• Early Career Cyber Assurance Architect - Cyber…

    Sandia National Laboratories (Albuquerque, NM)


    About Sandia:

    Sandia National Laboratories is the nation’s premier science and engineering lab for national security and technology innovation, with teams of specialists focused on cutting-edge work in a broad array of areas. Some of the main reasons we love our jobs:

     

    + Challenging work with amazing impact that contributes to security, peace, and freedom worldwide

    + Extraordinary co-workers

    + Some of the best tools, equipment, and research facilities in the world

    + Career advancement and enrichment opportunities

    + Flexible work arrangements for many positions include 9/80 (work 80 hours every two weeks, with every other Friday off) and 4/10 (work 4 ten-hour days each week) compressed workweeks, part-time work, and telecommuting (a mix of onsite work and working from home)

    + Generous vacation, strong medical and other benefits, competitive 401k, learning opportunities, relocation assistance and amenities aimed at creating a solid work/life balance*

     

    World-changing technologies. Life-changing careers. Learn more about Sandia at: http://www.sandia.gov

     

    *These benefits vary by job classification.

    What Your Job Will Be Like:

    We are seeking a highly motivated and driven Early Career Cyber Assurance Architect (CAA) to join our dynamic team. In this role, you will be responsible for the research, design, and development of cyber solutions that span multiple domains, including cybersecurity guidelines, continuous monitoring, risk management, and mitigation for enterprise-wide systems and networks. You will ensure that system security needs are established and maintained throughout the operations development lifecycle, from security requirements definition to systems hardening and vulnerability testing.

    On any given day, the selected applicant may be called on to:

    + Participate in planning, organizing, and implementing risk management processes, policies, and procedures.

    + Write technical responses to internal and external cybersecurity inquiries.

    + Document risk assessments, generate vulnerability analysis reports, and create other supporting cybersecurity artifacts.

    + Ensure compliance with all Information Assurance controls, perform risk analysis, and assist in mitigating cyber and IT risks.

    + Generate formal compliance documents and accreditation submissions.

    + Interact with corporate and internal cybersecurity tools and staff to coordinate, track, and document team activities.

    + Collaborate with staff and management across the program to understand needs and requirements and coordinate the delivery of cybersecurity solutions.

    + Assist in the generation of new and reaccreditation of existing cybersecurity plans.

    + Work closely with system administrators to provide interpretation of NIST requirements and guidelines, along with validation testing.

    + Analyze existing systems and compare them to trends and emerging technologies to determine future needs from a cyber assurance perspective.

    + Identify risks and risk-reduction strategies for the proper integration of technologies and controls into the environment.

    + Collaborate with other government organizations and agencies to securely enable new and emerging programs.

     

    Due to the nature of the work, the selected applicant must be able to work onsite.

    Salary Range:

    $99,400 - $193,600

     

    *Salary range is estimated, and actual salary will be determined after consideration of the selected candidate's experience and qualifications, and application of any approved geographic salary differential.

    Qualifications We Require:

    + Bachelor's degree in Information Assurance, Cybersecurity, Computer Science, or a related computer subject area, plus one or more years of experience; or an equivalent combination of relevant education and experience.

    + Ability to acquire an Information Assurance certification (e.g., Security+, CISSP, CISA).

    + Ability to obtain and maintain a DOE Q and SCI clearance which may require polygraph testing.

    Qualifications We Desire:

    Ideally, we would like to see your background include some of the following:

    + Experience applying and developing cybersecurity standards, directives, guidance, and policies to an architectural framework.

    + Experience with Windows and Linux operating systems, as well as configuring assurance tools (e.g., Nessus, Splunk, HBSS).

    + Experience operating within and supporting a security assurance and assessment program.

    + Familiarity with the Risk Management Framework (RMF) and/or NIST 800-53 security controls.

    + Knowledge of DOE/NNSA cybersecurity orders and policies; relevant federal and private standards and requirements (e.g., NIST, STIGs).

    + Hands-on experience in obtaining and maintaining information system accreditations.

    + Knowledge of installation, integration, and optimization of system components (e.g., anti-virus software).

    + Experience with cloud web services such as AWS and Azure.

    + Experience developing software in C++ and/or Python, using modern development methods (containers, CI/CD).

    + Knowledge of and experience with DevSecOps principles and environments.

    + Experience using agile practices and principles, and familiarity with Scrum or Kanban frameworks and their tools (e.g., Jira, Confluence).

    + Strong oral and written communication skills, with the ability to explain complex ideas clearly and concisely.

    + Active Information Assurance certification (e.g., Security+, CISSP, CISA).

    + Active DOE/DOD clearance with SCI, with a recent polygraph test

    About Our Team:

    The Systems Design and Architecture Department designs, evaluates, and develops sophisticated architectures for processing and exploitation of remote sensing information. We enable teams that invent, analyze, and develop algorithms and software that support real-time extraction and classification of static and dynamic events from a variety of very complicated data streams from pathfinder remote sensing assets. We are part of crafting and deploying innovative large networked computing systems that process terabytes of near real-time data daily, extracting information, and providing it to national decision makers.

    Posting Duration:

    This posting will be open for application submissions for a minimum of seven (7) calendar days, including the ‘posting date’. Sandia reserves the right to extend the posting date at any time.

    Security Clearance:

    Sandia is required by DOE to conduct a pre-employment drug test and background review that includes checks of personal references, credit, law enforcement records, and employment/education verifications. Applicants for employment need to be able to obtain and maintain a DOE Q-level security clearance and SCI access, both of which require US citizenship. SCI access may also require a polygraph examination. If you hold more than one citizenship (i.e., of the U.S. and another country), your ability to obtain these levels of access may be impacted.

     

    Applicants offered employment with Sandia are subject to a federal background investigation to meet the requirements for access to classified information or matter if the duties of the position require a DOE security clearance. Substance abuse or illegal drug use, falsification of information, criminal activity, serious misconduct or other indicators of untrustworthiness can cause a clearance to be denied or terminated by the DOE, resulting in the inability to perform the duties assigned and subsequent termination of employment.

    EEO:

    All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status and any other protected class under state or federal law.

    NNSA Requirements for MedPEDs:

    If you have a Medical Portable Electronic Device (MedPED), such as a pacemaker, defibrillator, drug-releasing pump, hearing aids, or diagnostic equipment and other equipment for measuring, monitoring, and recording body functions such as heartbeat and brain waves, if employed by Sandia National Laboratories you may be required to comply with NNSA security requirements for MedPEDs.

     

    If you have a MedPED and you are selected for an on-site interview at Sandia National Laboratories, there may be additional steps necessary to ensure compliance with NNSA security requirements prior to the interview date.

     

    Job ID: 695595

     

    Job Family: IT

     

    Regular/Temporary Position: R

     

    Full/Part-Time Status: F