Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Careers

Pursue your passion and work alongside world-recognized leaders in the field of software engineering. Our staff works with the highest levels of U.S. government and industry to secure the nation's critical infrastructure, improve mission-critical systems, and advance the state of the art.

Interested in working with us? To browse employment opportunities and apply for a position at the SEI, see our list of open positions below or search for positions. You can also visit the Carnegie Mellon site to learn about benefits for eligible employees, search for open positions that match your interests, and create a Job Agent that will notify you by e-mail when jobs that meet your criteria become available.

Resumes from recruiting firms will not be accepted.

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

SEI Job Listings

The position you are looking for is not available. Please take a look at our current open positions listed below.

Select Job Location

Sort by Date Posted Title Location

27 Feb
2017
Equipment Technician-Utility - 2005008
Pittsburgh, PA

Position Summary: Troubleshoot various problems that may occur in the set-up of equipment and furniture within SEI facilities, this includes install, assemble and modify furniture for new hires and moves. This position will perform routine maintenance of conference and training room furniture and equipment. Develops and maintains reports/database/metrics as assigned- Conference and training room usage.  Coordinate all conference and training room maintenance work with so as to not interfere with room reservations. Must have good customer service skills and work well with other facilities team members.  Provide assistance as needed to maintain facilities operations. Provides back-up to the Equipment Technician Maintenance (ETM), Equipment Technician Receiving (ETR), Shipping Receiving Coordinator (SRC), Facilities Coordinator Administration (FCA), Facilities Service Coordinator (FSC) and Space and Furniture Coordinator (SFC) positions.  Report to the Facilities Operations Supervisor. Responsible for troubleshooting various problems that may occur while setting up, maintaining and installing various equipment and furniture items throughout the SEI facilities for all SEI staff members. Works with SFC to insure proper use of existing furniture inventory, furniture inventory is maintained on Sharepoint and updated monthly.  This positon is responsible for operations/service support needs at Bakery Square.  Responsibilities include the follow through on various projects relating to furniture and equipment as detailed by the Facilities Operations Supervisor and the Facilities Manager such as the assembly and maintenance of equipment and furniture items, repairing general building hardware, assembling furniture and paneling systems, and reporting any problems to  the Facilities Operations Supervisor.  Provides escorting duties for outside contractors/vendors and coordinates duties with Security.  Must coordinate work with other facilities team members, and assist or request assistance as needed.  This position is required to complete work orders in the MIS system.

 

Minimum Qualifications and Requirements:

Education/Training: High School Diploma or equivalent combination of technical school training and experience.

Licenses: Valid Pennsylvania Driver’s License

Experience: At least 2 years’ experience performing similar work.

Skills/Abilities: Ability to work independently and use initiative to resolve problems, diagnose and make needed repairs, to operate general power tools: knowledge of general computer

Mobility: Finger agility; ability to push, pull and lift furniture, equipment, etc. as needed; ability to carry necessary tools; ability to stand for long periods of time; ability to climb steps or ladders, stoop, reach, bend at the waist and grasp objects.  Be able to lift 25 pounds.

Environmental Conditions: May have to endure weather conditions when traveling from each office location, equipment may be housed and repaired in dusty, damp and crowded conditions. Some warehouse work.

Mental: Ability to pay attention to details and meet deadlines; ability to deal with difficult or demanding individuals; the ability to use reasoning to solve maintenance related problems.

Other:  Occasional week-end and evening hours are required. Obtain DOD secret level security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: High School Diploma or equivalent combination of training and experience with some vocational or craft training

Licenses: Valid Pennsylvania Driver’s License

Mobility: Finger agility; ability to push, pull and lift furniture, equipment, etc. as needed; ability to carry necessary tools; ability to stand for long periods of time; ability to climb steps or ladders, stoop, reach, bend at the waist and grasp objects. Be able to lift 25 pounds.

Environmental Conditions: May have to endure weather conditions when traveling from each office location, equipment may be housed and repaired in dusty, damp and crowded conditions. Some warehouse work.                           

Mental: Ability to pay attention to details and meet deadlines; ability to deal with difficult or demanding individuals; the ability to use reasoning to solve maintenance related problems

Other: Occasional week-end and evening hours are required. Obtain DOD secret level security clearance.

 

Accountability:  Develop and maintain the inventory of all SEI furniture. Maintain all conference and training room furniture and equipment.  Maintain all off-site storage facilities.  Report monthly the status of off-site storage and furniture inventory to the Facilities Manager

Direction: Performs work with general supervision from the Facilities Operations Supervisor. Most normal duties and responsibilities are handled independently with the use of established procedures and policies. Difficult or unique situations are referred to the supervisor.

Decisions: Makes decisions or recommendations that are in the best interest of the facilities operation, and provide the highest level of customer service.

Supervisory Responsibilities: Will be required to act as a team leader on special projects, and will be responsible for the completion of assigned work with in specified time constraints.

 

Job Functions or Responsibilities:

35%     Delivery and retrieval of boxes and office equipment to and from offsite storage; cleaning and maintaining of off-campus storage facilities; stocking of supply cabinets and general maintenance to copier and fax machine equipment.  Responsible for operations/service support needs at Bakery Square.  Works with SFC to insure proper use of existing furniture inventory, furniture inventory is maintained on Sharepoint and updated monthly.

35%     Install, assemble, and modify furniture throughout all SEI facilities. Furniture is primary Steelcase and Herman Miller.  Set up of offices for moves and new hires. Move of office content and belongings for SEI staff. Review of office and conference room configurations, maintain office keys and desk keys, office nameplates and supply deliveries according to new hire and moves listings. Assembling furniture and paneling systems, and reporting any problems to the Facilities Operations Supervisor.  Provides escorting duties and coordinates duties with Security.  Provides back-up to the ETM, ETR, SRC, FCA, FSC and SFC positions.

15%     Review of office and conference room configurations, and supply deliveries according to new hire and moves listings.  Resolving various problems such as setting up, maintaining and installing various equipment and furniture items throughout the SEI facilities for all SEI staff members.

15%     Perform/coordinate routine maintenance of conference and training room furniture and equipment. Maintain and update the facilities records including accurate records of requested and completed work, repairs, supply needs and metrics as assigned. This information will be tracked primarily through the online SEI Facilities Request System and Facilities Management System.  Assist with other facilities operations as needed.

100% TOTAL EFFORT

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran
 

27 Feb
2017
Insider Threat Researcher - 2005009
Pittsburgh, PA or Arlington, VA

Position Summary: The goal of the Enterprise Threat and Vulnerability Management (ETVM) team is to assist organizations in improving their security posture and incident response capability by researching technical threat areas; developing information security assessment methods and techniques; and providing information, solutions and training for preventing, detecting, and responding to illicit activity. ETVM team members are domain experts in insider threat and incident response, and team capabilities include threat analysis and modeling; development of security metrics and assessment methodologies; and creation and delivery of training, courses, and workshops.

The selected individual will participate in the examination, analysis, documentation, modeling, and assessment of insider threat and electronic (cyber) and physical crime activity and information security risks to critical infrastructure systems. The selected individual will analyze technical and behavioral issues (potential risk indicators (PRIs) of insiders, and examine privacy concerns regarding organizational practices for identifying and mitigating insider threats.  The individual will work as a member of collaborative project teams in researching and implementing one or more projects composing these studies. This position will involve close work with customers from a variety of organizations, including government agencies and critical infrastructure providers.

 

Minimum Qualifications and Requirements:

Education/Training:  BS or BA in computer science, software engineering, information systems or a related technical field with ten (10) years of experience or equivalent; MS in computer science, software engineering, information systems, a related technical field, or an advanced degree in psychology or other field that will assist in insider threat behavioral identification.

Experience:  Eight (8) to ten (10) years of experience in a field relevant to insider threat (cyber and behavioral) or experience as a system/network administrator, information systems analyst, or behavioral psychologist.

Skills/Abilities:

  • basic knowledge of scientific research and design methodologies
  • broad understanding of network, database and application security issues
  • knowledge of privacy, intellectual property, technology, and legal issues
  • knowledge of insider threat vulnerability assessment criteria
  • ability to apply reasoning and problem-solving skills to conduct analytical studies and investigations
  • understanding of information technology and telecommunications systems
  • strong oral and written communications skills and ability to interact effectively with technical and non-technical audiences, as well as present in front of small and large groups; participate in external customer and sponsor meetings
  • reasoning and problem-solving skills
  • ability to work independently with limited supervision
  • ability to recognize and deal appropriately with confidential and sensitive information
  • participate in conferences and meetings
  • contribute to customer presentations and technology transfer activities
  • strong interest in security analysis R&D
  • ability to create instructional materials and conduct training
  • effective time management skills; and strong problem solving skills

Mobility:  Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites & various critical infrastructure sites.

Environmental Conditions:  Close contact with a computer screen for extended periods of time.

Mental:

  • ability and interest in addressing security issues in a holistic manner, addressing both organizational and technical policies and practices; as well as behavioral and organizational issues
  • ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities
  • ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training:  MS in computer science, software engineering, information systems, or a related technical or behavioral field with at least eight (8) to ten (10) years’ experience preferred; Knowledge of intellectual property or technology law. Certified Information Systems Security Professional (CISSP) or similar certification is desired.

Licenses:  

  • Insider Threat Vulnerability Assessor Certificate
  • Insider Threat Program Manager Certificate

Experience: 

  • experience working in or with the DOD, intelligence community, or law enforcement in a classified environment
  • experience in both physical and cyber security; experience in auditing or conducting assessments
  • experience performing insider threat vulnerability assessments
  • experience performing insider threat program evaluations
  • working in a team environment on collaborative projects in critical infrastructure sectors involving network, system or data security
  • experience employing software engineering techniques in designing and developing distributed, secure software, and experience with / knowledge of any of the following: system administration; networking; firewalls, intrusion detection systems, and other security technologies; application development/programming; relational databases
  • experience working with law enforcement and the intelligence community

 Skills/Abilities: 

  • working knowledge of network security/survivability
  • demonstrated ability to prepare papers and presentations for technical and non-technical audiences
  • knowledge of and experience with sound software engineering practices and best practices for information security
  • working knowledge of systems dynamic modeling techniques and modeling applications and tools
  • experience with statistical techniques
  • project management experience
  • leadership and mentoring skills

 

Accountability: The individual will implement and participate in the planning and execution of projects leading to technical results (this may include the detailed examination and analysis of law enforcement or classified case files). The individual will also contribute to project, department, or program objectives and planning document development. The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction: The individual is expected to act independently using CMU, SEI, and CERT’s defined policies, practices, and procedures – within the scope of assigned work, and to adhere to any additional sponsor-specified requirements related to the projects involved..

Decisions: The individual must make sound technical decisions with little supervision. The individual must accurately represent the program in interactions with customers, sponsors, and the public. The individual is expected to perform analysis on-site at critical infrastructure locations and immediately assess potential vulnerabilities requiring further investigation.

Supervisory Responsibilities: This position will involve the training and supervision of graduate students as well as serve in a mentor role for new employees.

 

Job Functions or Responsibilities:

60%     Participate in the examination, analysis, documentation, modeling, and assessment of insider threat and electronic crime activity (in the form of criminal case files, media reports, court transcripts, and other); examine cases and data on secure information technology risks and problem areas and propose mitigation alternatives.

30%     Participate in the development and delivery of security analysis and risk assessment approaches with customers and partners; participate in research, analysis, and documentation of physical/cyber security vulnerabilities at critical infrastructure sites.

10%     Contribute to conferences and meetings; participate in marketing calls on clients; give talks, lectures and workshops as appropriate.

100% TOTAL EFFORT

 

Organizational Chart: CERT Program, Director < Cyber Risk & Resiliency (CRR), Technical Director < Enterprise Threat & Vulnerability Management (ETVM), Technical Manager < Technical Team Lead – Insider Threat Researcher

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

27 Feb
2017
Project Administrator II - 2005007
Pittsburgh, PA

Position Summary: The Web Services Project Administrator II is part of the Web Services group within the Office of the Chief of Staff/Office of the Chief Information Officer (OCOS/OCIO) at the Software Engineering Institute (SEI) of Carnegie Mellon University. The person in this position will serve as a Project Administrator providing oversight across high-visibility and high-impact projects within the Web Services group and may also manage projects within the larger OCOS/OCIO group.         

This position will also be responsible for establishing and implementing project management methodologies for use across the Web Services teams.  This includes project and portfolio management within Web Services by defining processes and procedures, and providing training and mentoring.  In addition, this position will be the primary liaison between Web Services and the OCOS and SEI Project Management Processes.

Establishes project scope by studying strategic business drivers; discovering and validating business and technical requirements and parameters; obtaining input from subject matter experts; examining and recommending changes to current business practices.

  • Develops solutions by formulating objectives; planning project life-cycle deliverables and resource availability and application; preparing requirements; leading the exploration, evaluation, and design of technical solutions.
  • Implements solutions by monitoring project progress; tracking action items; conducting design and implementation reviews; examining, researching, and resolving issues; escalating issues to appropriate authority; responding to team members' concerns; coordinating requirements with interested departments.
  • Assures quality solutions by coordinating the development and completion of test plans; maintaining project and technical documentation.
  • Accomplishes work requirements by orienting, training, assigning, scheduling, coaching project team members; following production, productivity, quality, and customer service standards; identifying work process improvements.
  • Provides project status reports by collecting, analyzing, and summarizing data and trends.
  • Ensures closeout of projects.
  • Updates job knowledge by tracking technology and project management advances; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.

The Project Administrator is specifically responsible for the full range of Project Management activities for multiple projects using the Agile approach including:

  • supporting Scrum activities and meetings (backlog grooming, sprint planning, daily scrum, sprint review meeting, and sprint retrospective meeting);
  • helping to remove obstacles and facilitating progress toward goals;
  • coordinating long-term planning with project teams;
  • creating and managing project documents like the Project Management Plan, Decision Log, and Risk Register;
  • managing project communications, including formal presentations and informal communications to stakeholders;
  • and working with other departments and external stakeholders to ensure a coordinated effort.

The position requires the day-to-day interface with key stakeholders and project team members and also requires demonstrated project management experience and technical knowledge of software and systems engineering and website strategy. Successful candidates will possess a strong understanding of the work of the SEI, excellent communications and interpersonal skills, and the ability to diagnose problem situations and develop effective solutions.

