Cybersecurity Vulnerability Analyst/Engineer @ Lawrence Livermore National Laboratory - Livermore, CA

Job Overview

15 days ago

Cybersecurity Vulnerability Analyst/Engineer

Lawrence Livermore National Laboratory - Livermore, CA

Company Description

Join us and make YOUR mark on the World!

Are you interested in joining some of the brightest talent in the world to strengthen the United States’ security? Come join Lawrence Livermore National Laboratory (LLNL) where our employees apply their expertise to create solutions for BIG ideas that make our world a better place.

We are committed to a diverse and equitable workforce with an inclusive culture that values and celebrates the diversity of our people, talents, ideas, experiences, and perspectives. This is essential to innovation and creativity for continued success of the Laboratory’s mission.

Job Description

We have an opening for a Cybersecurity Vulnerability Analyst/Engineer to conduct comprehensive scanning of LLNL networks, devices, computers, web applications and cloud-delivered services. This position is within the Information Technology Solutions Division (ITSD) of the Computing Directorate and matrixed to the Cyber Security Program (CSP), in support of the Livermore Information Technology (LivIT) Program.

This position will be filled at either level based on knowledge and related experience as assessed by the hiring team. Additional job responsibilities (outlined below) will be assigned if hired at the higher level.

In this role you will

  • Perform network, system, web application, client application and cloud application vulnerability assessments on internal and external systems as well as systems on air-gapped networks.
  • Provide vulnerability assessment support including troubleshooting and resolution of issues.
  • Develop methods, tools, and procedures to improve vulnerability assessment capabilities and automate various complex tasks.
  • Manage existing processes, systems, and tools exercising a high degree of responsibility.
  • Serve as a vulnerability team technical point of contact and interact with internal and external personnel.
  • Respond to incidents, triage cyber security events, and threat hunting activities, as a CSOC team member.
  • Support systems and cyber operations during off-hours as needed and perform other duties as assigned.
  • Perform other duties as assigned.

Additional job responsibilities, at the SES.2 level

  • Manage multiple tasks and priorities of customers and stakeholders, ensuring deadlines are met, while leveraging team member skills.
  • Perform technical assessments, document actions, findings, and make remediation recommendations.
  • Develop new processes, techniques, and procedures for performing vulnerability assessments.

Qualifications

  • Ability to secure and maintain a U.S. DOE Q-level security clearance which requires U.S. citizenship.
  • Bachelor’s degree in Computer Science, Computer Engineering, Computer Information Systems, or related field, or the equivalent combination of education and related experience.
  • Knowledge of computer and network technologies and Windows, Linux/UNIX and/or Apple hardware and operating systems.
  • Experience with programming or scripting languages, such as: C, C#, Python, Java, PowerShell, or PHP.
  • Experience with NMAP, Wireshark, Tenable, Nessus, Qualys, Rumble, and Burp Suite Pen Tester or other cybersecurity tools.
  • Effective written and verbal communications skills to prepare, present and document technical information.
  • Ability to effectively manage concurrent technical tasks with conflicting priorities, to approach difficult problems with enthusiasm and creativity and to change focus when necessary.
  • Ability to work off-hours and on-call to respond to incidents (intermittently, either as-needed or as part of a rotation).

Additional qualifications at the SES.2 level

  • Vulnerability assessment and technical experience with Linux or Windows operating systems, networks, and/or related hardware.
  • Experience providing innovative approaches and apply new technologies to broadly defined tasks and projects.
  • Broad experience applying effective analytical and problem-solving skills to moderately complex problems.

Qualifications We Desire

  • Vulnerability assessment experience, including cloud services, such as: AWS/Azure; knowledge and experience using SPLUNK.
  • Current Cybersecurity certification such as GIAC Certified Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), GIAC Certified Incident Handler (GCIH), GIAC Enterprise Vulnerability Assessor (GEVA), GIAC Security Essentials (GSEC), or CISSP.
  • Knowledge of LLNL’s Cyber Security policies, processes, and requirements.

Additional Information

Why Lawrence Livermore National Laboratory?

  • Included in 2021 Best Places to Work by Glassdoor
  • Work for a premier innovative national Laboratory
  • Comprehensive Benefits Package
  • Flexible schedules (*depending on project needs)
  • Collaborative, creative, inclusive, and fun team environment

Learn more about our company, selection process, position types and security clearances by visiting our Career site.

COVID-19 Vaccination Mandate

LLNL demonstrates its commitment to public safety by requiring that all new Laboratory employees be immunized against COVID-19 unless granted an accommodation under applicable state or federal law. This requirement will apply to all new hires including those who will be working on site, as well as those who will be teleworking.

Security Clearance

LLNL is a Department of Energy (DOE) and National Nuclear Security Administration (NNSA) Laboratory. Some positions will require a DOE L or Q clearance (please reference Security Clearance requirement above). If you are selected and a clearance is required, we will initiate a Federal background investigation to determine if you meet eligibility requirements for access to classified information or matter. In addition, all L or Q cleared employees are subject to random drug testing. An L or Q clearance requires U.S. citizenship. For additional information please see DOE Order 472.2.

Pre-Employment Drug Test

External applicant(s) selected for this position will be required to pass a post-offer, pre-employment drug test. This includes testing for use of marijuana as Federal Law applies to us as a Federal Contractor.

Equal Employment Opportunity

LLNL is an affirmative action and equal opportunity employer that values and hires a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, marital status, national origin, ancestry, sex, sexual orientation, gender identity, disability, medical condition, pregnancy, protected veteran status, age, citizenship, or any other characteristic protected by applicable laws.

