Vacancy caducado!
Company Description
Join us and make YOUR mark on the World!Are you interested in joining some of the brightest talent in the world to strengthen the United States' security? Come join Lawrence Livermore National Laboratory (LLNL) where our employees apply their expertise to create solutions for BIG ideas that make our world a better place.We are committed to a diverse and equitable workforce with an inclusive culture that values and celebrates the diversity of our people, talents, ideas, experiences, and perspectives. This is essential to innovation and creativity for continued success of the Laboratory's mission. Job Description We have an opening for a Cybersecurity Vulnerability Analyst/Engineer to conduct comprehensive scanning of LLNL networks, devices, computers, web applications and cloud-delivered services. This position is within the Information Technology Solutions Division (ITSD) of the Computing Directorate and matrixed to the Cyber Security Program (CSP), in support of the Livermore Information Technology (LivIT) Program.This position will be filled at eitherlevel based on knowledge and related experience as assessed by the hiring team. Additional job responsibilities (outlined below) will be assigned if hired at the higher level.In this roleyou will- Perform network, system, web application, client application and cloud application vulnerability assessments on internal and external systems as well as systems on air-gapped networks.
- Provide vulnerability assessment support including troubleshooting and resolution of issues.
- Develop methods, tools, and procedures to improve vulnerability assessment capabilities and automate various complex tasks.
- Manage existing processes, systems, and tools exercising a high degree of responsibility.
- Serve as a vulnerability team technical point of contact and interact with internal and external personnel.
- Respond to incidents, triage cyber security events, and threat hunting activities, as a CSOC team member.
- Support systems and cyber operations during off-hours as needed and perform other duties as assigned.
- Perform other duties as assigned.
- Manage multiple tasks and priorities of customers and stakeholders, ensuring deadlines are met, while leveraging team member skills.
- Perform technical assessments, document actions, findings, and make remediation recommendations.
- Develop new processes, techniques, and procedures for performing vulnerability assessments.
- Ability to secure and maintain a U.S. DOE Q-level security clearance which requires U.S. citizenship.
- Bachelor's degree in Computer Science, Computer Engineering, Computer Information Systems, or related field, or the equivalent combination of education and related experience.
- Knowledge of computer and network technologies and Windows, Linux/UNIX and/or Apple hardware and operating systems.
- Experience with programming or scripting languages, such as: C, C#, Python, Java, PowerShell, or PHP.
- Experience with NMAP, Wireshark, Tenable, Nessus, Qualys, Rumble, and Burp Suite Pen Tester or other cybersecurity tools.
- Effective written and verbal communications skills to prepare, present and document technical information.
- Ability to effectively manage concurrent technical tasks with conflicting priorities, to approach difficult problems with enthusiasm and creativity and to change focus when necessary.
- Ability to work off-hours and on-call to respond to incidents (intermittently, either as-needed or as part of a rotation).
- Vulnerability assessment and technical experience with Linux or Windows operating systems, networks, and/or related hardware.
- Experience providing innovative approaches and apply new technologies to broadly defined tasks and projects.
- Broad experience applying effective analytical and problem-solving skills to moderately complex problems.
- Vulnerability assessment experience, including cloud services, such as: AWS/Azure; knowledge and experience using SPLUNK.
- Current Cybersecurity certification such as GIAC Certified Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), GIAC Certified Incident Handler (GCIH), GIAC Enterprise Vulnerability Assessor (GEVA), GIAC Security Essentials (GSEC), or CISSP.
- Knowledge of LLNL's Cyber Security policies, processes, and requirements.
- Included in 2021Best Places to Work by Glassdoor
- Work for a premier innovative national Laboratory
- Comprehensive Benefits Package
- Flexible schedules (depending on project needs)
- Collaborative, creative, inclusive, and fun team environment
- Included in 2022Best Places to Work by Glassdoor!
- Work for a premier innovative national Laboratory
- Comprehensive Benefits Package
- Flexible schedules (depending on project needs)
- Collaborative, creative, inclusive, and fun team environment
Vacancy caducado!