 

Minimum Qualifications and Requirements:

Education/Training: Bachelor's degree in business administration of related field or equivalent combination of training and experience.

Licenses: None

Experience:  Three (3) to five (5) years of project management experience in a similar environment. Experience with Agile.

Skills/Abilities: Understanding and application of  project management and Agile theory and technologies; ability to function competently in a team environment; excellent analytical, organizational, reasoning and problem solving skills; ability to interact effectively with the Software Engineering Institute community and external customers; excellent verbal and written communication skills; computer literacy, including proficiency using spreadsheet, project management and database software; ability to maintain accurate and detailed records; supervisory skills.

  • Ability to collaborate across functional teams to achieve desired objectives
  • Excellent analytical, organizational, reasoning and problem solving skills
  • Ability to interact effectively with SEI and external customers, especially in requirements elicitation
  • Work in a changing environment with a strong learning capability
  • Work successfully on multiple complex tasks in a team environment
  • Organize his/her work and meet deadlines
  • Strong verbal and written communication skills

Physical: Mobility: The qualified candidate must be able to work in a normal sedentary position with some mobility (e.g., going to other offices to investigate problems, attending meetings on campus or conferences). Occasional business travel required.

Environmental Conditions: Normal office setting.

Mental: Ability to handle multiple tasks simultaneously; ability to work under pressure in a constantly changing environment; ability to meet inflexible deadlines; ability to remain calm and composed when dealing with difficult people, situations and frequent interruptions; and ability to prioritize the tasks associated with multiple groups in a team environment.

Other:  Evening/weekend hours may be required in order to meet production deadlines on an infrequent basis. May require contact with  security-sensitive customer information. Frequent exposure to confidential information

Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Additional course work in a related field.

Licenses: Certification from the Project Management Institute or equivalent

Experience: Over 12 contiguous months of experience relevant to the minimum qualifications served in the same organization. Experience working with and/or managing third-party contractors working with internal staff on web applications.

Other: Existing DoD clearance.

 

Accountability: Monitors funding and spending to ensure adherence with budget.

Direction: Most normal duties and responsibilities are handled independently with the use of established procedures and policies. Only the most difficult or unique situations are referred to the supervisor.

Decisions: Responds to non-routine customer requests. Analyzes reports to ensure accuracy. Determines when serious deviations or variations that may compromise project results occur. Escalates difficult project issues as appropriate.

Supervisory Responsibilities: Employee may, at the manager’s discretion, task/supervise student/temporary employees in completion of specific tasks. Employee may supervise administrative personnel to assist with data gathering activities and analysis activities.

 

Job Functions or Responsibilities:

40%     Controls, manages and monitors Project Management Plans, long-term roadmaps, and other customer contract documents. Proactively provides status information to manager and project sponsors. Assesses and analyzes any risks and issues that may compromise project performance and communicates information to manager and project sponsors. Searches out new information, analyzes data gathered and recommends a course of action. Responds to non-routine customer requests

30%     Maintains electronic library for project documents and team documentation. Maintains and helps prioritize electronic backlog.

10%     Initiate, establish and maintain communication channels with project sponsors and key stakeholders. Serves as liaison between internal constituencies and external customers. Coordinate efforts between the project team and other teams in the institute as needed.

5%       Monitors and coordinates the preparation and submission of procurement documents

5%       Plans, organizes and coordinates project meetings and special events. Delegates arrangements for meeting facilities, audio visual and other support.                       

5%       Professional development – including training classes, seminars and other learning opportunities. Maintaining awareness of evolving trends and techniques in project administration and management.

5%       Other duties as assigned including meetings and interaction with other SEI staff

100% TOTAL EFFORT

 

Organizational Chart: Chief Information Officer < Web Services Manager < Web Services Project Administrator II

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

15 Feb
2017
Senior Engineer - 2004946
REMOTE - HOME

Position Summary: The Client Technical Solutions (CTS) Directorate is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. CTS is focused on matching state-of-the-art software capabilities with critical US Department of Defense and other government agency acquisitions and organizations. This part-time position will support the SEI’s mission by capturing government needs and identifying, shaping, and guiding the Veterans Health Administration’s (VHA) efforts to improve their medical scheduling system. The candidate will coordinate closely with staff across the SEI and with VHA personnel to deliver technical expertise to VHA throughout the scheduling system life-cycle.

 

Minimum Qualifications and Requirements:

Education/Training: BS or equivalent degree in relevant discipline with ten (10) years applicable experience; MS or equivalent degree in relevant discipline with eight (8) years applicable experience;

Experience: The candidate must have experience in implementing Commercial Off The Shelf (COTS) products in the VHA environment. Must be knowledgeable of medical scheduling as well as understanding the VHA to include their acquisition processes for software. The candidate should have experience leading, managing, and participating on cross-functional teams. The candidate should be able to operate effectively within the VHA environment and should be able to interact diplomatically with partners, customers and sponsors.

Skills/Abilities: Detailed knowledge of COTS implementation; detailed knowledge of at least one (1) core competency: requirements, program and acquisition management, performance improvement, organizational change management in federal agencies. Strong written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization. Good team related skills with the desire to lead and participate in multidisciplinary teams.

Mobility: Will be required to travel on overnight assignments mainly to Boise, ID and Pittsburgh, PA.

Environmental Conditions: Home office using SEI provided laptop.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a VHA system account.

 

Preferred Qualifications and Requirements:

Education/Training: At least 10 year direct experience with VHA medical scheduling.

Licenses: None.

 

Accountability: The member will be directly accountable for VHA COTS acquisition needs, applying new technologies, providing advice on change management, and establishing delivery capabilities to meet the needs of the VHA.

Direction: As a technical staff member, he/she will be expected to operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions: Will be required to work with VHA personnel to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

 

This position is part time 0-40% and will likely be close to 40%.

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

15 Feb
2017
Talent Engagement Manager - 2004949
Pittsburgh, PA

Position Summary: The Talent Engagement Manager reports to the Executive Manager, Talent Management and is responsible for managing the Talent Engagement function within the Software Engineering Institute. Talent Engagement includes: employee relations, performance management, new hire orientation and onboarding, people movement, salary administration, policies and standard practices, job class codes, managing a direct report, and other facets within the human resources field. This position serves as a strategic partner with managers at all levels within the organization with regard to SEI and University policies, procedures and guidelines related to workplace conduct and performance management. Must maintain a close and positive working relationship with CMU HR, EOS Office, and the Office of General Counsel.

 

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s degree in human resources, business administration or a related field of study. Knowledge and experience with employee relations, employment and EEO policies, practices and applicable laws, as well as general understanding of FLSA, FMLA, etc.

Experience: 10 years of experience in human resources/talent management with 3 years of management experience within that timeframe.

Skills/Abilities: Exposure to generalist duties that include at least five of the following areas: employee relations including all levels of disciplinary action, sexual harassment and/or Title IX investigations, performance management & review, compensation planning & administration, HR policies/procedures, Orientation & onboarding, HR strategic planning, HR project management.

Must be skilled in dispute resolution; able to receive complaints, conduct thorough and detailed investigations, and produce written reports detailing findings and recommendations of corrective actions as required. Ability to partner with program directors, managers and others, to respond to human resources inquiries and contribute to the work unit's goals.  Demonstrated consulting skills and the ability to present information to influence decision making. Knowledge of employment processes and human resource legal issues. Strong customer service skills; organizational and negotiating skills.  Ability to interact effectively with campus community and customers.  Excellent verbal and written communication skills, analytical, reasoning and problem solving skills. Advanced computer literacy including strong Microsoft Excel, Workday and the ability to utilize SEI systems to their full potential. Ability to attend to details while keeping the bigger picture in perspective.

Mobility: Normally sedentary position with some mobility; i.e., able to travel; may require some bending, stretching, pushing as well as lifting of several reams of paper, etc.

Environmental Conditions: Usual office setting, exposure to personal computers.

Mental: Ability to work independently with little direct supervision, manage others, as well as work as part of a team; handle multiple tasks simultaneously, to work under pressure, to meet inflexible deadlines, to remain calm and composed when dealing with difficult people, situations, and frequent interruptions.

Other: During peak periods, this position requires evening and weekend work. Willingness to travel periodically, ability to exercise discretion and tact when handling highly sensitive and confidential information. Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Master’s degree.

Certification: PHR, SHRM-CP, SPHR, SHRM-SCP

Skills/Abilities: Knowledge of the Software Engineering Institute’s products, tools and services. Exposure to university or FFRDC environment.

 

Accountability: Responsible for providing sound advice to supervisors regarding employee relations and performance management issues. Consults with managers to develop strategies for people movement within their organization. Evaluates position descriptions and recommends pay grades fairly and impartially, in order to sustain internal equity. Ensures that departments are aware of applicable laws such as the FLSA as well as the university’s AA, ADA and other employment policies.

Direction: Performs most work independently. Consults with Talent Acquisition Manager on recruiting issues and with Executive Manager on employee relations matters. Also may engage with Organizational Effectiveness Group on SEI wide improvement initiatives.

Decisions: Gathers information, identifies gaps, develops decision criteria, establishes implementation plan, and executes the plan. In consultation with managers, assists departments in determining the most appropriate course of action in handling employee relations.

Supervisory Responsibilities: Supervises a direct report and appraises work performance.

 

Job Functions or Responsibilities:

50%     Provide guidance to department managers, supervisors and employees on employee relations, performance management issues; salary administration, practices and procedures, including the university’s AAP and ADA policies, the FLSA and other applicable federal, state and local human resources legislation. Guide departments and employees in resolving employee relations issues.

25%     Carry out special projects within the Talent Management arena. Recommend and implement process improvements within the talent management department in general. Develop and implement recommendations for strategic talent management initiatives to better position the SEI as an employer of choice to retain our world class talent.

15%       Be a proactive representative to all SEI Staff at all levels in the organization: Assist employees seeking transfer opportunities in assessing their career goals, and provide career counseling. Participate in recruiting activities, as needed. Develop and present ad hoc and formal training programs/HR Forums to SEI audiences on human resources-related systems, topics such as performance management, Policies or Standard Practices.

10%       Management of direct report, providing coaching, feedback, regarding career, performance management, and goals & objectives, performance reviews.

 

Organizational Chart: SEI COO< Executive Manager of Talent Management < Talent Engagement Manager.

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

09 Feb
2017
Cyber Security Engineer - 2004923
Pittsburgh, PA or Arlington, VA

Position Summary:  The CERT Division is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Division engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems.

The individual in this position will work as a member of the Cybersecurity Assurance (CA) Team within the CERT Division. The CA team develops solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow organizations to assess, analyze, and manage organizational, operational, and technical risks to mission-critical assets, processes, systems, and infrastructures.

 

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science (or other technical field) with eight (8) years’ experience, or equivalent combination of training and experience.

Certifications:  Certified Information Systems Security Professional (CISSP), and/or Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA) and/or Certified Ethical Hacker (CEH)

Experience: Professional experience as an information security engineer, network security architect, information systems auditor, information systems analyst, or similarly technical occupation.

Experience with and applied knowledge in:

  • Common risk and cybersecurity assessment methods
  • Data analytics and cybersecurity metrics 
  • Cybersecurity laws, regulations, and standards
  • Common network security architectures
  • Common networking protocols and services
  • Cyber security, survivability, and resilience concepts and issues
  • Software and systems engineering
  • Building and maintaining customer relationships
  • Strategic Planning and requirements definition
  • Process improvement
  • Program planning, budgeting, and management

Skills/Abilities: Must exhibit the following skills and abilities:

  • Understanding of information technology, security assessment methods, and telecommunications systems
  • Working knowledge of network interoperability, cyber security, and survivability issues, including cyber security best practices and standards
  • Working knowledge of DHS critical infrastructure sectors and related security and resilience issues
  • Working knowledge of the DoD and federal agency resilience needs and cyber security roadmaps
  • Development and delivery of information and infrastructure security risk and vulnerability evaluations
  • Ability to conduct analytical studies and investigations
  • Reasoning and problem-solving skills
  • Ability to work independently with limited supervision
  • Ability to interact effectively with diverse constituencies internally and externally
  • Ability to work well as a member of a cooperative team; ability to work in a matrix organizational structure
  • Ability to recognize and deal appropriately with confidential and sensitive information
  • Ability to implement project plans, monitor project budgets, and identify and mitigate project risks
  • Leadership and mentoring skills
  • Excellent written and oral communication skills; ability to contribute to technical research white papers and reports; ability to prepare papers and deliver presentations to technical and non-technical audiences; ability to contribute to customer technical exchanges and marketing presentations
  • Ability to work on customer sites with high-ranking members of federal agencies and DoD
  • Participation in professional society activities, particularly IEEE and ACM 

Physical/Mobility: Primarily sedentary in an office setting with some mobility. Ability to travel frequently to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings.

Environmental Conditions: Close contact with computer for extended periods of time.

Mental: Strong interest in the human, managerial, and technical aspects of cyber security is critical for this position as are these abilities:

  • Take or share leadership role in technical projects
  • Work meticulously with careful attention to detail
  • Meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities
  • Deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff
  • Ability to understand the direction, and goals of an effort; ability to develop and communicate innovative ideas; ability to demonstrate initiative and to quickly learn new procedures, techniques, approaches, etc.

Other: Strong interest in cyber security and critical infrastructure protection analysis basis research, applied research, and development. Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science (or related technical field) with five (5) years’ experience or equivalent experience.

Certifications:  Offensive Security Certified Professional (OSCP), and/or GIAC Penetration Tester (GPEN), and/or Certified Ethical Hacker (CEH), and/or Certified Information Systems Security Professional (CISSP), and/or Certified Information Systems Auditor (CISA)

Experience: 

  • Expert experience in risk and cybersecurity assessment methods
  • Advanced knowledge of network security architectures
  • Expert knowledge in cybersecurity laws, regulations, and standards
  • Expert experience in data analytics and cybersecurity metrics
  • Experience with common penetration testing toolsets (Metasploit framework, vulnerability scanners, web application scanners, Nmap
  • Experience with common penetration testing methodologies and tactics (PTES, OWASP testing guide, etc.)

Skills/Abilities: Strong presentation/platform skills and excellent writing skills.

