HPC Cybersecurity Engineer

Oak Ridge National Laboratory • Oak Ridge, TN, US • 12h ago

Requisition Id 16407

Overview:

The National Center for Computational Sciences (NCCS) at Oak Ridge National Laboratory (ORNL) operates the fastest High Performance Computers (HPC) in the world. We are seeking an experienced security engineer who can bridge hands-on engineering and security governance to ensure the security, performance, and reliability of the NCCS computing infrastructure. Our efforts support a highly-skilled user base consisting of the best-of-the-best science teams around the world. If you are excited about applying DevSecOps and risk-based security practices to HPC, come help us protect the integrity of open science publications and national interests that rely on NCCS supercomputing resources and expertise.

The Team:

The HPC Cybersecurity Engineering team is one half of the NCCS Security and Information Engineering Group. We architect, develop, deploy, and maintain the supercomputing-specific security program (an enclave within the broader ORNL authorization boundary) and provide HPC security expertise to projects of national interest. We collaborate across incident response, blue team engineering, vulnerability research, policy architecture, and DevSecOps. We work closely with scientific and operations teams and act as liaisons to ORNL’s broader risk management framework. We are a Linux focused environment with security challenges that prioritize scale, performance, and scientific computing integrity.

About You:

You automate wherever possible, using Infrastructure as Code (IaC) and repeatable patterns so security can scale with operations. You can translate governance requirements into implementable standards and aggregate technical realities into clear risk-based decision options for leadership. You collaborate well, document what matters, and enjoy driving improvements that are both technically sound and audit ready. You may have more than a couple of our Preferred Qualifications and probably do not yet have any prior HPC experience. You may have technical leadership experience and/or want to grow into this role. You may or may not think Hackers is an incredible movie.

Major Duties/Responsibilities:

Translate complex technical concepts to communicate effectively with scientific, operations, project, and management staff
Help shape the Supercomputing security architectural vision and lead security reviews of new capabilities, services, and designs against core security plans
Design, implement, and automate policy/control assessments to verify cybersecurity and operational policy compliance
Engineer secure software development frameworks, tools, and guardrails that enable teams to deliver securely at HPC scale
Define and implement best practices, standards, and technical baselines within the organization
Analyze, triage, and respond to application, system, and network security relevant events
Serve as a security liaison for projects of national interest and external partners
Interpret cybersecurity policy and requirements; recommend enhancements to current policies/standards and lead implementation efforts with stakeholders
Lead vulnerability management activities including remediation coordination, patch planning, verification, and approved penetration testing
Document cybersecurity procedures, standards, control narratives, and decision records to support operations, audits, and continuous improvement
Participate in a 24/7 on-call incident response rotation

Basic Qualifications:

Bachelor’s degree in Computer Science, Cybersecurity, or related field
Minimum of five years of relevant experience
Equivalent combination of education and experience will be considered

Preferred Qualifications:

Master’s degree in Computer Science, Cybersecurity, or related field and at least eight years of relevant experience
Strong understanding of U.S. Federal cybersecurity frameworks, standards, and guidelines including FISMA, NIST RMF (SP 800-37) and SP 800-53, FIPS 199/200, FedRAMP, and OMB Memorandums
Experience as an Information Systems Security Officer (ISSO) and/or administering systems in UNIX/Linux environments
Solid understanding of networked computing concepts and common protocols (DNS, DHCP, LDAP, SNMP, SMTP, HTTP(S), TLS/SSL)
Experience representing organization during security cybersecurity audits
Familiarity building or operating security tools such as SIEMs, vulnerability scanners, NIDS/HIDS, server telemetry, and detection engineering
Experience with incident response and Linux forensics
Familiarity with automated configuration management tools
Experience in network, application, and/or security architecture and design, including threat modeling and security review practices
Experience in a high-performance computing environment (nice to have), including multi-tenant compute, high-speed interconnects, and parallel filesystems

Special Requirements:

This position requires the ability to obtain and maintain a clearance from the Department of Energy. As such, this position is a Workplace Substance Abuse (WSAP) testing designated position. WSAP positions require passing a pre-placement drug test and participation in an ongoing random drug testing program.

About ORNL:

As a U.S. Department of Energy (DOE) Office of Science national laboratory, ORNL has an impressive 80-year legacy of addressing the nation’s most pressing challenges. Our team is made up of over 7,000 dedicated and innovative individuals! Our goal is to create an environment where a variety of perspectives and backgrounds are valued, ensuring ORNL is known as a top choice for employment. These principles are essential for supporting our broader mission to drive scientific breakthroughs and translate them into solutions for energy, environmental, and security challenges facing the nation.

ORNL offers competitive pay and benefits programs to attract and retain individuals who demonstrate exceptional work behaviors. The laboratory provides a range of employee benefits, including medical and retirement plans and flexible work hours, to support the well-being of you and your family. Employee amenities such as on-site fitness, banking, and cafeteria facilities are also available for added convenience.

Other benefits include the following: Prescription Drug Plan, Dental Plan, Vision Plan, 401(k) Retirement Plan, Contributory Pension Plan, Life Insurance, Disability Benefits, Generous Vacation and Holidays, Parental Leave, Legal Insurance with Identity Theft Protection, Employee Assistance Plan, Flexible Spending Accounts, Health Savings Accounts, Wellness Programs, Educational Assistance, Relocation Assistance, and Employee Discounts.

If you have difficulty using the online application system or need an accommodation to apply due to a disability, please email: ORNLRecruiting@ornl.gov

This position will remain open for a minimum of 5 days after which it will close when a qualified candidate is identified and/or hired.

We accept Word (.doc, .docx), Adobe (unsecured .pdf), Rich Text Format (.rtf), and HTML (.htm, .html) up to 5MB in size. Resumes from third party vendors will not be accepted; these resumes will be deleted and the candidates submitted will not be considered for employment.

ORNL is an equal opportunity employer. All qualified applicants, including individuals with disabilities and protected veterans, are encouraged to apply. UT-Battelle is an E-Verify employer.