digital information and gathers and handles evidence. Identifies network computer intrusion evidence and perpetrators.
Ability to implement and operate intrusion detection/prevention systems, network penetration testing, vulnerability scanning, packet generators and sniffers, firewalls, and router systems.
Working independently and leading collective team efforts to develop theories, ideas, and concepts around cyber security methodologies.
Equal Employment Opportunity
Battelle Memorial Institute (BMI) at Pacific Northwest National Laboratory (PNNL) is an Affirmative Action/Equal Opportunity Employer and supports diversity in the workplace. All employment decisions are made without regard to race, color, religion, sex, national origin, age, disability, veteran status, marital or family status, sexual orientation, gender identity, or genetic information. All BMI staff must be able to demonstrate the legal right to work in the United States. BMI is an E-Verify employer. Learn more at jobs.pnnl.gov.
Please be aware that the Department of Energy (DOE) prohibits DOE employees and contractors from having any affiliation with the foreign government of a country DOE has identified as a “country of risk” without explicit approval by DOE and Battelle. If you are offered a position at PNNL and currently have any affiliation with the government of one of these countries you will be required to disclose this information and recuse yourself of that affiliation or receive approval from DOE and Battelle prior to your first day of employment.
Background Investigation: Applicants selected will be subject to a Federal background investigation and must meet eligibility requirements for access to classified matter in accordance 10 CFR 710, Appendix B.
Drug Testing: All Security Clearance (L or Q) positions will be considered by the Department of Energy to be Testing Designated Positions which means that they are subject to applicant, random, and for cause drug testing. In addition, applicants must be able to demonstrate non-use of illegal drugs, including marijuana, for the 12 consecutive months preceding completion of the requisite Questionnaire for National Security Positions (QNSP).
Directorate: Comm & Information Technology
Job Category: Safeguards and Security
Group: Cyber Security Operations
Opening Date: 2021-01-29
Closing Date: 2021-02-27