 

Accountability: The individual will implement and participate in the planning and execution of projects leading to technical results. The individual will also contribute to project, department, or program objectives and planning document development. The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction: The individual is expected to act independently using CMU, SEI, and CERT defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual must make sound technical decisions with little supervision. The individual must accurately represent the program in interactions with customers, sponsors, and the public. The individual is expected to perform analysis on-site at customer locations and immediately assess potential vulnerabilities requiring further investigation.

Supervisory Responsibilities: This position could involve the training and oversight of the work of other staff members, graduate students, resident affiliates, visiting scientists, and independent contractors. Depending on research project or customer work plan, position may involve task leadership.

 

Job Functions or Responsibilities:

60% Participate in cybersecurity assessments operating in a technical leadership role; analyze assessment data to identify risk areas and propose mitigation alternatives.

15% Participate in research into innovative and cutting-edge tools, techniques, and methods to improve cybersecurity and operational resilience; transition research into applied knowledge for customers.

10% Deliver courses in operational resilience management, cybersecurity management, and information security risk management

5% Contribute to conferences and meetings; participate in marketing calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.

5% Contribute to and review the literature in cyber security, resilience, and software engineering.

5% Provide assistance and input to other teams and projects within the SEI.                    

100% Total Effort

 

Organizational Chart:  Director, CERT Division < Technical Director, Cyber Risk and Resilience< Technical Manager, Cybersecurity Assurance Team < Cyber Security Engineer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

09 Feb
2017
Senior Cyber Security Engineer - 2004924
Pittsburgh, PA or Arlington, VA

Position Summary:  The CERT Division is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Division engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems.

The individual in this position will work as a member of the Cybersecurity Assurance (CA) Team within the CERT Division. The CA team develops solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow organizations to assess, analyze, and manage organizational, operational, and technical risks to mission-critical assets, processes, systems, and infrastructures.

 

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science (or other technical field) with ten (10) years’ experience, or equivalent combination of training and experience.

Certifications:  Certified Information Systems Security Professional (CISSP), and/or Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA) and/or Certified Ethical Hacker (CEH)

Experience: Professional experience as an information security engineer, network security architect, information systems auditor, information systems analyst, or similarly technical occupation.

Experience with and applied knowledge in:

  • Common risk and cybersecurity assessment methods
  • Data analytics and cybersecurity metrics 
  • Cybersecurity laws, regulations, and standards
  • Common network security architectures
  • Common networking protocols and services
  • Cyber security, survivability, and resilience concepts and issues
  • Software and systems engineering
  • Building and maintaining customer relationships
  • Strategic Planning and requirements definition
  • Process improvement
  • Program planning, budgeting, and management

Skills/Abilities: Must exhibit the following skills and abilities:

  • Understanding of information technology, security assessment methods, and telecommunications systems
  • Working knowledge of network interoperability, cyber security, and survivability issues, including cyber security best practices and standards
  • Working knowledge of DHS critical infrastructure sectors and related security and resilience issues
  • Working knowledge of the DoD and federal agency resilience needs and cyber security roadmaps
  • Development and delivery of information and infrastructure security risk and vulnerability evaluations
  • Ability to conduct analytical studies and investigations
  • Reasoning and problem-solving skills
  • Ability to work independently with limited supervision
  • Ability to interact effectively with diverse constituencies internally and externally
  • Ability to work well as a member of a cooperative team; ability to work in a matrix organizational structure
  • Ability to recognize and deal appropriately with confidential and sensitive information
  • Ability to implement project plans, monitor project budgets, and identify and mitigate project risks
  • Leadership and mentoring skills
  • Excellent written and oral communication skills; ability to contribute to technical research white papers and reports; ability to prepare papers and deliver presentations to technical and non-technical audiences; ability to contribute to customer technical exchanges and marketing presentations
  • Ability to work on customer sites with high-ranking members of federal agencies and DoD
  • Participation in professional society activities, particularly IEEE and ACM 

Physical/Mobility: Primarily sedentary in an office setting with some mobility. Ability to travel frequently to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings.

Environmental Conditions: Close contact with computer for extended periods of time.

Mental: Strong interest in the human, managerial, and technical aspects of cyber security is critical for this position as are these abilities:

  • Take or share leadership role in technical projects
  • Work meticulously with careful attention to detail
  • Meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities
  • Deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff
  • Ability to understand the direction, and goals of an effort; ability to develop and communicate innovative ideas; ability to demonstrate initiative and to quickly learn new procedures, techniques, approaches, etc.

Other: Strong interest in cyber security and critical infrastructure protection analysis basis research, applied research, and development. Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science (or related technical field) with eight (8) years’ experience or equivalent experience.

Certifications:  Offensive Security Certified Professional (OSCP), and/or GIAC Penetration Tester (GPEN), and/or Certified Ethical Hacker (CEH), and/or Certified Information Systems Security Professional (CISSP), and/or Certified Information Systems Auditor (CISA)

Experience: 

  • Expert experience in risk and cybersecurity assessment methods
  • Advanced knowledge of network security architectures
  • Expert knowledge in cybersecurity laws, regulations, and standards
  • Expert experience in data analytics and cybersecurity metrics
  • Experience with common penetration testing toolsets (Metasploit framework, vulnerability scanners, web application scanners, Nmap
  • Experience with common penetration testing methodologies and tactics (PTES, OWASP testing guide, etc.)

Skills/Abilities: Strong presentation/platform skills and excellent writing skills.

 

Accountability: The individual will implement and participate in the planning and execution of projects leading to technical results. The individual will also contribute to project, department, or program objectives and planning document development. The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction: The individual is expected to act independently using CMU, SEI, and CERT defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual must make sound technical decisions with little supervision. The individual must accurately represent the program in interactions with customers, sponsors, and the public. The individual is expected to perform analysis on-site at customer locations and immediately assess potential vulnerabilities requiring further investigation.

Supervisory Responsibilities: This position could involve the training and oversight of the work of other staff members, graduate students, resident affiliates, visiting scientists, and independent contractors. Depending on research project or customer work plan, position may involve task leadership.

 

Job Functions or Responsibilities:

60% Participate in cybersecurity assessments operating in a technical leadership role; analyze assessment data to identify risk areas and propose mitigation alternatives.

15% Participate in research into innovative and cutting-edge tools, techniques, and methods to improve cybersecurity and operational resilience; transition research into applied knowledge for customers.

10% Deliver courses in operational resilience management, cybersecurity management, and information security risk management

5% Contribute to conferences and meetings; participate in marketing calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.

5% Contribute to and review the literature in cyber security, resilience, and software engineering.

5% Provide assistance and input to other teams and projects within the SEI.                    

100% Total Effort

 

Organizational Chart:  Director, CERT Division < Technical Director, Cyber Risk and Resilience< Technical Manager, Cybersecurity Assurance Team < Senior Cyber Security Engineer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

09 Feb
2017
Senior Software Assurance Engineer - 2004882
El Segundo, CA

Position Summary: The CERT program of the Software Engineering Institute is looking to fill a leadership position improving the cyber security of acquisitions in the Air Force. This high visibility, high impact position will be responsible for helping senior leaders of Air Force programs improve the cyber resiliency of software intensive systems throughout the acquisition lifecycle, from requirements to development to deployment and sustainment.

This Senior Member of the Cyber Security Foundations directorate will be responsible for leading cross functional teams that enable the organizations within the Air Force to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems. Key activities include understanding customer requirements and key challenge problems and addressing them with tailored solutions; applying, adapting, integrating, verifying and transitioning applicable research and practices to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software security state of the practice; and maintaining situational awareness in technical and DoD domains. The candidate will coordinate closely with technical staff in CERT and other SEI programs to deliver cyber security technical expertise to customers throughout the life-cycle.

 

Minimum Qualifications and Requirements:

Education/Training: BS or equivalent degree in relevant discipline with ten (10) years applicable experience; MS or equivalent degree in relevant discipline with eight (8) years applicable experience; PhD or equivalent degree in relevant discipline with five (5) years applicable experience, or equivalent combination of training and experience.

Experience: The candidate must have experience in software engineering, development or management, and/or systems engineering. Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD acquisition processes and relevant cyber security processes, such as the Risk Management Framework (RMF). The candidate should have experience building, leading, managing and participating on cross-functional, high technology teams, should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors.

Skills/Abilities: Detailed knowledge of cyber security and mission assurance in the acquisition process; detailed knowledge of at least one core competency: requirements, architecture and design, program and acquisition management, performance improvement, or assurance.  Experience in five or more of the following: DoD software systems acquisition on major programs (For the purposes of this announcement, our definition of major is at least 100K SLOC of custom developed code, and/or significant integration of COTS/GOTS products); solid technical breadth and understanding of all aspects of the end-to-end software lifecycle (e.g., requirements, design, implementation, testing, etc.); alternative life cycles (e.g. waterfall, agile); major DoD software acquisition policies and directives; enterprise architecture ; software architecture development and evaluation, software architecture patterns (e.g. SOA) and concepts (e.g. Cloud computing); information Assurance/survivability; systems engineering on software intensive systems; COTS product integration; performance measurement including definition and application of goals, measurements and metric; system of systems engineering; requirements development and management; software integration and test and software/hardware integration; deployment of software intensive systems, especially including transition from legacy systems; cost estimation.

Strong written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization.  Proven program and project management skills including: interfacing with clients, developing proposals, and establishing relationships with new DoD and/or government clients and programmatic and project management skills (e.g., ability to develop project plans, track deliverables, manage risks, perform staff planning, provide budget oversight).  Ability to lead and participate in multidisciplinary teams.

Mobility: Will be required to travel on overnight assignments.

Environmental Conditions: Usual office setting, close contact with computer for prolonged periods of time.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Master's degree in Computer Science, Information Systems, Systems Engineering, Software Engineering, or Acquisition Management.

Licenses: Certified DoD Acquisition Professional. Certified PMP.

 

Accountability:  The member will be directly accountable for understanding DoD acquisition and cyber security needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction:  As a technical staff member, he/she will be expected to operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions:  Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  Must be able to lead and supervise others.

 

Job Functions or Responsibility:

65%  Participate as a leader or member of technical teams in support of government acquisition program offices or participate as a member of a technical team performing research. Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

20%  Work with managers, business developers, current customers, and prospective customers to identify and define value-delivering opportunities and capture work.

10%  Other duties as assigned by management.

5%  Serve in an advisory capacity to other SEI technical programs on acquisition or technical issues.

100% TOTAL EFFORT

 

Organizational Chart:  SEI Director’s Office < Director, CERT < Technical Director, Cyber Security Foundations < Technical Manager

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran.

03 Feb
2017
Cyber Security Researcher - 2004883
Pittsburgh, PA

Position Summary: The CMU/SEI Forensic Operations and Investigations team is a leading edge analytical resource focusing on critical U.S. Government (USG) needs.  For the past 10 years, CERT has provided analytical and operational support to high-profile investigations including numerous activities of national or international significance. Through this work the FOI can see the current limitations of digital analysis and incident response in the field first hand. Combining applied research with the unique talents, operational experience, research capabilities, and the vast knowledge base of Carnegie Mellon University, FOI is unmatched in its ability to develop new tools and methods to address cyber security limitations and critical gap areas.

This individual will serve in a multi-disciplinary role providing ongoing support to federal law enforcement, defense agencies, and the national intelligence community. As a member of the FOI team this candidate will provide support to on-going operations in the areas of incident response and investigation, full-spectrum digital forensics and applied research in emerging areas of cybercrime. At times, this position will require the team member to develop and deliver training modules related the aforementioned domains.

The successful candidate must have proven computer forensics experience in multi-jurisdiction criminal investigations, be self-directed, have a track record of creating interdisciplinary approaches to problem solving, and demonstrate exceptionally strong presentation and instructional skills. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner.

 

Minimum Qualifications and Requirements:

Education/Training: BS Computer Science, Information Security or other related discipline and a minimum of eight (8) years of related experience; or equivalent combination of training and experience.

Licenses: Certified Encase Examiner, ACE. CISSP, GIAC, SSCP, OSCP or other related/relevant certifications preferred.

Experience:  At least four or more (4+) year’s relevant experience in computer forensics, to include field and laboratory collection/imaging, analysis, with prior court room testimony preferred.  Technical experience required with host and network based forensics investigations and tools, analysis of Microsoft Windows, Unix/Linux and Mac OS operating systems, and removable media data recovery.

Skills/Abilities: Candidate must be able to prioritize workload and complete deliverables on time, have good technical problem-solving skills, have strong analytical and information organization skills, have excellent oral and written communication skills, and strong technical teaching skills.  Candidate must be skilled in instructional design, course development, and evaluation techniques.  Candidate must be able to multi-task and work effectively with multiple project teams and sponsors/customers. Technical proficiency with operating systems and detailed knowledge of network protocols are required.

Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites.

Environmental Conditions: Close contact with CRT for long periods of time.

Mental:  Ability to pay close attention to detail, meet deadlines, work under pressure, and communicate effectively.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements

Education/Training: BS in Computer Science, Information Security or other related discipline with a minimum of eight (8) years of applicable experience; MS in Computer Science, Information Security or other related discipline with a minimum of five  (5) years of applicable experience; PhD in Computer Science, Information Security or other related discipline with a minimum of two (2) years of applicable experience; or equivalent combination of training and experience.

Experience: Experience with state or federal law enforcement organization; operational knowledge of recently enacted state and federal laws and procedures relating to computer forensics investigations; coordination with criminal investigators, including courtroom testimony. 

Skills/Abilities:

  • Penetration Testing
  • Information and network security including experience with IDS/IPS
  • Knowledge of common vulnerabilities, exploits and mitigations
  • Digital Forensics (host, network and mobile devices)
  • Incident Response
  • Ability to research and characterize security threats including defining appropriate countermeasures
  • Hardware or software reverse engineering for either vulnerability discovery/assessment or malware analysis
  • Virtual infrastructure and hypervisors
  • Experience with common security controls including firewalls, proxies, IDS/IPS, Web Application Firewalls
  • Technical knowledge of fundamental Internet protocols, services, and technologies to include HTTP, TLS, DNS, SMTP, TCP/IP, ICMP, AJAX, JSON, REST
  • 2+ years with a scripting language including SQL, Python, Ruby, JavaScript, Perl, PHP and/or shell scripting

 

Accountability:  The incumbent is accountable for the definition, creation, and maintenance of final deliverables and products.

