NREL Jobs

Mobile nrel Logo

Job Information

National Renewable Energy Laboratory Cyber Security Analyst in Golden, Colorado

Posting Title

Cyber Security Analyst

.

Location

CO - Golden

.

Position Type

Regular

.

Hours Per Week

40

.

Job Description

Summary

The Cyber Security analyst will monitor NREL's networks and computing systems for indications of unauthorized access and attack activity. The Cyber Security analyst must have a comprehensive understanding of networks and computing systems that allows them to discern normal activity from attack activity. The analyst will investigate alerts and other anomalies to ensure that unwanted activity is found, remediated, and that adjustments are made to prevent similar activity. The analyst will also create new alerts and detection mechanisms to enhance NREL's ability to detect and hunt for unwanted activity. Strong communication skills both orally and written are required. This position is located on NREL’s Golden, CO campus.

Job Duties

  • Respond to alerts and investigate security events

  • Regularly interact with and educate customers who report suspected security threats

  • Recognize successful and unsuccessful intrusion attempts through analysis of relevant event information

  • Perform incident response, analysis, and recovery actions

  • Research and evaluate security tools and attacker tactics, techniques and procedures to improve NREL's ability to detect and respond to malicious activity

  • Perform forensic tasks to collect, preserve and analyze evidence collected during incidents and investigations

  • Assist with implementation of technical counter-measures and monitoring tools

  • Administer security systems for defense-in-depth measures

  • Assess risks to the security of NREL's computing systems

  • Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies

.

Basic Qualifications

Related Bachelor's Degree and 2 or more years of experience or equivalent related education/experience. Or, related Master's Degree or equivalent related education/experience.

.

Additional Required Qualifications

Requirements and qualifications

  • Experience should include at least one year in an Information Technology role working in security analysis.

  • Technical background in multiple disciplines, including experience with:

  • Windows, Mac and Linux operating systems, and system administration

  • TCP/IP networking concepts, protocols and architecture

  • Security measures/defense-in-depth

  • Security and availability monitoring

  • Strong understanding of common cyber security concepts and threats

  • Strong troubleshooting skills

  • Ability to synthesize multiple related data points into a coherent understanding of an event or series of related events

  • Ability to perform research, read documentation, and independently learn new skills

  • Ability to work both alone and as part of a collaborative team

  • Demonstrated skills in critical thinking and problem solving

  • Excellent communication skills, including listening; being able to provide both oral and written presentations on changes as well as appropriate documentation

Must have or be able to obtain a “Q” Security Clearance.

NREL is subject to Department of Energy (DOE) access restrictions. All candidates must be authorized to access the facility per DOE rules and guidance within a reasonable time frame for the specified position in order to be considered for an interview. DOE rules for site access during the interview process are the same regardless of whether the candidate is interviewed on-site, off-site, or via telephone or videoconference. Additionally, DOE contractor employees are prohibited from participating in certain Foreign Government Talent Recruitment Programs (FGTRPs). If a candidate is currently participating in an FGTRP, they will be required to disclose their participation after receiving an offer of employment and may be required to disengage from participation in the FGTRP prior to commencing employment.

Ability to form effective teams with internal and external collaborators. Ability to collaborate with individuals at all levels of the organization. Strong technical background and experience in a high-pressure, fast-paced environment.

Preferred Qualifications

  • One or more applicable security certifications (CISSP, C|EH, GIAC (SANS) certifications, Security+)

  • Splunk or other SIEM experience

  • Incident response experience

  • Training or experience in one or a combination of forensic analysis, malware analysis, penetration testing, or network packet and protocol analysis experience

  • Understanding and implementation of NIST, FIPS, and DOE security controls, guidelines, and standards.

  • Previous experience in a DOE or National Laboratory environment

  • General knowledge and application of standards, principles, concepts and techniques in specific field. Some understanding of related IS practices and standards. Skilled in analytical techniques and practices, and problem solving. Skilled in written and verbal communication. Intermediate programming ability with various computer software programs and information systems.

.

Submission Guidelines

Please note that in order to be considered an applicant for any position at NREL you must submit an application form for each position for which you believe you are qualified. Applications are not kept on file for future positions. Please include a cover letter and resume with each position application.

.

EEO Policy

NREL is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard basis of age (40 and over), color, disability, gender identity, genetic information, marital status, military or veteran status, national origin/ancestry, race, religion, creed, sex (including pregnancy, childbirth, breastfeeding), sexual orientation, and any other applicable status protected by federal, state, or local laws.

EEO is the Law at http://www.dol.gov/ofccp/regs/compliance/posters/ofccpost.htm | Pay Transparency Nondiscrimination at https://www.dol.gov/ofccp/pdf/pay-transpEnglishunformattedESQA508c.pdf | Reasonable Accommodations at http://www.nrel.gov/careers/employment-policies.html

E -Verify www.dhs.gov/E-Verify |For information about right to work, click here at http://www.justice.gov/sites/default/files/crt/legacy/2013/08/13/FinalOSCPosterEN08012013.pdf for English or here at http://www.justice.gov/crt/file/813271/download for Spanish.

E-Verify is a registered trademark of the U.S. Department of Homeland Security. This business uses E-Verify in its hiring practices to achieve a lawful workforce.

The National Renewable Energy Laboratory (NREL) is a leader in the U.S. Department of Energy’s effort to secure an environmentally and economically sustainable energy future. With locations in Golden and Boulder, Colorado, and a satellite office in Washington, D.C., NREL is the primary laboratory for research, development, and deployment of renewable energy technologies in the United States.

NREL is subject to Department of Energy (DOE) access restrictions. All candidates must be authorized to access the facility per DOE rules and guidance within a reasonable time frame for the specified position in order to be considered for an interview. DOE rules for site access during the interview process are the same regardless of whether the candidate is interviewed on-site, off-site, or via telephone or videoconference. Additionally, DOE contractor employees are prohibited from participating in certain Foreign Government Talent Recruitment Programs (FGTRPs). If a candidate is currently participating in an FGTRP, they will be required to disclose their participation after receiving an offer of employment and may be required to disengage from participation in the FGTRP prior to commencing employment. Any offer of employment is conditional on the ability to obtain work authorization and to be granted access to NREL by the Department of Energy (DOE). We understand that COVID-19 may have caused delays or closures at offices, consulates, and embassies. However, NREL cannot make exceptions to work authorization and access requirements, and exceptions to these requirements are not being made for COVID-19 related delays.

Please review the information on our Hiring Process at https://www.nrel.gov/careers/hiring-process.html website before you create an account and apply for a job. We also hope you will learn more about NREL at https://www.nrel.gov/about/ , visit our Careers site at https://www.nrel.gov/careers/ , and continue to search for job opportunities at https://nrel.wd5.myworkdayjobs.com/NREL at the lab.

DirectEmployers