Sign up
Sign up
As part of the Cyber Risk and Resilience Directorate, you will be part of a team of engineers aimed at applying the latest tools, techniques and methods to resilience challenges. The Senior Cybersecurity Engineer will support the operational capabilities and continued evolution of the Cybersecurity Assurance Team (CA), specifically focusing on cybersecurity training development and delivery. The CA team develops solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow organizations to assess, analyze, and manage organizational, operational, and technical risks to mission-critical assets, processes, systems, and infrastructures. In this role, you will help provide the bridge between our operational capabilities and the development of impactful in-person and on-demand training.
Knowledge, Skills and Abilities:
Candidates should have experience/knowledge in several of the following:
Experience in managing projects
Experience in delivering cybersecurity training
Familiarity with cybersecurity standards (e.g., NIST CSF, NIST SP 800 series, ISO 27000 series, etc.).
Knowledge of assessment methodologies, tactics, techniques, and procedures
Knowledge of the evaluation of cybersecurity controls and practices.
Knowledge of conducting security assessments including conducting on-site technical assessments, pre- and post-assessment analysis, preparation of technical reports and briefings to customers.
Knowledge of critical infrastructure protection concepts and standards.
Knowledge of information sharing practices and models.
An understanding of maturity model concepts.
Ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.
Ability to communicate with a range of audiences ranging from junior technical individual contributors to senior customer points of contacts.
Project Participation and Customer Engagement (80%): You will contribute to customer projects designed to advance the state of the art in cybersecurity. You will represent the SEI regularly presenting our mission and our work to our stakeholders.
Community Engagement (15%): You will engage with our communities of interest; this includes presenting our mission and work via publication and presentation. You will build and maintain relationships with the relevant research and technology communities.
Professional Development (5%): You will continue to grow your knowledge and skills in cybersecurity and stay current on emerging trends and topics relevant to the team’s portfolio.
Requirements:
Education and Experience: BS degree in a relevant discipline with 10 years of applicable experience, or a MS degree in a relevant discipline with 8 years of applicable experience, or a PhD in a relevant discipline with 5 years of applicable experience.
Technical Excellence: You have a track record of successfully leading projects for a technical discipline. You are user-centered and accomplishment-focused, driving projects and the people that work on them to successful, high-impact outcomes.
Leadership: You have the ability to lead diverse teams in analyzing and solving real-world problems by developing engineering guidance as well as applying and tailoring, as appropriate, SEI and non-SEI technologies and resources.
Working in a Creative, Dynamic Environment: You have experience contributing to multiple simultaneous projects and thrive in a creative and high-energy environment. You are willing to experiment with new practices and develop effective processes, practices, and infrastructure to support successful projects.
Mentorship: You have experience mentoring, motivating, and empowering less-experienced team members in ways that promote equity and inclusion.
Communication: You are an outstanding communicator and can interact collaboratively and diplomatically with customers and colleagues at all levels of knowledge and experience. You grasp the big picture, direction, and goals of an effort with ability to dig into the details on problems and technical concepts. You can present complex ideas to people who may not have a deep understanding of the subject area.
Travel: Frequent (15-35%) to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings.
Security Clearance: You will be subject to a background investigation and must have the ability to obtain and maintain a Department of Defense security clearance.
Applicants for this position must be currently legally authorized to work for CMU in the United States. CMU will not sponsor or take over sponsorship of an employment visa for this opportunity.
Desired Experience:
Strong writing/editing ability. Ability to interact with others and function as a member of a process action team or instructional design working group. Experience with course and information mapping, flowcharting, etc.
Certifications: A+ CE, CCNA-Security, CND, Network+ CE, SSCP, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Project Management Professional (PMP),or equivalent experience
Location
Pittsburgh, PA
Job Function
Software/Applications Development/Engineering
Position Type
Staff – Regular
Full time/Part time
Full time
Pay Basis
Salary
More Information: Please visit “Why Carnegie Mellon” to learn more about becoming part of an institution inspiring innovations that change the world.
Click here to view a listing of employee benefits
Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran .
As part of the Cyber Risk and Resilience Directorate, you will be part of a team of engineers aimed at applying the latest tools, techniques and methods to resilience challenges. The Senior Cybersecurity Engineer will support the operational capabilities and continued evolution of the Cybersecurity Assurance Team (CA), specifically focusing on cybersecurity training development and delivery. The CA team develops solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow organizations to assess, analyze, and manage organizational, operational, and technical risks to mission-critical assets, processes, systems, and infrastructures. In this role, you will help provide the bridge between our operational capabilities and the development of impactful in-person and on-demand training.
Knowledge, Skills and Abilities:
Candidates should have experience/knowledge in several of the following:
Experience in managing projects
Experience in delivering cybersecurity training
Familiarity with cybersecurity standards (e.g., NIST CSF, NIST SP 800 series, ISO 27000 series, etc.).
Knowledge of assessment methodologies, tactics, techniques, and procedures
Knowledge of the evaluation of cybersecurity controls and practices.
Knowledge of conducting security assessments including conducting on-site technical assessments, pre- and post-assessment analysis, preparation of technical reports and briefings to customers.
Knowledge of critical infrastructure protection concepts and standards.
Knowledge of information sharing practices and models.
An understanding of maturity model concepts.
Ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.
Ability to communicate with a range of audiences ranging from junior technical individual contributors to senior customer points of contacts.