Direction: The incumbent is expected to act independently using CMU and SEI defined policies, practices, and procedures.

Decisions:  Required to design, develop, pilot and deliver products.  Required to accurately represent NSS and its technical work in interactions with customers, sponsors, and the public.

Supervision:  Contributes to hiring decisions of program staff; mentors junior staff; supervises student interns.  The experienced candidate may perform project management responsibilities.

 

Job Functions or Responsibilities:

55%     Operational support for SEI customers.

20%     Perform applied research in emerging areas of digital forensics.

15%     Deliver technical and management training to customers.

5%       Mentor, guide and interact with team and other staff.

5%       Contribute to the research and technical agendas of the FOI.       

100% Total Effort

 

Organizational Chart:  CERT Division Director, Technical Director, Cyber Security Solutions > Deputy Director, Cyber Security Solutions > Technical Manager, Forensic Operations and Investigations > Cyber Security Researcher

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

03 Feb
2017
Senior Software Assurance Engineer - 2004868
REMOTE - Aurora, CO

Position Summary: The CERT program of the Software Engineering Institute is looking to fill a leadership position improving the cyber security of acquisitions in the Air Force. This high visibility, high impact position will be responsible for helping senior leaders of Air Force programs improve the cyber resiliency of software intensive systems throughout the acquisition lifecycle, from requirements to development to deployment and sustainment.

This Senior Member of the Cyber Security Foundations directorate will be responsible for leading cross functional teams that enable the organizations within the Air Force to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems. Key activities include understanding customer requirements and key challenge problems and addressing them with tailored solutions; applying, adapting, integrating, verifying and transitioning applicable research and practices to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software security state of the practice; and maintaining situational awareness in technical and DoD domains. The candidate will coordinate closely with technical staff in CERT and other SEI programs to deliver cyber security technical expertise to customers throughout the life-cycle.

 

Minimum Qualifications and Requirements:

Education/Training: BS or equivalent degree in relevant discipline with ten (10) years applicable experience; MS or equivalent degree in relevant discipline with eight (8) years applicable experience; PhD or equivalent degree in relevant discipline with five (5) years applicable experience, or equivalent combination of training and experience.

Experience: The candidate must have experience in software engineering, development or management, and/or systems engineering. Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD acquisition processes and relevant cyber security processes, such as the Risk Management Framework (RMF). The candidate should have experience building, leading, managing and participating on cross-functional, high technology teams, should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors.

Skills/Abilities: Detailed knowledge of cyber security and mission assurance in the acquisition process; detailed knowledge of at least one core competency: requirements, architecture and design, program and acquisition management, performance improvement, or assurance.  Experience in five or more of the following: DoD software systems acquisition on major programs (For the purposes of this announcement, our definition of major is at least 100K SLOC of custom developed code, and/or significant integration of COTS/GOTS products); solid technical breadth and understanding of all aspects of the end-to-end software lifecycle (e.g., requirements, design, implementation, testing, etc.); alternative life cycles (e.g. waterfall, agile); major DoD software acquisition policies and directives; enterprise architecture ; software architecture development and evaluation, software architecture patterns (e.g. SOA) and concepts (e.g. Cloud computing); information Assurance/survivability; systems engineering on software intensive systems; COTS product integration; performance measurement including definition and application of goals, measurements and metric; system of systems engineering; requirements development and management; software integration and test and software/hardware integration; deployment of software intensive systems, especially including transition from legacy systems; cost estimation.

Strong written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization.  Proven program and project management skills including: interfacing with clients, developing proposals, and establishing relationships with new DoD and/or government clients and programmatic and project management skills (e.g., ability to develop project plans, track deliverables, manage risks, perform staff planning, provide budget oversight).  Ability to lead and participate in multidisciplinary teams.

Mobility: Will be required to travel on overnight assignments.

Environmental Conditions: Usual office setting, close contact with computer for prolonged periods of time.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Master's degree in Computer Science, Information Systems, Systems Engineering, Software Engineering, or Acquisition Management.

Licenses: Certified DoD Acquisition Professional. Certified PMP.

 

Accountability:  The member will be directly accountable for understanding DoD acquisition and cyber security needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction:  As a technical staff member, he/she will be expected to operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions:  Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  Must be able to lead and supervise others.

 

Job Functions or Responsibility:

65%  Participate as a leader or member of technical teams in support of government acquisition program offices or participate as a member of a technical team performing research. Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

20%  Work with managers, business developers, current customers, and prospective customers to identify and define value-delivering opportunities and capture work.

10%  Other duties as assigned by management.

5%  Serve in an advisory capacity to other SEI technical programs on acquisition or technical issues.

100% TOTAL EFFORT

 

Organizational Chart:  SEI Director’s Office < Director, CERT < Technical Director, Cyber Security Foundations < Technical Manager

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran.

02 Feb
2017
Chief Scientist, Software Solutions Division - 2003820
Pittsburgh, PA

Position Summary: The Chief Scientist of the Software Solutions Division has strategic, operational and tactical responsibilities. Strategic responsibilities include:

  • Leading the development of the SSD technical strategy in conjunction with the SSD Director, Deputy Director, Technical Directors, and the Chief Technology Officer.  The strategy must align with the SEI strategic plan and extends across the division-wide technical pipeline of research, development, maturation and transition.
  • Maintaining an active presence in the software engineering research and DoD S&T communities; building external relationships to foster SSD technical collaborations (with other FFRDCs, industry, research labs, etc.) and expand the sources of research funding; fostering strong ties with researchers from Carnegie Mellon; and maintaining a personal technical footprint necessary for credibility with software researchers within SSD, across the SEI, and within the software engineering research and DOD S&T communities.
  • Establishing and implementing processes to enhance the quality and competitiveness of SSD research and technical support.
  • Establishing and implementing processes for the routine and systematic flow of information between research and customer delivery projects to fulfill the research to practice and practice to research cycle.

Tactical and operational responsibilities include:

  • Serving as the primary SSD representative to the SEI Tech Council.
  • Periodically communicating the needs of sponsors and stakeholders to the technical staff.
  • Facilitating the development and maturation of high quality, competitive research proposals especially with respect to the design of the research and approach to establishing scientific and operational validity.
  • Staying abreast of work in other SEI divisions and seeking synergies and opportunities for collaboration.
  • Supporting SSD business development with strategic sponsors and customers.
  • Serving as a mentor and helping to grow and advance the careers of the SSD technical staff.
  • Serving as a member of the SSD Director’s Office and Leadership team.

 

Minimum Qualifications and Requirements:

Education/Training: MS degree in computer science, engineering, or acceptable equivalent.

Licenses: None

Experience: Fifteen years of experience conducting research and/or managing the research and development of software-intensive projects. Experience in building and managing high quality technology teams. Working knowledge of the software engineering discipline. Established reputation in the software engineering research community.

Skills/Abilities: Able to team with senior managers and officials, technical researchers and engineers, and all levels of SEI personnel. Demonstrated capability in leading senior level researchers, managing and contributing to research agendas, and financial management.  Able to develop plans, manage and contribute to projects in an integrated team environment. Able to develop and deliver products and projects. Have strong organization, team building, communication and mentoring skills.

Mobility: Some extended trips to various site locations including Europe, Asia and Australia.

Environmental Conditions: Normal office setting with continuous usage of computers

Mental: Ability to work under pressure, negotiate with customers, and meet inflexible deadlines

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training:  PhD in computer science, engineering, or acceptable equivalent.

 

Accountability: The SSD CS is accountable for the creation of the SSD technical strategy and in conjunction with the SSD DO is accountable for the acquisition of adequate resources (i.e., funding, collaborators) for execution of the technical strategy.

Direction: As a member of the SSD DO, the CS takes direction from the SSD Director and Deputy Director.  The CS operates with minimum supervision using CMU and SEI defined practices, policies, and procedures.

Decisions: The CS leads the development of strategies and initiatives and assists with their implementation by identifying research topics and specific opportunities. The CS also selects and funds special research projects and activities that further the mission of SSD and the SEI.

Supervisory Responsibilities: The Chief Scientist supervises special technical projects funded by the CS or as directed by the SSD Director. 

 

Job Functions or Responsibilities:

35%     Lead the formulation of the SSD technical strategy in consonance with the SSD Director, Deputy Director, Technical Directors, and the CTO.  Work with the Technical Directors and teams to implement that strategy.  Assist with research team formation, recruiting appropriate talent, and mentoring of technical staff.  Provide guidance to and monitor the success of SSD research and special technical projects and cross-cutting efforts.  Advocate for and present the SSD technical agenda. 

10%     Participate as a member of the SSD senior leadership team. Work to ensure positive working environment, organizational effectiveness, impactful technical contributions, and SSD mission success.

30%     Establish and maintain relationships within the software research community, DoD and other US government agencies, Carnegie Mellon Community, as well as leaders in the software and systems development communities.   Identify and nurture technical collaborations and funding opportunities.

10%     Serve on the SEI Tech Council.  Collaborate and coordinate with the CTO and other SEI Chief Scientists.  Serve as the SSD liaison on activities related to OSD governance of Line-funded projects.  

15%     Contribute technically and maintain leading-edge currency in software research/profession.

100% TOTAL EFFORT

 

Organizational Chart: SSD Director < SSD Deputy Director  = SSD Chief Scientist

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

31 Jan
2017
Cyber Security Engineer - Risk and Resilience - 2004871
Pittsburgh, PA or Arlington, VA

Position Summary: The CERT Program is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania and Arlington, Virginia. The CERT Program engages in cutting-edge research and development to improve the state of cybersecurity. As an Cyber Security Engineer, you have a strong desire and drive to contribute to team and customer objectives.

You are a team player with problem-solving skills and demonstrate solid presentation and writing skills. You are able to interact with clients and staff in a highly professional and competent manner. You enjoy the flexibility of an organization that values hard work but appreciates work-life balance and professional development. In your role, you will

  • Research and contribute to improvements in National and organizational policy
  • analyze and measure effectiveness of policy and governance
  • contribute to roadmaps for improvement of cybersecurity capabilities
  • assist in implementation of policy and governance
  • participate in applied research

 

Minimum Qualifications and Requirements:

Education/Training:  BS in relevant field or equivalent experience in professional position; MS degree preferred.

Experience: Experience in information security policy, governance, or leadership. Other potential career backgrounds include: audit, IT security, compliance, project management or similar technical occupation.

Experience and familiarity with;

  • cybersecurity concepts and technical implementations
  • cybersecurity standards, policies, and frameworks
  • strategic planning
  • metrics and measurements methodologies

Travel: Up to 25% travel to various customer locations

Physical Mobility:  Primarily sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites.

Environmental Conditions:  normal office conditions; however close contact with CRT for prolonged periods.

Mental:

  • ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities
  • ability to collaborate diplomatically and successfully with customers, co-workers and other professional colleagues, managers, and staff.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.
 

Job Functions or Responsibilities:

70%   Participate as a team member in customer engagement to develop, analyze, and implement cybersecurity policy.

15%   Participate in research into innovative and cutting-edge tools, techniques, and methods to improve cyber security, policy/governance, and resilience; transition research into applied knowledge for customers.

5%   Support conferences, workshops, and meetings as a team contributor.

10%   Engage in professional development activities.

100% TOTAL EFFORT
 

Organizational Chart: Director CERT Program < Technical Director, Cybersecurity Risk and Resilience Directorate < Technical Manager, Cybersecurity Risk Management Team< Cyber Security Engineer – Risk and Resilience

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

 

31 Jan
2017
Event Planner II - 2004870
Pittsburgh, PA

Position Summary: This position reports to the Events & Trade Shows Team Lead and is responsible for planning and executing SEI-sponsored events, conferences, and special meetings, as well as internal meetings and social events. The person in this position will be responsible for planning, coordinating, and handling all logistical elements for events, both independently and as part of a team. Duties include, but are not limited to, developing timelines and project plans; managing logistical budgets; selecting vendors and negotiating contracts; coordinating all communication and ancillary resources including event advertisement and promotional material, equipment, travel, and hotel or housing plans; supporting key stakeholders; developing planning documents; and ensuring that all aspects of the planning process are in line with event goals and objectives and adhere to project deadlines. Also, this position handles event registration and other attendance-related tracking, audio-visual resources, catering, room and venue setup and floorplans, internal catering orders, and internal cafeteria processes. May assist with event sponsorship sales and establishing event registration fees. Oversees the work of vendors and staff before, during, and after the event. Manages event conflicts and resolves problems. Conducts post-event assessments, including ROI. May be called upon to assist with trade shows as needed. Additional related duties will be assigned as needed.

 

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s degree in hospitality, business, communications, marketing or a related field.

Licenses/Certifications: Certified Meeting Professional (CMP) issued by Convention Industry Council, or Certified Government Meeting Professional (CGMP) issued by Society for Government Meeting Professionals (SGMP), or a Certified Trade Show Marketer (CTSM) issued by Northern Illinois University Outreach, or a certification in a related field.

Experience: Three (3) to five years of experience in planning educational and social events.

Skills/Abilities:

  • Organizes and supports various types of events and projects from planning stages through production and delivery
  • Coordinates execution of various event needs to include: site selection, room set-ups, equipment rental, audio/visual requirements, labor requirements, catering, flowers/greens, entertainment, on-site event staffing and management, travel arrangements and other logistical needs as necessary.
  • Coordinates event programming and speakers, drafts correspondence, and prepares event outlines and briefing documents for all event participants.
  • Produces/organizes event supplies, signage; manages inventory of event branding materials and department supplies; suggests changes/enhancements to established procedures in order to organize and expedite the flow of work.
  • Handles invitation lists and registration process; tracks registrations for department and produces reports, name badges, etc.
  • Selects vendors and negotiates contracts; gathers pricing information and places orders with internal and external vendors; oversees work of vendors before, during, and after the event, managing conflicts and resolving problems; assessing vendor performance and service to determine if outcomes were delivered per contract terms and expectations.
  • Manages vendor payments and budget administration for events and department; tracks costs, working within specified budget parameters.
  • Conducts post assessment of event effectiveness and implements improvement plan for future events.

Physical: Able to lift up to 50 lbs. Ability to withstand prolonged periods of physical activity including standing, walking and lifting.    

Mobility: Needs to negotiate diverse environments and travel to various locations domestically, internationally, and on campus, as well as stand for long periods of time at events. Weekend and evening hours will be required for overseeing SEI events. Extended overnight domestic and international travel required.