LLNS is committed to offering reasonable accommodations during the application and recruiting processes due to a disability. If you need assistance or an accommodation due to a disability, please submit a request via our online form.

California Privacy Notice

The California Consumer Privacy Act (CCPA) grants privacy rights to all California residents. The law also entitles job applicants, employees, and non-employee workers to be notified of what personal information LLNL collects and for what purpose. The Employee Privacy Notice can be accessed here.

Similar Jobs

Threat Analyst, Security Engineer

Tesla

Fremont, CA

Deep-dive analysis and documentation of vulnerabilities, exploits, hacking tools, adversarial TTPs and attacks. Experience using platforms like ELK or Splunk.

Cybersecurity IT Product Specialist - Intelligence and Event Management

PG&E Corporation

Sacramento, CA

The Cybersecurity team enables PG&E to achieve its mission by providing governance, oversight, and support of operational resiliency and asset safeguards in a…

IT Cybersecurity Specialist (Direct Hire)

US Ames Research Center

Moffett Field, CA

This position involves supporting the policies, methods, tools, and procedures of information systems security planning and management to remediate systems…

Senior Technical Program Manager - Project Kuiper Cybersecurity (Location: Sunnyvale, CA)

Amazon.com Services LLC

Sunnyvale, CA

Hands-on ownership of a security product or security engineering practice such as vulnerability hunting, incident response, network security, security reviews,…

Software Development Engineer, Security

Workday

Pleasanton, CA

Ability to build tools and internal applications to discover, evaluate and mitigate security vulnerabilities during development and in production.

Endpoint Engineer

Workday

Pleasanton, CA

Participate in vulnerability and risk management processes to identify risks & deploy updates. Build, deploy, and handle a large-scale Unified Endpoint…

Security Engineer - Penetration Testing

Workday

Pleasanton, CA

Passion to track the latest developments in vulnerability research and evaluate security impact. Strong experience in performing penetration tests and/or…

Senior Information Security Engineer

Qualia

San Francisco, CA

Reproduce vulnerability findings from multiple sources—including penetration tests, tooling, and external reports—and communicate the risk associated with those…

Senior Security Engineer

Fiserv

Sunnyvale, CA

Assess infrastructure, web and application environments to help identify, and prioritize risks and vulnerabilities. Participate in IT and security audits.

BrightDrop Chief Information Security Officer

General Motors

Palo Alto, CA

Facilitate post-incident investigations, including impact analysis and recommendations for avoiding similar vulnerabilities.

Sr Software Engineer (Security)- Slack

Salesforce

San Francisco, CA

Work on networking software: This team also is responsible for the production, development and ongoing extensions to the Nebula overlay network.

Senior Information Security Risk Analyst

Intuitive

Sunnyvale, CA

Researches and evaluates cybersecurity threats and performs root cause analysis. Administers cybersecurity policies to control physical and virtual access to…

Analyst, Technology Group (Cybersecurity)

Orange Silicon Valley

San Francisco, CA

You will contribute to Orange Silicon Valley's knowledge of cloud security, consumer cybersecurity, integration of cybersecurity in development and operations…

Information Security Engineer

RAPT THERAPEUTICS

South San Francisco, CA

Perform vulnerability scanning and address threats and vulnerabilities findings. Implement and monitor cybersecurity systems and address high risk findings.

Application Security Software Engineer (AfroTech)

Wells Fargo

San Francisco, CA

Communicates vulnerability details to both technical and non-technical audiences. 1 + years of experience communicating system vulnerabilities and remediation…

Penetration Testing - Security Engineer

CERRATEK

Pleasanton, CA

Passion to track the latest developments in vulnerability research and evaluate security impact. Strong experience in performing penetration tests and/or…

Info Security Engineer

Wells Fargo

San Francisco, CA

The person selected for this position will work with partner Engineering Teams on identification and remediation of security vulnerabilities, and may also…

Information Security Engineer (FT)

Personalis

Menlo Park, CA

Working knowledge of global threats to cybersecurity and understanding of the tools and tactics utilized by threat actors.

Security Operations Manager

Anomali

San Francisco Bay Area, CA

Bachelor's Degree in cybersecurity, computer science, engineering or equivalent experience. The Security Operations Manager will be responsible for driving the…

Penetration Tester/ Security Expert

Salesforce

San Francisco, CA

4 years of Experience in infrastructure vulnerability assessments and remediation. Leverage code review skills to identify complex vulnerabilities within code.

Director, Cyber Security - Incident Response

KPMG

San Francisco, CA

Assist organizations in protecting value through the assessment of their risk and vulnerability to fraud and misconduct.

Director/Senior Manager - Security Engineering - IAM

Salesforce

San Francisco, CA

Strong knowledge in security fundamentals: authentication/authorization frameworks (e.g., SSO, SAML, Oauth), secure transport (e.g., SSL, TLS), identity…

Offensive Security Engineer - Opportunity for Working Remotely Palo Alto, CA

VMware

Palo Alto, CA

Security Engineers on this team are responsible for finding new vulnerabilities and analyzing externally reported vulnerabilities, developing exploits,…

Senior Cybersecurity Counsel (remote)

Palo Alto Networks

Santa Clara, CA

Develop and deliver training, collateral, and communications on cybersecurity and related topics. 7+ years of relevant cybersecurity experience in technology or…

Ad