Posting TitleCyber Threat Analysis Researcher I
.
LocationCO - Golden
.
Position TypeRegular
.
Hours Per Week40
.
Working at NREL
From day one at NREL, you’ll connect with coworkers driven by the same mission to save the planet. By joining an organization that values a supportive, inclusive, and flexible work environment, you’ll have the opportunity to engage through our ten employee resource groups, numerous employee-driven clubs, and learning and professional development classes.
NREL supports inclusive, diverse, and unbiased hiring practices that promote creativity and innovation. By collaborating with organizations that focus on diverse talent pools, reaching out to underrepresented demographics, and providing an inclusive application and interview process, our Talent Acquisition team aims to hear all voices equally. We strive to attract a highly diverse workforce and create a culture where every employee feels welcomed and respected and they can be their authentic selves.
Our planet needs us! Learn about NREL’s critical objectives, and see how NREL is focused on saving the planet.
We invite all interested candidates to apply for this opportunity. While we recognize that job seekers may hesitate if they don’t meet every requirement, we encourage dedicated individuals who meet all the basic and additional required qualifications of the role to submit an application. We value the opportunity to consider those who believe they have the necessary skills and ambition to succeed at NREL.
Job Description
The Cybersecurity Threat Analysis Group (CTAG), within NREL’s Cybersecurity Research Center, performs research to better understand the threats, detection strategies and mitigation opportunities for renewable energy infrastructure anddistributed energy resources. Our efforts include technical assessments of existing technologies and near-term innovations, research into Industrical Control Systems (ICS) communications technologies, network architectures and protocols, as well as informing the development and application of cybersecurity frameworks and policy. CTAG researchers collaborate with government and industry partners to contribute to a more secure and resilient renewable energy infrastructure with global impact.
Cybersecurity Threat Analysis Group cybersecurity researchers perform hands-on technical research and assessments. Researchers have the opportunity to drive NREL research in ICS security as well as help build a red team capability to support a rapidly growing cybersecurity portfolio. Team members work alongside current NREL cybersecurity research staff to utilize the best-in-class Cyber Range to deploy applicable large scale test environments, perform hardware-in-the-loop technology assessments, research into ICS threats, detection, and mitigation as it pertains to renewable energy. Research will span across ICS and renewable energy technologies and include collaboration and partnership with utility and cyber security solution providers as well as government stakeholders. The CTAG group has a need for a cybersecurity research team member who will provide support of real world threat analysis for the Energy Threat Analysis Center (ETAC), and other critical programs.
The successful candidate will be a key member of the threat analysis team and collaborate with threat emulation team members, analysis and reporting researchers, power systems engineers, and the NREL cyber range team. Beyond ETAC, the candidate will have the opportunity to contribute to a variety of cybersecurity research efforts and develop experience with a wide range of virtualization, orchestration and threat emulation tools.
Responsibilities:
- Create and support threat emulation plans in relation to current threat actor campaigns.
- Collaborate with colleagues to develop and deploy complex virtual environments including communications, power systems, hardware-in-the-loop and security technologies.
- Coordinate with NREL cyber range team to ensure virtual environment network connectivity, operation, and reliability.
- Assist analysis and reporting team in the creation of deliverables to appropriate sponsors.
- Create memos, hunting guides and other communication vehicles in support of the ETAC.
Note: This position requires a Hybrid work arrangement, including regular in-person work at NREL's South Table Mountain Campus in Golden, CO, and is not eligible for 100% remote work arrangements.
.
Basic QualificationsRelevant Bachelor's Degree . Limited use and application of engineering principles, theories and concepts. Good written and verbal communication skills. Ability to use various computer software programs.
* Must meet educational requirements prior to employment start date.
Additional Required Qualifications
- Linux system administration
- Experience with Docker configuration and administration including creation of Docker images.