Environmental Conditions: Usual office setting as well as off-site convention, hotel, or conference center settings. Close contact with computer monitor for prolonged periods of time.

Mental: Must demonstrate a high degree of professionalism and poise, be self-motivated, organized, and have strong oral and written communication skills. This person should be able to solicit and interpret the needs of clients based on conversations and be able to problem-solve creatively. The ability to think analytically and strategically when managing events will be key to success. The planner will exercise diplomacy, keen judgment and sound decision-making principles, and be able to recognize a potential problem and suggest solutions.

Other: Evening and weekend hours will be required throughout duration of conferences, events, and meetings, including pre-event and post-event travel.  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance

 

Preferred Qualifications and Requirements:

Experience: Experience working with an educational, government, or government agency or in a similar environment.

 

Accountability: Oversees logistical budgets and expenses for assigned events. Directs, coordinates, and trains vendors, subcontractors, union labor, volunteers, and SEI staff assigned to the event. Manages and mobilizes conference participants in several venues over multiple days. Provides direction and conference goals and themes to others for the creation of event deliverables, including but not limited to event website, design elements, print, graphics, signage, and all other event-related collateral, Deliver and manage the assigned SEI events and conference utilizing documented Meeting Professionals International (MPI) and the Society of Government Meeting Professional (SGMP) policies and standard best practices. Directly responsible for planning, executing, and delivering logistics for assigned conferences, meetings, events, special events, and internal functions, including, but not limited to service operations to internal stakeholders.

Direction: Performs under minimal supervision.  Most normal duties and responsibilities are handled independently.

Decisions: Overall decisions impact whether or not execution of the assigned event meets the stakeholder goals and are within the budgeted logistical expense plan. Recommends event registration fees; event services; event is designed and delivered to meet targeted stakeholders’ needs. Makes adjustments to event plans according to change requests and/or contractual constraints.

Supervisory Responsibilities: Supervise, task, and manage event staff and processes for all volunteers, temporary staff, vendors and visitors bureaus, destination management companies, decorator contractors and labor, registration, security, banquet, transportation, audio-visual staff, and convention services and hotel sales. Functions as the point of contact with hotel and convention center staff in multiple departments

 

Job Functions or Responsibilities:

50%     Manage conferences, events, meetings, social events, and internal events from planning stages through production and delivery with limited oversight.  Develops timelines and project plans.  Determines or establishes budgets; selects vendors and negotiates contracts.  

30%     Negotiate and work with stakeholders and vendors.

10%     Collect, enter, and review event evaluations (if applicable) to assist with tracking and determining potential Return on Investment (ROI) and initiating improvement plans.

10%     Attend regular team meetings and other internal SEI meetings.  Execute internal and external communication.  Participate in professional development certifications and courses.

100% TOTAL EFFORT

 

Organizational Chart:  Communication Services Manager < Senior Event Planner, Events Team Lead < Event Planner.

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

31 Jan
2017
Linux Systems Administrator - 2004862
Pittsburgh, PA

Position Summary: The individual in this position will work as a member of the IT staff on the Unix Systems Team.  The primary responsibility of this position is the operation and administration of systems hosting various Linux-based information services in a multi-platform environment. Desirable candidates will have:

  • Experience operating and maintaining production Linux-based IT services
  • Working knowledge of system administration scripting languages (Bourne Shell, Perl)
  • History participating in the entire lifecycle (planning, deployment, maintenance) of critical IT services

 

Minimum Qualifications and Requirements:

Education/Training:  BS in Computer Science, Information Science, Information Technology with one year of experience; MS in Computer Science, Information Science, or Information Technology with one year experience; or PhD in Computer Science, Information Science, Information Technology.

Candidates with a degree in other technical fields (e.g., engineering) and 1 year of relevant experience as described above will be considered as well.

Licenses:  None

Experience: Candidate must have experience in the operation and maintenance of Linux-based systems hosting a variety of applications, a basic understanding of IP networks, a basic understanding of mail systems, basic script writing and maintenance skills (e.g. BASH, Perl), general administrative familiarity with open-source technologies (e.g. Sendmail, BIND, PostgreSQL, Apache).

Skills/Abilities: Candidate should be capable of operating and administering Linux systems and their applications with little technical oversight based on documented operations practices.  Demonstrable skill in analyzing logging and other diagnostic output from multiple systems to troubleshoot and resolve issues is required.  Temperament to serve as a second-tier escalation point for issues from the helpdesk and to function as a liaison between customer groups, the helpdesk and systems engineers is required to perform well in this role.

Mobility:  Some infrequent business travel required. Computer hardware installation and configuration required on a regular basis, sometimes involving transport of heavy objects (typically under 100 lbs.) short distances, use of hand tools, et cetera. Carrying of light objects (< 20 lbs.) for longer distances (intra-campus; 2-3 city blocks) may also be required.  Will have to travel to other campus locations on a daily basis.

Environmental Conditions: Close contact with CRT/LCD screens for extended periods; periodic work in a computer datacenter environment.

Mental:  Ability to work under pressure and meet deadlines; ability to prioritize tasks; strong learning capability; ability to interact effectively with others of varying technical competency, vendors, managers, and other technical research staff; ability to work effectively with all levels of staff within the SEI and Carnegie Mellon. Good technical problem-solving skills. Strong information organization skills as well as good oral and written communication skills are required.

Other:  Evening/weekend hours will be periodically required in order to perform service outside of normal operating hours. There is a rotating on-call component to this position – average call volume is very light, about 3-5 calls/week. Candidate must be able to respond to outage events at the main facility in Pittsburgh, PA (Oakland) in a reasonable time (e.g. within ~30 minutes).

Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements

Education/Training: MS in Computer Science, Information Science, or Information Technology with one year of experience.

Licenses: RHCE, RHCSA

Experience: Experience in the preparation of systems to conform to DISA STIG guidelines, executing Security Readiness Review (SRR) scripts, following DISA Security Checklists and resolving findings in preparation for IA review and accreditation.  Some skill at automating log analysis and generating reports from analysis is desirable. At least 12 months of said relevant experience served in the same organization evolving a single infrastructure is preferred. Enterprise-level operation of collections of systems running Red Hat Enterprise Linux is preferred to other Linux experience.  Experience in administering Linux systems in a virtualized environment (e.g. VMware ESX) would be helpful.

Skills/Abilities:  Experience with compiling, packaging and debugging software packages.  Desirable candidates will also have working experience with firewalls, basic software building, advanced troubleshooting of multi-system applications and general software development skills in a Unix-based language such as Perl, Python or Ruby.  Experience with systems configuration management tools such as Red Hat Network Satellite, Puppet, Chef is preferred.

Other: Clearances: United States DoD Top Secret that is transferrable to the SEI.

 

Accountability: Employee is accountable for describing, implementing and/or maintaining an efficient, reliable and secure configuration of computing services in support of the SEI’s initiatives and/or a sponsor/client. Employee may be responsible for the proper handling/destruction of confidential, sensitive or classified information.

Direction: Employee will be expected to work under some supervision within the defined scope of authority and in accordance with SEI and IT operating guidelines.

Decisions: Under management direction, the employee will decide the appropriate configuration for production computing services for programs within the SEI. Employee will determine how best to allocate and/or acquire resources necessary to implement and evolve information services. Employee will determine the cause of computing problems and take corrective action in a timely fashion when a system/service fails or becomes unavailable. Employee will describe the appropriate procedures to configure and maintain a particular computing system to support one or more critical business functions in a secure manner.

Supervisory Responsibilities: Employee may, at the manager or team leader’s discretion, task/supervise student/temporary employees in completion of specific tasks. Employee will provide assistance to staff members / clients in the proper configuration/use of computer hardware and software services and tools.

 

Job Functions or Responsibilities

40%     Participates in the administration and operation of Linux services for the SEI.  Drafts documents to describe the proper configuration/use of such services from an IT perspective when necessary. Regularly reviews logging and other output sources and takes actions based on operating conditions.  Performs software updates and host servicing as necessary.

40%     Functions as an escalation point for issues from first-line support that cannot be handled in that group due to skill or privilege restrictions.

5%       Packages software for use in the Linux infrastructure.

10%     Maintains and updates operational documentation

Secondary Functions

5%       Training and professional development.

100% TOTAL EFFORT

 

Organizational Chart: SEI Chief Information Officer < Systems Group Manager < Linux Administrator

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

31 Jan
2017
Senior Network Operations Design Engineer - 2004873
Pittsburgh, PA

Position Summary: The individual in this position will work as a member of the IT staff on the Network Engineering Team and will have the opportunity to work with experts in software engineering, Internet security, and network survivability. The primary responsibility of this position is LAN and WAN network design, engineering and administration. Desirable candidates will have:
 

  • Experience solving challenging technical problems in a production setting
  • History participating in the entire lifecycle (planning, deployment, maintenance) of network management and administration
  • Experience administering networks in multiple geographic locations, including ‘lights out’ operations

 

Minimum Qualifications and Requirements:

Education/Training:  BS in Computer Science, Information Science, Information Technology with (3) three to (5) five years of experience;  Candidates with a degree in other technical fields (e.g., engineering) and years of relevant experience as described above will be considered as well.

Experience: Experience as a network engineer for a heterogeneous infrastructure in a professional environment required. At least three of the five years relevant experience maintaining and evolving a network for the same organization is required.

Licenses:  None

Skills/Abilities: Ability to deal with software and network systems integration at various levels (service design, deployment, maintenance). Strong hands-on knowledge in the configuration, securing, and troubleshooting of Juniper and Cisco network devices, LAN and WAN technologies, firewalls, VPNs, routing protocols (OSPF,BGP), Linux-based network services, and monitoring/maintaining all of these to ensure their continued secure operation is required.

Mobility:  Moderate business travel required. Computer hardware installation and configuration required on a regular basis, sometimes involving transport of heavy objects (typically under 50 lbs.) short distances, use of hand tools, et cetera. Carrying of light objects (< 20 lbs.) for longer distances (intra-campus; 2-3 city blocks) may also be required.

Environmental Conditions: Ability to use a computer keyboard and display for extended periods of time; periodic work in a computer machine room or wiring closet environment.

Mental:  Ability to work under pressure and meet deadlines; ability to prioritize tasks; strong learning capability; ability to interact effectively with others of varying technical competency, vendors, managers, and other technical research staff; ability to work effectively with other groups within the SEI and Carnegie Mellon. Good technical problem-solving skills. Strong information organization skills as well as good oral and written communication skills are required.

Other:  Ability to provide technical support on a 24x7 basis is required, including weekends. There is a rotating on-call component to this position. Candidate must respond to outage events via remote access (in appropriate circumstances) within 30 minutes.  Some situations in this role will demand an on-site response; on-site response to the local SEI facility must be achieved within 60 minutes barring extreme adverse weather conditions. Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Experience:  Experience as a network/system administrator with some team leadership experience. Experience with technologies such as Blue Coat proxy, F5 LTM/APM/ASM, and Pulse NAC/VPN. Working with governmental accreditation requirements for operating IT environments and networks, such as NISPOM, DCID and STIG.

Licenses: Juniper Networks Certified Professional Enterprise Routing and Switching (JNCIP-ENT), Cisco Certified Network Professional (CCNP) or better.

Skills/Abilities:  Highly desirable candidates will also have working experience with intrusion/anomaly detection, network forensics, and vulnerability assessment tools/techniques and load balancing technologies.

 

Accountability: Employee is accountable for describing, implementing and/or maintaining an efficient, reliable and secure configuration of computing services in support of the SEI initiatives and/or a sponsor/client. Employee may be responsible for the proper handling/destruction of confidential and sensitive information.

Direction: Employee will be expected to work under minimum supervision within the defined scope of authority and in accordance with SEI IT operating guidelines.

Decisions: Under management direction, the employee will decide the appropriate configuration for production computing services. Employee will determine how best to allocate and/or acquire resources necessary to implement and evolve information services. Employee will determine the cause of computing problems and take corrective action in a timely fashion when a system/service fails or becomes unavailable. Employee will describe the appropriate procedures to configure and maintain a particular computing system to support one or more critical business functions in a secure manner.

Supervisory Responsibilities: Employee may, at the manager or team leader’s discretion, task/supervise other employees in completion of specific tasks. Employee will provide assistance to staff members / clients in the proper configuration/use of computer hardware and software services and tools.

 

Job Functions or Responsibilities:

40%     Maintenance and evolution of data network(s).

25%     Mentoring, guidance, and interaction with other staff.

15%     User infrastructure problem identification / resolution.

5%       Develop draft documents on the proper configuration/use of network facilities.

10%     Support other SEI Infrastructure production services.

5%       Maintaining awareness of evolving trends.

100% TOTAL EFFORT

 

Organizational Chart: IT Director < Network and Infrastructure Engineering Manager < Network Engineering Team Lead < Senior Network Engineering Team Member

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

31 Jan
2017
Senior Software Assurance Engineer - 2004867
Arlington, VA

Position Summary: The CERT program of the Software Engineering Institute is looking to fill a leadership position improving the cyber security of acquisitions in the Air Force. This high visibility, high impact position will be responsible for helping senior leaders of Air Force programs improve the cyber resiliency of software intensive systems throughout the acquisition lifecycle, from requirements to development to deployment and sustainment.

This Senior Member of the Cyber Security Foundations directorate will be responsible for leading cross functional teams that enable the organizations within the Air Force to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems. Key activities include understanding customer requirements and key challenge problems and addressing them with tailored solutions; applying, adapting, integrating, verifying and transitioning applicable research and practices to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software security state of the practice; and maintaining situational awareness in technical and DoD domains. The candidate will coordinate closely with technical staff in CERT and other SEI programs to deliver cyber security technical expertise to customers throughout the life-cycle.

 

Minimum Qualifications and Requirements:

Education/Training: BS or equivalent degree in relevant discipline with ten (10) years applicable experience; MS or equivalent degree in relevant discipline with eight (8) years applicable experience; PhD or equivalent degree in relevant discipline with five (5) years applicable experience, or equivalent combination of training and experience.

Experience: The candidate must have experience in software engineering, development or management, and/or systems engineering. Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD acquisition processes and relevant cyber security processes, such as the Risk Management Framework (RMF). The candidate should have experience building, leading, managing and participating on cross-functional, high technology teams, should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors.

