Career Center

Our team provides technical guidance in the areas of capability and capacity development to Security Operations Centers (SOCs), National Cyber Centers and incident management teams (Computer Security Incident Response). Our partners include Federal agencies, academic institutions, foreign governments, private industry, and non-profit organizations. We develop and implement strategic and operational procedures for the cybersecurity community and regularly interact with sponsors and partners.

Our team participates in and leads technical efforts by developing and prototyping new methods of evaluating and measuring operational and mission success. We implement and lead training and engagement efforts across various organizational components such as National Incident Response Teams, Product Security Teams, Security Operation Centers, and general incident management programs.

The CERT Security Operations team seeks to develop cutting edge solutions to address critical and emerging challenges encountered by the United States government and the International Community. Key to our success is a diverse team of analysts, researchers, and engineers with a passion for understanding the implications of emerging technologies and best practices on U.S. Government defensive missions.

Knowledge, Skills, and Abilities:

Interest in the development and execution of strategic and operational procedures for the cybersecurity community, and research that advances the state of the art and practice of cyber operations and a working across the following areas:

• Capable of conducting and supporting analytical studies and investigations of risk, threat, and security data.
• Ability to work independently or within a team with members of varying skill sets and levels. * Deep understanding of enterprise technology security issues.
• Broad knowledge of commonly deployed computer network defense tools and processes to include leading vendor solutions and Open Source platforms.
• Ability to brief strategic and technical topics to senior management, technical and non- technical audiences, and foreign government officials.
• Familiarity with current operational challenges and technical threats faced by network security and intelligence organizations.
• Familiarity with project planning and management standard methodologies.
• Ability to engage with and understand cultural sensitivities in order to facilitate foreign engagements through stakeholder engagement and developing and managing relationships.
• Ability to write / craft clear, understandable documentation that translates complicated technical processes to a target audience (A writing sample may be requested).
• Team deliverables include technical publications; industry and government conference presentations; course development and delivery; direct customer engagement; and prototype tools and techniques.

Requirements:

• Bachelor's Degree in Computer Science or scientific/technical field.
• Willingness and ability to travel to various locations to support the SEI's overall mission, to include international travel (25%).
• Ability to conduct trainings and workshops either on location or in a remote setting.
• You will be subject to a background check and will need to obtain and maintain a Department of Defense security clearance.

Desired Experience:

• Professional proficiency with a foreign language preferably Spanish.
• Familiarity with critical infrastructure and/or sectors. Experience working within or in collaboration with a national Incident Response or Security Operations organization.
• Demonstrated technical proficiency with contemporary computing hardware, software, and network technologies.
• Experience with research and academic papers.
• Familiarity with metrics and measurement and assessment concepts and practices.
• Participation in broad public forums through activities such as standards, open-source development, or publication.
• Certifications of interest that are preferred include the CISSP, CEH, CISM, CompTIA, or similar.

Job Function Breakdown:

• 45% - Create framework and methodology documents, both general and specific, intended to facilitate the organizational and technical capacity development of international partners.
• 25% - Create and deliver training and education materials, exercises, and workshops; along with performing assessments or outreach activities such as developing blogs, podcasts, or presentations.
• 20% - Support planning, development, and execution of customer led and/or supported development activities, planning discussions, and awareness raising exercises. Through partnership, awareness, and action evaluate the need for, develop blueprints for, and assist with the implementation of national-level Cybersecurity capabilities.
• 10% - Capture knowledge from engagements, integrate it with lessons learned from other similar work, and help transfer that knowledge for the betterment of the global Cybersecurity community.

CMU's COVID-19 Vaccination Requirements: As a condition of employment, Carnegie Mellon University requires all staff and faculty working in the United States to be fully vaccinated, including a booster when eligible, against COVID-19. Prior to commencement of employment, new hires in the United States must provide proof of vaccination or obtain an approved exemption. (Exemptions may be requested for medical reasons or for religious or strong moral or ethical conviction.) Those granted an exemption must comply with all applicable COVID-19 mitigation requirements, including use of facial coverings, daily self-assessment and weekly Tartan Testing.

Location

Job Function

Position Type

Full Time/Part time

Pay Basis

More Information: