The SEI helps advance software engineering principles and practices and serves as a national resource in software engineering, computer security, and process improvement. The SEI works closely with defense and government organizations, industry, and academia to continually improve software-intensive systems. Our core purpose is to help organizations improve software engineering capabilities and develop or acquire the right software, defect free, within budget and on time, every time.
The CERT Division is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Division engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems.
The individual in this position will work as a member of the Cybersecurity Assurance (CA) Team within the CERT Division. The CA team develops solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow organizations to assess, analyze, and manage organizational, operational, and technical risks to mission-critical assets, processes, systems, and infrastructures.
BS in Computer Science (or other technical field) with eight (8) years experience, or equivalent combination of training and experience. Willingness to travel to various locations to support the SEIs overall mission. This includes within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion. Moderate travel: Up to 25% to various customer locations. You will be subject to a background check and will need to obtain and maintain a Department of Defense security clearance.
Knowledge, Skills and Abilities:
Understanding of information technology, security assessment methods, and telecommunications systems Working knowledge of network interoperability, cyber security, and survivability issues, including cyber security best practices and standards Working knowledge of DHS critical infrastructure sectors and related security and resilience issues Working knowledge of the DoD and federal agency resilience needs and cyber security roadmaps Development and delivery of information and infrastructure security risk and vulnerability evaluations Ability to conduct analytical studies and investigations
Professional experience as an information security engineer, network security architect, information systems auditor, information systems analyst, or similarly technical occupation.
Experience with and applied knowledge in:
Common risk and cybersecurity assessment methods Data analytics and cybersecurity metrics Cybersecurity laws, regulations, and standards Common network security architectures Common networking protocols and services
Job Function Breakdown:
60% Participate in cybersecurity assessments operating in a technical leadership role; analyze assessment data to identify risk areas and propose mitigation alternatives.
15% Participate in research into innovative and cutting-edge tools, techniques, and methods to improve cybersecurity and operational resilience; transition research into applied knowledge for customers.
10% Deliver courses in operational resilience management, cybersecurity management, and information security risk management.
5% Contribute to conferences and meetings; participate in marketing calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.
5% Contribute to and review the literature in cyber security, resilience, and software engineering.
5% Provide assistance and input to other teams and projects within the SEI.
TOTAL = 100%
Please visit Why Carnegie Mellon to learn more about becoming part of an institution inspiring innovations that change the world.
A listing of employee benefits is available at: www.cmu.edu/jobs/benefits-at-a-glance/.
Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran.
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.