Apply on Employer Site

Berkeley Lab · 1 day ago

Cyber Security Engineer

Berkeley, CA

Full-time

Hybrid

Senior Level

$157K/yr - $192K/yr

6+ years exp

Berkeley Lab is a leading research institution, and they are seeking a Cyber Security Engineer for their National Energy Research Scientific Computing Center (NERSC). In this role, you will be responsible for all aspects of cyber security, including monitoring for threats, incident response, and vulnerability assessments, while collaborating with interdisciplinary teams to enhance security measures.

Research

H1B Sponsor Likely

Responsibilities

Perform security duties including monitoring for potential threats, proactively examining network traffic and log data, investigating anomalous activity, forensic analysis, and resolution of security incidents

Support and/or lead cyber incident response activities, participating in the full incident response lifecycle, from initial detection through resolution and post-incident documentation

Maintain up-to-date awareness of cybersecurity threats and trends by monitoring a variety of information sources. Assess emerging security issues to determine risk and impact to the center, advise on appropriate response strategies, and coordinate mitigation efforts across teams

Assist with vulnerability assessment activities,including configuration of scanning tools, assessment of vulnerabilities reported from a variety of sources, prioritization and triage of discovered vulnerabilities, and working closely with NERSC staff and end users to guide remediation efforts

Participate in 24/7 on-call rotation, occasionally working outside of scheduled hours as needed

Contribute to the design and development of NERSC’s security architecture, identify and address operational gaps in monitoring and detection capabilities, and help evaluate and develop new cyber security tools and technologies

Participate or lead efforts to upgrade existing systems to meet evolving needs, including the specification, purchase, installation, configuration, and deployment of new hardware and security services

Perform system administration tasks, troubleshooting, and hardware maintenance and support as needed. Help maintain and manage existing cybersecurity systems using automation tools

Develop comprehensive documentation of the team’s technical systems, processes, and procedures

Develop and add new signatures to IDS and monitoring infrastructure based on emerging threats and data from past incidents, ensuring detection capabilities align with the latest attack vectors and vulnerabilities. Regularly review and refine existing rules and signatures to enhance accuracy, reducing false positives and negatives

Lead or support the design and implementation of security initiatives, including a Zero Trust strategy, that reduce and mitigate risk while continuing to enable NERSC’s open science mission

Promote a strong security culture through outreach, technical consulting, and security awareness activities

Provide guidance on security best practices, assist with the implementation of security controls, and effectively communicate security policies and requirements to NERSC staff and users

Collaborate closely with NERSC system engineers and software developers to integrate cyber security tools and processes throughout the center

Conduct in-depth security reviews and risk assessments, analyzing both technical and non-technical factors to identify weaknesses in existing and proposed deployments. Document review findings in detailed reports, providing actionable recommendations for addressing identified security issues and mitigating risk

Serve as a security subject matter expert on cross-functional projects and initiatives, offering guidance based on security best practices, identifying and communicating security issues, and collaborating with others to ensure security is a key consideration across all phases of the project

Contribute to the development of cybersecurity requirements, translating high-level policy into actionable security controls and guidelines. Assist with maintaining and updating documentation in a central repository

Create technical guides, best practices, and other resources to assist NERSC staff and users in understanding

May lead technical initiatives or projects focused on advancing security in areas such as containerized environments, secure software practices, Zero Trust Architecture, and secure data movement in HPC and scientific workflows

Qualification

Cybersecurity tools proficiencyIncident response experienceLinux/Unix administrationNetwork security knowledgeVulnerability assessmentPython programmingSecurity architecture designForensic analysisLog analysisCommunicationTeam collaborationProblem-solvingTechnical documentation

Required

Typically requires a minimum of 8 years of related experience with a Bachelor's degree; or 6 years and a Master's degree; or equivalent experience

Experience administering Linux/Unix systems or configuring network security devices

Experience using cybersecurity tools and technologies, such as intrusion detection/prevention systems, firewalls, SIEM platforms, or vulnerability scanners, with demonstrated proficiency in at least one

Experience designing, implementing, and maintaining network traffic capture and monitoring solutions for complex, high-speed network environments

Experience performing or supporting incident response activities, including investigation, analysis, containment, and resolution of incidents

Experience collecting, parsing, and analyzing log and telemetry data from a variety of systems (e.g., servers, network devices, user sessions) to detect and respond to incidents

Experience leading the implementation or administration of IT infrastructure, leading projects or teams, or providing technical direction for operations or security initiatives

Experience developing scripts or programs in Python, Shell, C, C++, or similar languages

Knowledge of common security vulnerabilities and mitigations, attacker TTPs and associated detection methods, and an understanding of core cybersecurity principles

Demonstrated ability to work in a Linux or UNIX environment, primarily at a Command Line Interface (CLI)

Ability to troubleshoot and resolve complex issues where analysis of situations or data requires an in-depth evaluation of variable factors

In-depth knowledge of network security and upper-layer protocols

Ability to network and collaborate with key contacts beyond one's area of expertise, and to work effectively both independently and within interdisciplinary teams

Ability to manage multiple tasks and respond to rapidly changing priorities

Excellent oral and written communication skills

Preferred

Experience working in High Performance Computing, higher education, or research environments

Experience implementing Zero Trust architectures, securing container platforms and workloads, or integrating security into development and deployment processes

Experience conducting policy compliance activities, such as auditing against cybersecurity frameworks (e.g., NIST, ISO 27001, CIS Controls), and performing vulnerability or risk assessments

Experience securing large-scale computing or open network environments with broadly accessible infrastructure

Familiarity with configuration automation tools such as puppet or ansible

Knowledge of dual-stack (IPv4/IPv6) and IPv6-only network environments, including common security challenges and strategies

Knowledge of API security, including secure API design principles and familiarity with OAuth 2.0, JWT, and API key management

Understanding of secure coding practices, with the ability to review source code for vulnerabilities and collaborate with development teams on secure solutions

Knowledge of data analytics, machine learning, or statistical models and their application to security analysis

Benefits

Exceptional health and retirement benefits , including pension or 401K-style plans

Opportunities to grow in your career - check out our Tuition Assistance Program

A culture where you’ll belong - we are invested in our teams!

In addition to accruing vacation and sick time, we also have a Winter Holiday Shutdown every year.

Parental bonding leave (for both mothers and fathers)

Pet insurance

Company

Berkeley Lab

Berkeley Lab is a national laboratory that creates advanced new tools for scientific discovery.

Founded in 1931

Berkeley, California, USA

1001-5000 employees

https://newscenter.lbl.gov/

H1B Sponsorship

Berkeley Lab has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (154)

2024 (159)

2023 (163)

2022 (154)

2021 (165)

2020 (107)

Funding

Current Stage

Late Stage

Leadership Team

Mary Barnum, MBA

Business Manager, COO Office

Rebecca Rishell

Deputy Chief Operating Officer

Recent News

MIT Climate Portal - Massachusetts

Model predicts long-term effects of nuclear waste on underground disposal s...

2025-07-18

Help Net Security

Cybersecurity jobs available right now: April 15, 2025

2025-04-15

Press Telegram

Einstein called it his “biggest blunder.” Now a Berkeley Lab breakthrough is shedding light on the mysteries of dark energy and cosmic expansion

2025-04-03

Company data provided by crunchbase