Cybersecurity Researcher

Description

Savannah River National Laboratory (SRNL) is seeking a Computer and Cybersecurity Researcher

We are seeking out an experienced computer and cybersecurity researcher to lead and participate in efforts to secure government and critical infrastructure systems in support of the Department of Energy, other government Departments and Agencies, and industry partners. Our organization is a unique team whose members develop and deploy operational cybersecurity capabilities and conduct cutting-edge research in advanced digital and cybersecurity technologies. Researchers are expected to apply research advances to challenging multi-disciplinary problems important to national security, with an emphasis on creating a strong cyber environment that can withstand multi-domain, highly sophisticated attacks. Current research focus includes vulnerability assessments, countermeasures development and assessment, reverse engineering, malware analysis, intrusion detection, network and host forensics, mobile devices and networks, at-scale virtualization, and enterprise-scale emulation and analysis of cyber events. Team members are expected to conduct innovative research; to lead projects and contribute effectively on research teams; to work with customers to understand needs and propose solutions; and to present results as appropriate in publications, at open conferences and meetings. Access to knowledge and support successful execution of programs in this arena will require a security clearance. Some travel is expected to meet with sponsors and conduct research activities.

The ideal candidate is an innovative technology professional with a passion for computer engineering and research. If you excel in solving complex technical problems and have a deep understanding of hardware and software integration, we invite you to apply for this role. We offer competitive compensation, a dynamic work environment and ample opportunities for professional growth.

Responsibilities

Plan, conceive, conduct, or manage research and development for SRNL’s customers and sponsors

Initiate, design, develop, execute, and evaluate new processes, products, or hardware/software systems through basic and applied research

Use engineering principles to research, design, or develop structures, instruments, machines, experiments, processes, systems, theories, or technologies; to construct or operate the same with full cognizance of their design; or to forecast their behavior

Undertake development and possible technology transfer of solutions, products, principles, or technology

Collaborate with cross-functional teams to define system specifications and ensure seamless integration of hardware and software solutions

Lead and participate in the development and implementation of technology research strategies and roadmaps for mission area growth

Ensure compliance with industry standards, regulations, and best practices in computer engineering

Document technical specifications, system designs and project progress to maintain clear and comprehensive records

Conduct feasibility studies and cost-benefit analyses for proposed hardware and software solutions

Qualifications

Minimum Qualifications:

PhD in computer science, computer engineering, or a related technical discipline, with an emphasis on Cybersecurity with at least 2 years’ relevant experience; or Master’s degree in these disciplines with at least 3 years' relevant experience

Expertise in one or more of the following: cyber vulnerability assessment, intrusion detection systems and countermeasures, Operational Technology (OT) network protocols and monitoring, host forensics and memory forensics, malware analysis and triage, computer networks

Evidence of relevant research expertise in the form of technical publications, presentations, software, and/or knowledge of applications

Software development competence in at least one programming language; e.g. C/C++, Perl, Python, Ruby, Java or a related language

Demonstrated success in conducting multi-disciplinary research projects

Excellent written and oral communication skills

For ability to obtain and maintain a Department of Energy (DOE)-granted Q-level and SCI security clearance, a U.S. Citizenship is required

Preferred Qualifications:

Demonstrated ability to team effectively in a collaborative research environment

Demonstrated ability to independently bring definition to difficult ill-defined problems to develop workable technical approaches

Software engineering proficiency, particularly with respect to best practices and team development of high-quality code

Experience with system level development, kernel programming, and binary reverse engineering

Experience with any behavioral models (MITRE ATT&CK, Lockheed Martin “Cyber Kill Chain”, etc..) for advanced persistent threats (APT)

Experience with Intrusion Detection Systems (IDS) and signature development

Hands-on network/packet level examination using tools such as tcpdump or wireshark and network intrusion detection (Snort, Suricata, Zeek, etc.) tools

Experience applying machine learning techniques to network packet capture (PCAP) data

Strong understanding of inter-domain networking including BGP, layer-2 networking protocols such as OSPF, ARP, DHCP, and TCP/IP networks in general.

Working knowledge of TCP/IP, HTTP, SSL, DNS, FTP, SSH, and other common Internet protocols as well as common client scripting languages such as Javascript and VBscript.

Experience searching/parsing log files with command line utilities

Working knowledge of multiple operating systems (Windows, UNIX/BSD, Linux, OS X, etc.)

Background in solving practical problems in science and engineering that involve encounters with real-world data

Demonstrated ability to build external partnerships with academia, consortia, and industry

Recognized expertise (e.g., publications, patents, awards) in one or more areas of computer science/engineering

Familiarity with DOE national lab system

Active Security Clearance