Skills/Abilities: Detailed knowledge of cyber security and mission assurance in the acquisition process; detailed knowledge of at least one core competency: requirements, architecture and design, program and acquisition management, performance improvement, or assurance.  Experience in five or more of the following: DoD software systems acquisition on major programs (For the purposes of this announcement, our definition of major is at least 100K SLOC of custom developed code, and/or significant integration of COTS/GOTS products); solid technical breadth and understanding of all aspects of the end-to-end software lifecycle (e.g., requirements, design, implementation, testing, etc.); alternative life cycles (e.g. waterfall, agile); major DoD software acquisition policies and directives; enterprise architecture ; software architecture development and evaluation, software architecture patterns (e.g. SOA) and concepts (e.g. Cloud computing); information Assurance/survivability; systems engineering on software intensive systems; COTS product integration; performance measurement including definition and application of goals, measurements and metric; system of systems engineering; requirements development and management; software integration and test and software/hardware integration; deployment of software intensive systems, especially including transition from legacy systems; cost estimation.

Strong written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization.  Proven program and project management skills including: interfacing with clients, developing proposals, and establishing relationships with new DoD and/or government clients and programmatic and project management skills (e.g., ability to develop project plans, track deliverables, manage risks, perform staff planning, provide budget oversight).  Ability to lead and participate in multidisciplinary teams.

Mobility: Will be required to travel on overnight assignments.

Environmental Conditions: Usual office setting, close contact with computer for prolonged periods of time.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Master's degree in Computer Science, Information Systems, Systems Engineering, Software Engineering, or Acquisition Management.

Licenses: Certified DoD Acquisition Professional. Certified PMP.

 

Accountability:  The member will be directly accountable for understanding DoD acquisition and cyber security needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction:  As a technical staff member, he/she will be expected to operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions:  Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  Must be able to lead and supervise others.

 

Job Functions or Responsibility:

65%  Participate as a leader or member of technical teams in support of government acquisition program offices or participate as a member of a technical team performing research. Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

20%  Work with managers, business developers, current customers, and prospective customers to identify and define value-delivering opportunities and capture work.

10%  Other duties as assigned by management.

5%  Serve in an advisory capacity to other SEI technical programs on acquisition or technical issues.

100% TOTAL EFFORT

 

Organizational Chart:  SEI Director’s Office < Director, CERT < Technical Director, Cyber Security Foundations < Technical Manager

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran.

31 Jan
2017
Senior Systems Engineer - 2004872
Pittsburgh, PA

Position Summary: The individual in this position will work as a member of the IT staff in the Network and Infrastructure Engineering group. The primary responsibility of this position is engineering and operation of the datacenter and cloud infrastructures. The candidate will help evolve the exisiting datacenter infrastructure as well as play a key role in the engineering and operations of cloud and hybrid virtualization. Desirable candidates will have:
 

  • Experience (two or more years) solving challenging infrastructure problems in a production setting
  • Experience administering cloud and on-premises virtualization technologies
  • History participating in the entire lifecycle (planning, deployment, maintenance) of infrastructure monitoring and management

 

Minimum Qualifications and Requirements:

Education/Training:  BS in Computer Science, Information Science, Information Technology with three (3) to five (5) years experience or equivalent combination of training and experience. Candidates with a degree in other technical fields (e.g., engineering) and years of relevant experience as described above will be considered as well.

Licenses:  None

Experience: Experience as a systems engineer for a heterogeneous infrastructure in a professional environment required. At least two of the five years relevant experience maintaining and evolving systems for the same organization is required.

Skills/Abilities: Administration and operation of Microsoft Azure and Office365 cloud infrastructures. Experience with VMWare vSphere 5.x and 6.x. Experience with datacenter equipment (e.g. racks, power distribution equipment, serial console networks, environmental monitoring, KVM solutions). Experience in the deployment and operation of monitoring and backup systems for servers, network devices, environmental monitoring equipment and other datacenter devices.

Mobility:  Infrequent business travel required. Computer hardware installation and configuration required on a regular basis, sometimes involving transport of heavy objects (typically under 50 lbs.) short distances, use of hand tools, et cetera. Carrying of light objects (< 20 lbs.) for longer distances (intra-campus; 2-3 city blocks) may also be required.

Environmental Conditions: Ability to use a computer keyboard and display for extended periods of time; periodic work in a computer machine room or wiring closet environment.

Mental:  Ability to work under pressure and meet deadlines; ability to prioritize tasks; strong learning capability; ability to interact effectively with others of varying technical competency, vendors, managers, and other technical research staff; ability to work effectively with other groups within the SEI and Carnegie Mellon. Good technical problem-solving skills. Strong information organization skills as well as good oral and written communication skills are required.

Other:  Ability to provide technical support on a 24x7 basis is required, including weekends. There is a rotating on-call component to this position. Candidate must respond to outage events via remote access (in appropriate circumstances) within 30 minutes.  Some situations in this role will demand an on-site response; on-site response to the local SEI facility must be achieved within 60 minutes barring extreme adverse weather conditions.

Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: MS in Information Science or Information Technology.

Licenses: MCSA: Cloud Platform or VMware Certified Professional (VCP)

Experience:  Five years of experience as a system administrator in relevant technologies with some team leadership experience. Working with governmental accreditation requirements for operating IT environments and networks, such as NISPOM, DCID and STIG.

Skills/Abilities:  Operation and servicing of Dell server equipment, IBM Tivoli Storage Manager operations, SAN/NAS technologies, and Nagios.

Other: Clearances: United States DoD Top Secret or equivalent that is transferrable to the SEI.

 

Accountability: Employee is accountable for describing, implementing and/or maintaining an efficient, reliable and secure configuration of computing services in support of the SEI initiatives and/or a sponsor/client. Employee may be responsible for the proper handling/destruction of confidential and sensitive information.

Direction:Employee will be expected to work under minimum supervision within the defined scope of authority and in accordance with SEI ITS operating guidelines.

Decisions:Under management direction, the employee will decide the appropriate configuration for production computing services. Employee will determine how best to allocate and/or acquire resources necessary to implement and evolve information services.Employee will determine the cause of computing problems and take corrective action in a timely fashion when a system/service fails or becomes unavailable.Employee will describe the appropriate procedures to configure and maintain a particular computing system to support one or more critical business functions in a secure manner.

Supervisory Responsibilities: Employee may, at the manager or team leader’s discretion, task/supervise other employees in completion of specific tasks. Employee will provide assistance to staff members / clients in the proper configuration/use of computer hardware and software services and tools.

 

Job Functions or Responsibilities:

40%     Operation, monitoring and administration of the cloud and virtualization systems

30%     Maintenance and evolution of the datacenter

10%     User infrastructure problem identification / resolution.

5%       Develop draft documents on the proper configuration/use of facilities and services.

10%     Support other SEI Infrastructure production services.

5%       Maintaining awareness of evolving trends in backups and disaster recovery

100% TOTAL EFFORT

 

Organizational Chart:  IT Director < Network and Infrastructure Engineering Manager < Infrastructure Engineering Team Lead < Senior Systems Engineer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

25 Jan
2017
DevOps Software Engineer - 2004844
REMOTE - Aurora, CO

This position is located in Aurora, CO.

Position Summary: This position within the Software Engineering Institute (SEI) will be physically located at our customer facilities in Aurora, CO and will lead DevOps and related activities and teams providing software engineering expertise to an Air Force program.  The candidate will support the SEI’s mission by capturing government needs and identifying, shaping, and guiding programs to operationalize the most appropriate software engineering and acquisition techniques and practices. If you are an engineer passionate about improving the ability to deliver high quality, mission critical systems, and you are committed to bringing innovation to government, then this is the position for you.

The Senior Technical Staff Member of the Engineering Technical Staff of the Software Solutions Division will be responsible for leading and/or participating on teams that enable the organizations within the Department of Defense to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems. Key activities include understanding customer requirements and key challenge problems and addressing them with tailored solutions; applying, adapting, integrating, verifying and transitioning the SEI  technical body of knowledge and other technical bodies of knowledge to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software engineering state of the practice; and maintaining situational awareness in technical and DoD domains.

The candidate will coordinate closely with staff domain experts across the SEI to deliver targeted and actionable software engineering technical expertise to customers throughout the life-cycle and also coordinate with government and industry.

 

Minimum Qualifications and Requirements:

Education/Training: BS or equivalent degree in Computer Science, Computer Engineering, Software Engineering, Electrical Engineering or a related technical discipline with eight (8) years applicable experience; MS or equivalent degree in Computer Science, Computer Engineering, Software Engineering, Electrical Engineering or a related technical discipline with five (5) years applicable experience; PhD or equivalent degree in Computer Science, Computer Engineering, Software Engineering, Electrical Engineering or a related technical discipline with two (2) years applicable experience.

Experience: The candidate must have experience in software engineering, development or management, and/or systems engineering. The candidate must also be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD, Intelligence Community, or Civilian Agency acquisition processes. The candidate should have experience building, leading, managing, and participating on cross-functional, high technology teams. The candidate should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors. 

The candidate should have experience in five (5) or more of the following:

  • DoD or Civilian Agency software systems acquisition on major programs (~100K SLOC or more of custom developed code, and/or significant integration of COTS/GOTS products);
  • solid technical breadth and understanding o of the end-to-end software lifecycle (e.g., requirements, architecture, design, implementation, testing, etc.);
  • alternative life cycles (e.g. agile, devops);  
  • requirements development and management;
  • enterprise architecture;
  • software architecture development and evaluation, software architecture patterns (e.g. SOA) and concepts (e.g. Cloud computing);
  • information Assurance/survivability;
  • systems engineering on software intensive systems;
  • COTS and GOTS product integration;
  • performance measurement including definition and application of goals, measurements and metrics;
  • system of systems engineering;
  • software integration and test and software/hardware integration;
  • deployment of software intensive systems, especially including transition from legacy systems;
  • cost estimation.

Skills/Abilities:

  • Deep, detailed knowledge of software engineering including detailed knowledge of at least three of the following core competencies: requirements, architecture and design, program and acquisition management, performance improvement, assurance, and/or security
  • Relevant experience within the last 5 years in working on a large software development program 
  • Knowledge of how to apply system engineering principles to system software development
  • Knowledge of the latest commercial software best practices (e.g. design and test methods) 
  • Knowledge and demonstrated proficiency in two of more the following languages/tools/domains: Java, Python, Ruby, Jenkins, Chef, and cloud provisioning
  • Ability and knowledge to apply methods and practices for troubleshooting, recovering, adjusting, modifying, and improving software intensive systems
  • Demonstrated skill in participating in cross-functional teams
  • Demonstrated skill in recommending appropriate technical changes to support software and test development improvements
  • Ability to design, develop, test, analyze, document, and demonstrate advanced prototypes. 
  • Ability and interest to investigate, learn, and apply emerging technologies and techniques.
  • Ability to understand and resolve complex programming problems. 
  • Ability to communicate orally and in writing;
  • Knowledge of defense acquisition/contracting and the ability to work with contractors and customers and other agencies;
  • Confidence and ability to brief senior government leaders and their staffs.

Mobility: Will be required to travel on overnight assignments, occasionally for several days.

Environmental Conditions: Usual office setting, including extended work at a computer screen.

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Master's degree in Computer Science, Information Systems, systems engineering, software engineering, or acquisition management, or equivalent combination of training and experience.

 

Accountability:  The member will be directly accountable for understanding DoD acquisition needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction:  As a technical staff member, he/she will be expected to operate with minimum supervision using Carnegie Mellon University and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions:  Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  Must be able to lead and supervise others.

 

Job Functions or Responsibilities:

85%     Participate as a leader or member of dynamic technical teams in support of government acquisition programs.

10%      Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

5%       Other duties as assigned by the Software Solutions Directorate Director, or Deputy Director.

100% TOTAL EFFORT

 

Organizational Chart:  SEI Director’s Office < Director, Software Solutions Division < Technical Director, Client Technical Solutions Directorate < Sector Lead, CTSD Sector Team

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

25 Jan
2017
SEI Operating Location - Boston Lead - 2004845
REMOTE - Bedford, MA

Position Summary: This position will be responsible to the Director/Deputy Director, Software Solutions Division (SSD), for overall management of the SEI Boston operating location.  In this capacity it will be responsible for leading staff and work in the Boston office.  It will also be responsible for developing business and customer relations primarily in Boston, but also in other areas associated with Air Force PEO for Command, Control, Communications, Intelligence and Networks (C3I&N) and PEO Battle Management missions including PEO C3I&N (San Antonio) and PEO Battle Management (Offutt).  Primary SEI interface with senior leadership in the Boston area to include but not limited to Air Force PEOs, Directors of Engineering (DoE), and Program Directors of potential and managed work at Hanscom Air Force Base and other Northeast Locations.  Responsible for developing support requirements within Air Force PEO portfolios as well as other federal and industry customers in the Boston area and Northeast corridor as appropriate.  This position will coordinate closely with technical and business development staff in the Software Solutions Division (SSD) and other SEI programs.  This position requires working with teams to enable the Department of Defense, Civil Government and other organizations to enhance predictable performance and mission assurance in the acquisition, evolution, sustainment and operations of software-reliant systems.  Key business development activities include understanding customer requirements and challenges and addressing them with tailored solutions.  Manages execution of all assigned work in the Boston area by regularly meeting with customer leads to ensure SEI work is meeting expectations. 

 

Minimum Qualifications and Requirements:

Education/Training: Bachelor's Degree in Systems Engineering, Computer Science, Information Systems, Software Engineering or related discipline or equivalent combination of experience and training

Experience: The candidate must have at least: BS or equivalent degree in relevant discipline with ten (10) years applicable experience; MS or equivalent degree in relevant discipline with eight (8) years applicable experience; PhD or equivalent degree in relevant discipline with five (5) years applicable experience. The candidate must have experience in systems engineering or software engineering development and management. Must be knowledgeable of the software engineering and/or systems engineering disciplines as well as understanding the DoD, Intelligence Community or Federal Agency acquisition processes. The candidate should have experience in business development; in building, leading, managing and participating on cross-functional, high technology teams; should be able to operate effectively with all organizations and be able to interact diplomatically with partners, customers and sponsors.

