You are viewing a preview of this job. Log in or register to view more details about this job.

Cybersecurity Threat Analyst – Energy System Security

National Renewable Energy Laboratory
Email
Location
CO - Golden
.
Position Type
Regular
.
Hours Per Week
40
.

Mandatory COVID-19 Vaccination Protocols

Employment at NREL is contingent upon your compliance with all NREL and DOE safety protocols and mitigation efforts directed at the COVID-19 pandemic. At present, NREL requires all employees to be immunized against COVID-19. Upon hire, new employees must be prepared to provide proof of vaccination on your first day of employment. All employees must have completed vaccinations by November 1, 2021.

Working at NREL

The National Renewable Energy Laboratory (NREL), located at the foothills of the Rocky Mountains in Golden, Colorado is the nation's primary laboratory for research and development of renewable energy and energy efficiency technologies.
From day one at NREL, you’ll connect with coworkers driven by the same mission to save the planet. By joining an organization that values a supportive, inclusive, and flexible work environment, you’ll have the opportunity to engage through our eight employee resource groups, numerous employee-driven clubs, and learning and professional development classes.
NREL supports inclusive, diverse, and unbiased hiring practices that promote creativity and innovation. By collaborating with organizations that focus on diverse talent pools, reaching out to underrepresented demographics, and providing an inclusive application and interview process, our Talent Acquisition team aims to hear all voices equally. We strive to attract a highly diverse workforce and create a culture where every employee feels welcomed and respected and they can be their authentic selves.

Job Description

The Cybersecurity Evaluation and Application Group (CEAG), within NREL’s Energy and Security Resilience Center, performs research to better understand the threats, detection strategies and mitigation opportunities for renewable energy infrastructure and distributed energy resources.  Our efforts include technical assessments of existing technologies and near-term innovations, research into ICS communications technologies, network architectures and protocols, as well as informing the development and application of cybersecurity frameworks and policy.  CEAG researchers collaborate with government and industry partners to contribute to a more secure and resilient renewable energy infrastructure with global impact. 
Cybersecurity Evaluation and Application Group applied cybersecurity researchers perform hands-on technical research and assessments.  Team members work alongside current NREL cybersecurity research staff to utilize the best-in-class Cyber Energy Emulation Platform (CEEP) to deploy applicable large scale test environments, perform hardware-in-the-loop technology assessments, research into ICS threats, detection, and mitigation as it pertains to renewable energy.  Research will span across ICS and renewable energy technologies and include collaboration and partnership with utility and cyber security solution providers as well as government stakeholders.
NREL has a need for a non-traditional threat analysis position as part of a rapidly growing cybersecurity research team.  The successful candidate will serve a critical role in the Clean Energy Cybersecurity Accelerator program performing assessments on new security technologies to protect critical energy infrastructure.  The candidate will collaborate with power systems and threat emulation team members to determine technology assessment metrics, threat modeling and assessment approaches, test event instrumentation and data collection, as well as post-event analysis and reporting.  Work will include technical documentation and reporting as well as close coordination with software and network engineering teams, industry partners, and the program leadership team.  Additionally, the selected candidate will assist in providing threat analysis expertise to a growing portfolio of cybersecurity research efforts.
.

Basic Qualifications

Researcher III: Relevant PhD. Or, relevant Master's Degree and 3 or more years of experience. Or, relevant Bachelor's Degree and 5 or more years of experience. Demonstrates broad understanding and wide application of engineering technical procedures, principles, theories and concepts in the field. General knowledge of other related disciplines. Demonstrates leadership in one or more areas of team, task or project lead responsibilities. Demonstrated experience in management of projects. Very good writing, interpersonal and communication skills.

Researcher II: Relevant Master's Degree Or, relevant Bachelor's Degree and 2 or more years of experience. General knowledge and application of engineering technical standards, principles, theories, concepts and techniques. Training in team, task or project leadership responsibilities. Intermediate abilities and knowledge of practices and techniques. Beginning experience in project management. Good writing, interpersonal and communication skills.
.

Additional Required Qualifications


  • Knowledge of cybersecurity concepts, technologies, and threats
  • Experience in network traffic analysis, forensics and/or incident response
  • Familiarity with the MITRE ATT&CK, MITRE ATT&CK for ICS, or Lockheed Cyber Kill Chain frameworks and potential indicators associated with the techniques
  • The ability to translate technical detail into reportable and actionable information for both technical and non-technical consumers
  • Strong interpersonal skills and a desire to collaborate
  • Excellent leadership, communication, problem solving and project management skills
  • Strong writing and public speaking skills demonstrated through technical writing and presentation
  • Willingness and ability to research and learn new technologies, threats, and security practices
  • Must be able to obtain and maintain a DOE (L or Q) security clearance and SCI access. SCI access may require a polygraph examination. To obtain a clearance, an individual must be at least 18 years of age; U.S. citizenship is required except in very limited circumstances. See DOE Order 472.2 for additional information.
Preferred Qualifications

  • Experience with OT environments, industrial control systems deployment, security best practices and threats
  • Experience working with orchestration tools and virtualized environments such as Kubernetes, Docker, KVM
  • Knowledge of NIST Cybersecurity Framework and SP 800 series guidelines and recommendations as they pertain to grid security and industrial control systems
  • Experience architecting cybersecurity attack simulations, assessments, or training scenarios in virtualized environments
.

Annual Salary Range (based on full-time 40 hours per week)

Annual Salary Range: $73,900 - $133,100NREL takes into consideration a candidate’s education, training, and experience, as well as the position's work location, expected quality and quantity of work, required travel (if any), external market and internal value, including seniority and merit systems, and internal pay alignment when determining the salary level for potential new employees. In compliance with the Colorado Equal Pay for Equal Work Act, a potential new employee’s salary history will not be used in compensation decisions.

Benefits Summary

Benefits include medical, dental, and vision insurance; short*- and long-term disability insurance; pension benefits*; 403(b) Employee Savings Plan with employer match*; life and accidental death and dismemberment (AD&D) insurance; personal time off (PTO) and sick leave; paid holidays; and tuition reimbursement*. NREL employees may be eligible for, but are not guaranteed, performance-, merit-, and achievement- based awards that include a monetary component. Some positions may be eligible for relocation expense reimbursement. Limited-term positions are not eligible for long-term disability or tuition reimbursement.
* Based on eligibility rules