The SEI helps advance software engineering principles and practices and serves as a national resource in software engineering, computer security, and process improvement. The SEI works closely with defense and government organizations, industry, and academia to continually improve software-intensive systems. Our core purpose is to help organizations improve software engineering capabilities and develop or acquire the right software, defect free, within budget and on time, every time.
As part of the Cyber Risk and Resilience Directorate, you will be part of a team of engineers aimed at applying the latest tools, techniques and methods to resilience challenges. The Senior Cybersecurity Engineer will support the operational capabilities and continued evolution of the Cybersecurity Assurance Team. The CA team develops solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow organizations to assess, analyze, and manage organizational, operational, and technical risks to mission-critical assets, processes, systems, and infrastructures. We support external customers and internal SEI partners enabling growth of knowledge and hands-on skills. This will require establishing strong customer relationships and ongoing research to identify new requirements/opportunities. The goal of the team is to promote innovation and collaboration across customer programs and within SEI.
BS in computer science, software engineering, computer engineering, or a related field of study with 10 (ten) years of experience or MS in equivalent fields with 8 (eight) years of applicable experience or PhD in equivalent fields with 5 (five) years of experience.
Willingness to travel to various locations to support the SEI's overall mission; moderate travel (25%)
You will be subject to a background check and will need to obtain and maintain a Department of Defense security clearance.
Knowledge, Skills and Abilities:
Candidates should have experience/knowledge in several of the following:
Familiarity with cybersecurity standards (e.g., NIST CSF, NIST SP 800 series, ISO 27000 series, etc.).
Subject matter expertise in the evaluation of cybersecurity controls and practices.
Experience with the evaluation of network architectures and defenses.
Knowledge of critical infrastructure protection concepts and standards.
Ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.
Knowledge of supply chain risk management concepts and tools.
Ability to communicate with a range of audiences ranging from junior technical individual contributors to senior customer points of contacts.
Knowledge of information sharing practices and models.
An understanding of maturity model concepts.
Experience in an operational environment with an understanding of service related processes and technologies.
Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or equivalent experience.
Primary Location: United States-Virginia-Arlington
Time Type: Full Time
Minimum Education Level: Bachelor's Degree or equivalent
Internal Number: 2015058
About Carnegie Mellon University
Carnegie Mellon (www.cmu.edu) is a private, internationally ranked research university with programs in areas ranging from science, technology and business, to public policy, the humanities and the arts. More than 12,000 students in the university’s seven schools and colleges benefit from a small student-to-faculty ratio and an education characterized by its focus on creating and implementing solutions for real problems, interdisciplinary collaboration and innovation. A global university, Carnegie Mellon’s main campus in the United States is in Pittsburgh, Pa. It has campuses in California’s Silicon Valley and Qatar, and programs in Africa, Asia, Australia, Europe and Mexico.