Skills/Abilities: Detailed knowledge of leadership and management, business development, systems engineering, and the space domain and must be familiar with at least two of the following competencies: requirements, architecture and design, program and acquisition management, performance improvement, assurance, security.

Experience in at least three of the following: DoD or Federal Agency systems acquisition on major programs; solid technical breadth and understanding of all aspects of the end-to-end systems and acquisition lifecycles (e.g., requirements, design, implementation, testing, etc.); major DoD, Intelligence Community, or  Federal Agency systems acquisition policies and directives; architecture development and evaluation, survivability/resilience; sustainment; systems engineering of software intensive systems; measurement and metrics; system of systems engineering; requirements development and management. 

Strong leadership and management skills.  Excellent written and verbal communications skills and the ability to present to high visibility stakeholders. Proven program and project management skills including interfacing with clients, team building, developing proposals, and establishing relationships with new DoD and/or government clients; programmatic and project management skills (e.g., ability to develop project plans, track deliverables, manage risks, perform staff planning, provide budget oversight). Ability to lead and participate in multidisciplinary teams.  Ability to develop new business opportunities which will be demonstrated in the 6, 12 and 24 month evaluation periods.

Physical/Mobility: Normally sedentary with some mobility; frequent travel is required; also must adjust to a work schedule that requires some weekend and evening hours.

Environmental Conditions: Normal office setting with extended use of a computer and other electronic devices.

Mental: Flexibility, multi-tasking, ability to meet short deadlines.

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Master's degree in Systems Engineering, Computer Science, Information Systems, Software Engineering, or acquisition management with eight (8) years of experience.

Experience: Progressively responsible experience in technical and project management activities relating to technical products and services of large industrial organizations and experience in related areas across the Federal Government specifically as it relates to establishing and growing business opportunities and interfacing with customers.

 

Accountability:  Responsible for leading technical support to assigned programs within the Boston and Northeast corridor, primarily the Air Force PEO level work at Hanscom AFB.

Responsible for the development of a balanced portfolio of customers to contribute proportionately to the annual Software Solutions Division (SSD) total funding and ceiling objectives.

Direction:  Acts independently with little or no supervision.  Expected to act in support of the Software Solutions Division (SSD) goals and objectives and to coordinate and communicate appropriately with the Division Sr. Management, Team Leads, SSD Business Managers, and SEI Technical Staff.  Models, leads and is committed to the SEI mission to advance software engineering and related disciplines to ensure the development and operation of systems with predictable and improved cost, schedules and quality.

Location:  SEI Boston Office

Decisions:  Customer negotiations for the work scope, delivery and cost. Personnel performance management and assessment.  Determining skill mix necessary to meet customer expectations.

Supervisory Responsibilities:  Administrative supervision of personnel assigned to the Boston office. Will participate fully in the process of hiring new employees. 

 

Job Functions or Responsibilities:

40%     Execution Management - Responsible for managing the life-cycle activities for assigned customers, including but not limited to customer qualifications, PWP development, contract negotiation, scope statement development, budget management, on time commitments, and follow-up to ensure customer satisfaction.

15%     Personnel management - Responsible for supervising assigned team members. Interfaces with SEI technical programs and business and financial services.

15%     Requirements Development - Responsible for eliciting, defining and coordinating customer requirements with customer POCs on Project Work Plans (PWPs) within the purview of the SEI Boston Operating Location.  Coordinates scope statements with SSD Technical Directorates, as well as other SEI Divisions where appropriate.

10%     Resource Planning - Responsible for monitoring assigned personnel and ensuring there is coverage for all individuals assigned to the SEI Boston location.

10%     Staffing Development - Responsible for working with SEI Human Resources (HR) to develop and execute staffing plan for SEI OL-Boston

8%       Administration/Travel - Travel likely required to alternate customer sites and other venues to meet with current and prospective government clients and collaborators.  Additionally travel will be required back to SEI Pittsburgh.

2%       Professional development - Will be required to expand knowledge to better understand SEI policies, processes, products and services, as well as expanding the Federal Government customer base.

100% TOTAL EFFORT

 

Organizational Chart: SSD Director/Deputy Director > SEI Operating Location – Boston Lead

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

25 Jan
2017
Senior DevOps Software Engineer - 2004843
REMOTE - Aurora, CO

This position is located in Aurora, CO.

Position Summary: This position within the Software Engineering Institute (SEI) will be physically located at our customer facilities in Aurora, CO and will lead DevOps and related activities and teams providing software engineering expertise to an Air Force program.  The candidate will support the SEI’s mission by capturing government needs and identifying, shaping, and guiding programs to operationalize the most appropriate software engineering and acquisition techniques and practices. If you are an engineer passionate about improving the ability to deliver high quality, mission critical systems, and you are committed to bringing innovation to government, then this is the position for you.

The Senior Technical Staff Member of the Engineering Technical Staff of the Software Solutions Division will be responsible for leading and/or participating on teams that enable the organizations within the Department of Defense to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems. Key activities include understanding customer requirements and key challenge problems and addressing them with tailored solutions; applying, adapting, integrating, verifying and transitioning the SEI  technical body of knowledge and other technical bodies of knowledge to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software engineering state of the practice; and maintaining situational awareness in technical and DoD domains.

The candidate will coordinate closely with staff domain experts across the SEI to deliver targeted and actionable software engineering technical expertise to customers throughout the life-cycle and also coordinate with government and industry.

 

Minimum Qualifications and Requirements:

Education/Training: BS or equivalent degree in Computer Science, Computer Engineering, Software Engineering, Electrical Engineering or a related technical discipline with ten (10) years applicable experience; MS or equivalent degree in Computer Science, Computer Engineering, Software Engineering, Electrical Engineering or a related technical discipline with eight (8) years applicable experience; PhD or equivalent degree in Computer Science, Computer Engineering, Software Engineering, Electrical Engineering or a related technical discipline with five (5) years applicable experience.

Experience: The candidate must have experience in software engineering, development or management, and/or systems engineering. The candidate must also be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD, Intelligence Community, or Civilian Agency acquisition processes. The candidate should have experience building, leading, managing, and participating on cross-functional, high technology teams. The candidate should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors. 

The candidate should have experience in five (5) or more of the following:

  • DoD or Civilian Agency software systems acquisition on major programs (~100K SLOC or more of custom developed code, and/or significant integration of COTS/GOTS products);
  • solid technical breadth and understanding o of the end-to-end software lifecycle (e.g., requirements, architecture, design, implementation, testing, etc.);
  • alternative life cycles (e.g. agile, devops);  
  • requirements development and management;
  • enterprise architecture;
  • software architecture development and evaluation, software architecture patterns (e.g. SOA) and concepts (e.g. Cloud computing);
  • information Assurance/survivability;
  • systems engineering on software intensive systems;
  • COTS and GOTS product integration;
  • performance measurement including definition and application of goals, measurements and metrics;
  • system of systems engineering;
  • software integration and test and software/hardware integration;
  • deployment of software intensive systems, especially including transition from legacy systems;
  • cost estimation.

Skills/Abilities:

  • Deep, detailed knowledge of software engineering including detailed knowledge of at least three of the following core competencies: requirements, architecture and design, program and acquisition management, performance improvement, assurance, and/or security
  • Relevant experience within the last 5 years in working on a large software development program 
  • Knowledge of how to apply system engineering principles to system software development
  • Knowledge of the latest commercial software best practices (e.g. design and test methods) 
  • Knowledge and demonstrated proficiency in two of more the following languages/tools/domains: Java, Python, Ruby, Jenkins, Chef, and cloud provisioning
  • Ability and knowledge to apply methods and practices for troubleshooting, recovering, adjusting, modifying, and improving software intensive systems
  • Demonstrated skill in participating in cross-functional teams
  • Demonstrated skill in recommending appropriate technical changes to support software and test development improvements
  • Ability to design, develop, test, analyze, document, and demonstrate advanced prototypes. 
  • Ability and interest to investigate, learn, and apply emerging technologies and techniques.
  • Ability to understand and resolve complex programming problems. 
  • Ability to communicate orally and in writing;
  • Knowledge of defense acquisition/contracting and the ability to work with contractors and customers and other agencies;
  • Confidence and ability to brief senior government leaders and their staffs.

Mobility: Will be required to travel on overnight assignments, occasionally for several days.

Environmental Conditions: Usual office setting, including extended work at a computer screen.

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Master's degree in Computer Science, Information Systems, systems engineering, software engineering, or acquisition management, or equivalent combination of training and experience.

 

Accountability:  The member will be directly accountable for understanding DoD acquisition needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction:  As a technical staff member, he/she will be expected to operate with minimum supervision using Carnegie Mellon University and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions:  Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  Must be able to lead and supervise others.

 

Job Functions or Responsibilities:

85%     Participate as a leader or member of dynamic technical teams in support of government acquisition programs.

10%      Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

5%       Other duties as assigned by the Software Solutions Directorate Director, or Deputy Director.

100% TOTAL EFFORT

 

Organizational Chart:  SEI Director’s Office < Director, Software Solutions Division < Technical Director, Client Technical Solutions Directorate < Sector Lead, CTSD Sector Team

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

20 Jan
2017
Project Administrator II - 2004798
Pittsburgh, PA

Position Summary:  The CERT Division is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Division engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems.

Role:  As a Project Administrator II, the successful candidate will work closely with the PMO Manager, Project Managers, and Technical Leads to plan, establish and effectively manage technical projects to achieve work plan goals and to meet internal and external management and reporting requirements.  You will perform administrative and PM duties in the Confluence wiki, JIRA, Microsoft Project, and other PM tools.  You will support the management and completion of projects, to include tracking deliverables, schedules, cost and major equipment and other purchases. You will oversee all aspects of projects, set deadlines, assign responsibilities, monitor progress, and produce reports for management.

Responsibilities include: 

  • PMO
    • Support PMO initiatives in process improvement
    • Support PMO & PMs in preparing and conducting internal and external project management activities
  • Project Administration
    • Define and control scope
    • Develop WBS, produce and manage schedule
    • Work with Technical Leads to produce resource and schedule estimates
    • Analyze actual cost and performance reports, identify variances, recommend responses
    • Resolve or escalate risks related to cost, quality, and schedule
    • Responsible for reporting progress, status, and issues to CERT and government program managers
    • Assist Project Managers and Technical Managers with the contracting and purchasing processes
    • Ensure contracts and purchases are effectively tracked in the project management process
  • Project Tools Administrator
    • Manage internal project information maintained in Atlassian Confluence & JIRA
    • Support users unfamiliar with tools
    • Perform troubleshooting
    • Perform Time and Task Management
    • Support creation of presentations for project management reviews

 

Minimum Qualifications and Requirement:

Education / Training: Bachelor’s degree in Business, Business Administration, Computer Science, or equivalent combination of training and experience.

Experience: Three (3) to five (5) years of related experience in project management with related experience in government contract management and purchasing.  Entry level candidates with less than three years of experience will be considered if college degree is focused management of information systems, project management, computer science, or accounting.

Skills / Abilities: Basic understanding and application of theoretical knowledge of specific field related to a particular position (i.e., Information Science, Finance, Business Administration, etc.); ability to function competently in a team environment, excellent analytical, organizational, reasoning, and problem solving skills; excellent verbal and written communication skills; computer literacy to include creation and management of financial management documents (spreadsheets) and the ability to maintain accurate and detailed records.

Mobility: Primarily sedentary, long periods of sitting, may have to travel to other campus locations or customer sites, some bending, stretching and lifting up to several reams of paper, etc.

Environmental Conditions: Work is usually performed in an office setting.  There may be close contact with CRT for long periods of time.

Mental: Ability to pay close attention to detail, meet inflexible deadlines, remain calm during difficult situations, work under pressure and work with frequent interruptions.

Other Week-end and evening hours may be required.  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements

Education / Training: Master’s degree or equivalent combination of training and experience.

Experience: Experience in administering and supporting projects in related areas such as IT security management, product development, deployment engineering, consulting or research.  Supervisory skills.

 

Accountability: Expected to determine own priorities based upon directorate and project strategy to meet performance objectives and established goals.  Actively participates on project teams and may be asked to plan, organize and execute special events for projects or for the directorate.

Direction: Performs under general supervision, supervisor only checks end results of work.  All normal duties and responsibilities are handled independently with the use of established procedures and policies.  Only the most difficult or unique situations are referred to the supervisor.

Decisions: Candidate sets own priorities and makes appropriate decisions for successful project execution within established guidelines, policies, financial regulations and leadership goals.

Supervisory Responsibilities: Depending upon directorate growth, the candidate may supervise other staff, including participation in the hiring process, and training of new staff employees.

 

Job Functions or Responsibilities:

80%     Project Development, Tracking and Execution Support

  • Project development administration
  • Establishing and maintaining project files
  • Project wiki and other tool administration
  • Collection, maintenance and reporting of directorate financial information
  • Customer deliverable tracking and reporting
  • CERT liaison to SEI Financial and Business Services (FABS)
  • Risk and Knowledge Management activities
  • Special event planning, coordination and management

20%     Technical Coordination

  • Responsible for the data collection and coordination of input for reports and internal reviews 
  • Gather, organize and produce statistical and information reports as requested by senior technical staff
  • Research and update operational statistical web sites

100% Total Effort

 

Organizational Chart: CERT Director< CERT Associate Director < CERT PMO Manager < CERT Project Manager < Project Administrator II

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

 

20 Jan
2017
Senior Accountant (CERT) - 2004800
Pittsburgh, PA

Position Summary: This position reports to the CERT Financial Analyst (FA) and is responsible for providing financial and administrative support in the financial management of these programs with annual funding of ~$90M. The duties include: prepare budgets and financial planning; develop, formulate, and maintain financial summary, trends and variance reports; collect, organize, and in-load budget data; perform budget and forecast analysis; handle monthly account reconciliation; determine accounting errors and process and track payroll redistributions and journal entries; review purchase and travel requests to ensure that sufficient funds are available; assist in the development and improvement of financial reporting processes; support collection, interpretation, and production of Program monthly Funding Model Charts, and assist with Quarterly Financial Reviews and Internal Reviews.