- Experience with modeling and simulation tools
- Knowledge of Industrial Control Systems Cybersecurity principles
- Programming in C/C++/Python/Go
- Knowledge of Industrial Control Systems protocols
- Knowledge of Continuous Integration and Deployment processes
- Ability to obtain and maintain a TS/SCI clearance
Preferred Qualifications
- Experience supporting Continuous Integration and Deployment processes using DevOps tools such as Jenkins, GitHub and/or GitLab Actions and Projects
- Knowledge of git version control, semantic versioning and Git release processes
- Experience building and deploying Docker containers using Docker-Compose and/or Kubernetes.
- Experience using agile management software (e.g., Jira)
- Experience and knowledge using ELK stack
- Knowledge of energy system security principles
- Experience building and deploying Docker containers using Docker-Compose and/or Kubernetes.
.
Job Application Submission Window
The anticipated closing window for application submission is up to 30 days and may be extended as needed.
Annual Salary Range (based on full-time 40 hours per week)Job Profile: Researcher I / Annual Salary Range: $63,600 - $104,900
NREL takes into consideration a candidate’s education, training, and experience, expected quality and quantity of work, required travel (if any), external market and internal value, including seniority and merit systems, and internal pay alignment when determining the salary level for potential new employees. In compliance with the Colorado Equal Pay for Equal Work Act, a potential new employee’s salary history will not be used in compensation decisions.
Benefits SummaryBenefits include medical, dental, and vision insurance; short*- and long-term disability insurance; pension benefits*; 403(b) Employee Savings Plan with employer match*; life and accidental death and dismemberment (AD&D) insurance; personal time off (PTO) and sick leave; paid holidays; and tuition reimbursement*. NREL employees may be eligible for, but are not guaranteed, performance-, merit-, and achievement- based awards that include a monetary component. Some positions may be eligible for relocation expense reimbursement. Limited-term positions are not eligible for long-term disability or tuition reimbursement.
* Based on eligibility rules
Badging RequirementNREL is subject to Department of Energy (DOE) access restrictions. All employees must also be able to obtain and maintain a federal Personal Identity Verification (PIV) card as required by Homeland Security Presidential Directive 12 (HSPD-12), which includes a favorable background investigation.Drug Free Workplace
NREL is committed to maintaining a drug-free workplace in accordance with the federal Drug-Free Workplace Act and complies with federal laws prohibiting the possession and use of illegal drugs. Under federal law, marijuana remains an illegal drug.
If you are offered employment at NREL, you must pass a pre-employment drug test prior to commencing employment. Unless prohibited by state or local law, the pre-employment drug test will include marijuana. If you test positive on the pre-employment drug test, your offer of employment may be withdrawn.
Submission Guidelines
Please note that in order to be considered an applicant for any position at NREL you must submit an application form for each position for which you believe you are qualified. Applications are not kept on file for future positions. Please include a cover letter and resume with each position application.
.
EEO Policy
NREL is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard basis of age (40 and over), color, disability, gender identity, genetic information, marital status, domestic partner status, military or veteran status, national origin/ancestry, race, religion, creed, sex (including pregnancy, childbirth, breastfeeding), sexual orientation, and any other applicable status protected by federal, state, or local laws.
EEO is the Law | Pay Transparency Nondiscrimination | Reasonable Accommodations
E-Verify www.dhs.gov/E-Verify For information about right to work, click here for English or here for Spanish.
E-Verify is a registered trademark of the U.S. Department of Homeland Security. This business uses E-Verify in its hiring practices to achieve a lawful workforce.
Top Skills
What We Do
The National Renewable Energy Laboratory (NREL), a Department of Energy national lab, is #TransformingEnergy as the nation's primary laboratory for renewable energy and energy efficiency research and development.
NREL's Mission: NREL develops renewable energy and energy efficiency technologies and practices, advances related science and engineering, and transfers knowledge and innovations to address the nation's energy and environmental goals.
NREL's Strategy: NREL has forged a focused strategic direction to increase its impact on the U.S. Department of Energy's (DOE) and our nation's energy goals by accelerating the research path from scientific innovations to market-viable alternative energy solutions