Cyber Security Analyst at SEI Networked Systems Survivability in Pittsburgh, PA

Job Function

Administration/Management

Primary Location

United States-Pennsylvania-Pittsburgh

FT/PT Status

Regular Full Time

Organization

SEI NETWORKED SYSTEMS SURVIVABILITY

Minimum Education Level

Bachelor’s Degree or equivalent

Salary

Negotiable

The goal of the Enterprise Threat and Vulnerability Management (ETVM) team is to assist organizations in improving their security posture and incident response capability by researching technical threat areas; developing information security assessment methods and techniques; and providing information, solutions and training for preventing, detecting, and responding to illicit activity. ETVM team members are domain experts in insider threat, security assessments, and incident response; team capabilities include threat analysis and modeling; development of security metrics and assessment methodologies; and creation and delivery of training, courses, and workshops. The selected individual will be part of ETVM’s Threat Research Team, and will conduct analysis of cyber threat data from industry, government and public sources. The individual will be responsible for fusing numerous data sets, developing analytical techniques, and synthesizing the results to create actionable intelligence. The individual will explore and develop cutting edge technology solutions to address national and industry-wide cyber security problems. The selected individual will participate in the development and execution of new security assessment methodologies, including innovative new methods for conducting operational threat assessments, risk and vulnerability assessments, and penetration testing / red team exercises. The selected individual also conducts research on best practices on difficult information technology solutions and provides reference architecture papers to assist Federal agencies in deploying those solutions. The selected individual will develop and apply data-driven research methods and models to solve complex problems in the cyber security domain. The individual will be expected to contribute to the state of the practice in the operational cyber threat domain; to develop professional standards and training; and to mentor other staff on threat analysis and mitigation solution principles. The selected individual may also assist on compliance validation teams which entail conducting on-site assessments, pre- and post-assessment analysis, preparation of technical reports and briefings to customers. The individual will work as a member of collaborative project teams and will work closely with customers from a variety of organizations, including government agencies and critical infrastructure providers.

Minimum:

• Education: MS in computer science, software engineering, information systems, or a related technical field with five (5) years of experience or BS in computer science, software engineering, information systems, or a related technical field with eight (8) years’ experience or equivalent.
• Experience: Experience as a system or network administrator, software engineer, information systems analyst, database administrator or similarly technical occupation.
• Skills: Understanding of information technology and telecommunications systems; working knowledge of network security and survivability/resiliency issues; working knowledge of cyber security domain, including common classes of threat actors, vectors and targets; ability to conduct analytical studies and investigations of cyber threats; experience conducting cyber security assessments including threat assessments; outstanding written and oral communication skills; experience with corporate security teams, incident response teams, security operations centers or the intelligence community investigating and responding to threats; demonstrated research skills; ability to design detailed analysis methodologies and explain them to technical and non-technical collaborators; demonstrated ability to prepare papers and presentations for technical and non-technical audiences; reasoning and problem-solving skills; ability to work independently with limited supervision; ability to recognize and deal appropriately with confidential and sensitive information; participate in conferences and meetings; contribute to customer presentations and technology transfer activities; strong interest in security analysis R&D; ability to create instructional materials and conduct training.
• Physical Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites & various critical infrastructure sites.
• Environmental Conditions: Close contact with CRT for extended periods of time.
• Mental: Ability and interest in addressing security issues in a holistic manner, addressing both organizational and technical policies and practices; as well as behavioral and organizational issues. Ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities. Ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.
• Other: Candidate must have or be able to obtain a Top Secret security clearance and be a US citizen.

Preferred:

• Experience: Experience working in or with the DOD, intelligence community, or law enforcement in a classified environment; experience investigating, tracking, and reporting on cyber threats and risks to organizations; experience analyzing intelligence and/or conducting investigations related to cybercrime, espionage, fraud and critical infrastructure; experience in penetration testing, red teaming, or blue teaming; experience in both physical and cyber security functions; experience in auditing or conducting assessments including threat assessments; experience developing, testing, documenting and applying threat modeling methodologies; experience programming or scripting in a high level language such as Python, Ruby, .NET, JavaScript; experience creating custom queries and reports based on SQL-based and other databases; experience with risk management frameworks and formal research and modeling methodologies; working in a team environment on collaborative projects in critical infrastructure sectors involving network, system or data security; experience employing software engineering techniques, resiliency management models and capability maturity models in complex and dynamic problem spaces.
• Skills: Working knowledge of network security/survivability. Knowledge of and experience with sound software engineering practices and best practices for information security, project management experience, leadership and mentoring skills.