 

Minimum Qualifications and Requirements:

Education/Training: The qualified candidate must have:

  • Bachelor’s degree
  • Familiarity with databases (i.e. Oracle or Hyperion), word processing packages (i.e. Microsoft Word), and spreadsheets (i.e. Microsoft Excel)

Experience: The qualified candidate must have a minimum of two to four (2 to 4) years of accounting or financial analysis experience working in a budget or financial planning office (preferably in a fast-paced technical environment that includes interactions with internal and external customers) and working knowledge of financial reporting methods, budgets, and financial practices and procedures. The candidate should also have a skilled, in-depth usage of spreadsheets (Excel), databases and word processing packages.

Skills/Abilities: The qualified candidate must have strong analytical, reasoning and problem solving abilities; be able to maintain and understand complex spreadsheets and accept responsibilities for accuracy; have the ability to pay close attention to detail while meeting tight deadlines; be a self-starter and work independently to prioritize responsibilities to meet the goals and objectives of the financial services team as well as provide information to help Program staff meet their goals. Additionally, the candidate must have strong verbal and written communication skills for presenting and discussing reports with staff of all levels.

The qualified candidate must be able to:

  • Work closely with all levels of personnel including senior management inside and outside of the SEI
  • Enhance communication flow regarding financial matters throughout the institute
  • Demonstrate excellent verbal and written communication skills, as well as efficient organizational skills
  • Work independently and on teams
  • Perform complex mathematic and accounting processes
  • Willingly take on new tasks and assume responsibility
  • Streamline processes and suggest ways to make the job more efficient The qualified candidate must also be skilled in:
  • Maintaining interpersonal relationships and communication
  • Having strong organizational, analytical, reasoning, and problem solving skills
  • Prioritizing work and handling multiple tasks simultaneously
  • Use of databases, spreadsheets (i.e Microsoft Excel) , and word processing packages

Physical Mobility: The candidate must be able to work in a normal sedentary position with some mobility (e.g. accessing internal SEI offices).

Environmental Conditions: The candidate must be able to work in a normal office setting in close contact with a  computer screen.

Mental: The qualified candidate must have the ability to meet deadlines, handle confidential data, deal with multiple projects, remain calm when dealing with difficult individuals or situations, and work under pressure with frequent interruptions, while maintaining the ability to focus on detail and produce high-quality accurate information.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance. The candidate must be able to work outside of normal business hours due to workload fluctuation.

 

Preferred Qualifications and Requirements:

Education/Training: The preferred candidate will have:

  • Master’s degree or combination of training and experience
  • Expertise with databases (Oracle, Hyperion), word processing packages, and spreadsheets (i.e. Microsoft Excel)
  • Working knowledge of SEI financial reporting methods, budgeting, and financial practices and procedures
  • Familiarity with CMU financial accounting policies and procedures

Experience: The preferred candidate should have experience and understanding of Carnegie Mellon and SEI financial policies and practices.

Skills/Abilities: Oracle and/or Hyperion planning tools.

 

Accountability:  This position is responsible for assisting the CERT Financial Analyst as well as the Program Managers in the preparation of managerial and financial reports and making recommendations and offering solutions that support departmental/business objectives. This position will work with all levels of personnel to assist with budgeting and financial planning within schedules set by the Financial and Business Services Director. This position is responsible for developing, formulating, and maintaining accurate financial spreadsheets and charts and meeting time schedules in the preparation and distribution of monthly financial reports.

Direction: This position is directly responsible to the CERT Financial Analyst, and is expected to act with limited general supervision with all levels of SEI personnel, up to and including the Director’s Office. Must be adept at interpersonal communications, and must be able to prepare and present material for formal, informal, and informational purposes. Most work is completed independently with minimal supervision; this position is a point of contact for Program with staff of all levels, assisting with developing specialized analyses in response to business needs.

Decisions: This position works directly with Members of the Technical Staff, Team Leaders, Account managers, Program Managers, Directors, Financial Analysts and others to gather customer needs and requirements and develop reports to fill those needs. This position assists in the preparation of special projects, reports, analyses, and provides recommendations and offers solutions that support departmental/business objectives and improve overall performance.

This position is responsible for monthly and quarterly accounting reconciliation by independently identifying and correcting accounting errors such as payroll redistributions and journal entries and determines which accounts and Oracle Grants Management charging strings should be charged. This position will review and approve travel and purchase order requests for sufficient funding and correct Oracle Grants Management charge string.

Supervisory Responsibilities: This position does not directly oversee others.

 

Job Functions or Responsibilities:

30%     Monthly Financial Analysis & Reporting: Complete monthly and quarterly processes of the Programs financial closing, working closely with FA each month to prioritize and divide responsibilities; prepare financial reports, summaries, trends and variance reports for internal and external distribution to Financial Services, Programs, and Campus. Liaise with Program staff to provide specialized analysis and answer inquiries, with minimal supervision. Make recommendations to FA and Program staff on courses of action. Provide assistance to FA in conducting and documenting moderate to complex financial analysis projects. Answer complex questions concerning accounting systems policies and procedures.

20%     Account and Expense Management: Work with minimal supervision to find and correct accounting errors and determine which accounts and projects, tasks and awards should be charged. Complete, process, and track payroll redistributions and journal entries. Monitor charge strings related to customer work, lead the process to close these strings and take surplus when work is complete. Make recommendations on which charge strings should be opened, closed, or combined.

15%     Budget Management: Gather, review and verify budget information and in-load the data into the SEI’s planning  system; perform budget and forecast analysis; and run and verify Hyperion (budget/forecasting system) reports. Liaise with Program staff of all levels to determine customer needs and requirements related to the budget process; develop reports using data from multiple sources to fill Program requirements.

Assist in annual budget process for Programs, providing reports on historical budget data and making recommendations for the future year.

10%     Funding Model Charts: Assist in the collection, interpretation, and production of the monthly Funding Model Charts.

10%     Process Improvement: Assist with the development and improvement of financial reporting processes and the Monthly and Quarterly Reviews process. Assist EBS group with testing and improving the systems capabilities to make the Financial Services group more efficient.

10%     Expense Approvals: Reviews Oracle Grants Management accounts for sufficient funding for purchase and travel requests. Makes recommendations and offers solutions to Programs on appropriate charge strings to use.

5%       Other duties as required

100%      Total Effort  

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

11 Jan
2017
Project Manager - 2004715
Pittsburgh, PA

Position Summary:  The CERT Division is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Division engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems. 

A CERT Project Manager is a member of the CERT Delivery Management team that guides the development and execution of technical projects throughout the lifecycle.  The successful candidate will work closely with PMO Manager to plan and establish organizational project management processes to achieve needs of different departments.  The candidate will: develop project management processes and create improvement plans to meet business and project needs, perform administrative and PM duties, and be responsible for the management and completion of projects.  Activities will include oversight of all aspects of projects, setting deadlines, assigning responsibilities, monitoring progress, and producing reports for management.

Responsibilities:

  • Process Development & Continuous Improvement
    • Develop a systematic management approach for projects in alignment with the organization’s strategic business goals
    • Improve consistency in project management across the organization to promote collaboration and mobility
    • Increase collaboration, ease administration, and align with customer needs
    • Use feedback, direct experience, and new opportunities to improve and expand the capabilities of the project management office
  • Project Management
    • Lead team in creating and estimating a product backlog
    • Develop WBS, prioritize tasks, and setup sprints
    • Understand and communicate cost and schedule constraints to team
    • Work with teams to produce cost estimates, schedules, and financial reporting artifacts
    • Assist in managing the activities of non-organic employees and subcontractors who serve on the project team to ensure completion and acceptance of deliverables
    • Inform and capture resource allocation decisions for competing priorities across the organization.
    • Assemble project plans and, in conjunction with the technical lead, direct and monitor the work
    • Resolve or escalate risks related to cost, quality, and schedule
    • Responsible for reporting progress, status, and issues to CERT management and government program managers.
  • Project Tools Administrator
    • Use Atlassian tool suite, specifically Confluence and JIRA for managing project information
    • Develop Kanban boards, Sprint Reports, Epic Reports, and Velocity Charts
    • Create Business Intelligence Reports (SQL)

 

Qualifications and Requirements:

Education/Training:   MBA or MS in Computer Science, Software Engineering, Information Systems or related field or combination of training and experience.

Certifications (preferred): PMI certification, Certified Scrum Master, PMI-ACP, Certified Scrum Professional, CISM, CISSP, or equivalent.

Experience:  Designing, developing, or implementing information technology projects for government clients; exceptional interpersonal and technical writing skills; developing organizational project management processes and tools infrastructure. Candidate should have five to seven (5-7) years of project management experience with customer-focused technology projects such as product or service development, research and development or technical transition.

Skills/Abilities:   Working knowledge of Confluence and JIRA; analytical and technical problem-solving skills; possess strong customer service skills; motivated to tackle challenging problems; excellent organizational skills; communicate effectively within a team environment.

Physical Mobility: Primarily sedentary, long periods of sitting; ability to travel to various locations within the SEI and Carnegie Mellon community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions:  Normal office conditions, close contact with computer for prolonged periods of time.

Mental: Ability to work under pressure and changing priorities; pay attention to detail; meet inflexible deadlines; deal with difficult individuals while maintaining composure.

Other:   Applicants must be willing to travel to the offices in Pittsburgh, PA; Arlington, VA; and customer sites in the Washington D.C. / Northern Virginia metro area. Candidate will be required to travel on overnight assignments. Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Accountability: The Individual is accountable for: accurately capturing project requirements and managing projects through the lifecycle; working closely with technical project leads and CERT/SEI financial managers to ensure projects are accurately represented, managed and controlled.

Direction:  Performs under minimal supervision, independent judgment is encouraged.  Most normal duties and responsibilities are handled independently with the use of established procedures and policies.  Difficult or unique situations are referred to the supervisor.

Decisions:  Accurately represents the program and individual projects in interactions with internal branches, customers and sponsors.  The individual is expected to participate in the decision-making and problem-solving processes surrounding building accurate project plans, understanding the SEI financial system and making CERT decisions regarding effort allocations, sub-contract negotiations and purchasing.

Supervisory Responsibilities:  This position may include supervision of one of more Project Administrators.

 

Job Functions and Responsibilities:

40%     Project Manager, Scrum Master, Agile Facilitator

20%     Process development and continuous improvement

20%     Financial & Customer Management

10%     Contributing to and participating in business development, CERT management, and sponsor meetings.

10%     Develop knowledge and understanding of SEI capabilities; learning how SEI capabilities can be applied to customer problems.

100%      TOTAL EFFORT

 

Organizational Chart:  CERT Director < Associate Director < PMO Manager

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

11 Jan
2017
SFS - Internship
Pittsburgh, PA or Arlington, VA

We are seeking interns to help support our mission: to lead and advance software and cybersecurity to solve the nation’s toughest problems.

We have internships across a wide range of technical areas, including:

-vulnerability assessment
-malware analysis

-penetration testing
-machine learning
-DevOps
-software research / software prototyping
-secure coding

Requirements:

Candidates must be a current SFS student enrolled in Computer Science, Computer Engineering, or related discipline. BS, MS and PhD level students are encouraged to apply.

11 Jan
2017
Senior Software Assurance Engineer - 2002744
REMOTE - Bedford, MA

Position Summary: The CERT program of the Software Engineering Institute is looking to fill a leadership position improving the cyber security of acquisitions in the Air Force. This high visibility, high impact position will be responsible for helping senior leaders of Air Force programs improve the cyber resiliency of software intensive systems throughout the acquisition lifecycle, from requirements to development to deployment and sustainment.

This Senior Member of the Cyber Security Foundations directorate will be responsible for leading cross functional teams that enable the organizations within the Air Force to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems. Key activities include understanding customer requirements and key challenge problems and addressing them with tailored solutions; applying, adapting, integrating, verifying and transitioning applicable research and practices to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software security state of the practice; and maintaining situational awareness in technical and DoD domains. The candidate will coordinate closely with technical staff in CERT and other SEI programs to deliver cyber security technical expertise to customers throughout the life-cycle.

 

Minimum Qualifications and Requirements:

Education/Training: BS or equivalent degree in relevant discipline with ten (10) years applicable experience; MS or equivalent degree in relevant discipline with eight (8) years applicable experience; PhD or equivalent degree in relevant discipline with five (5) years applicable experience, or equivalent combination of training and experience.

Experience: The candidate must have experience in software engineering, development or management, and/or systems engineering. Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD acquisition processes and relevant cyber security processes, such as the Risk Management Framework (RMF). The candidate should have experience building, leading, managing and participating on cross-functional, high technology teams, should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors.

Skills/Abilities: Detailed knowledge of cyber security and mission assurance in the acquisition process; detailed knowledge of at least one core competency: requirements, architecture and design, program and acquisition management, performance improvement, or assurance.  Experience in five or more of the following: DoD software systems acquisition on major programs (For the purposes of this announcement, our definition of major is at least 100K SLOC of custom developed code, and/or significant integration of COTS/GOTS products); solid technical breadth and understanding of all aspects of the end-to-end software lifecycle (e.g., requirements, design, implementation, testing, etc.); alternative life cycles (e.g. waterfall, agile); major DoD software acquisition policies and directives; enterprise architecture ; software architecture development and evaluation, software architecture patterns (e.g. SOA) and concepts (e.g. Cloud computing); information Assurance/survivability; systems engineering on software intensive systems; COTS product integration; performance measurement including definition and application of goals, measurements and metric; system of systems engineering; requirements development and management; software integration and test and software/hardware integration; deployment of software intensive systems, especially including transition from legacy systems; cost estimation.

Strong written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization.  Proven program and project management skills including: interfacing with clients, developing proposals, and establishing relationships with new DoD and/or government clients and programmatic and project management skills (e.g., ability to develop project plans, track deliverables, manage risks, perform staff planning, provide budget oversight).  Ability to lead and participate in multidisciplinary teams.

Mobility: Will be required to travel on overnight assignments.

Environmental Conditions: Usual office setting, close contact with computer for prolonged periods of time.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Master's degree in Computer Science, Information Systems, Systems Engineering, Software Engineering, or Acquisition Management.

Licenses: Certified DoD Acquisition Professional. Certified PMP.

 

Accountability:  The member will be directly accountable for understanding DoD acquisition and cyber security needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction:  As a technical staff member, he/she will be expected to operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions:  Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  Must be able to lead and supervise others.

 

Job Functions or Responsibility:

65%  Participate as a leader or member of technical teams in support of government acquisition program offices or participate as a member of a technical team performing research. Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

20%  Work with managers, business developers, current customers, and prospective customers to identify and define value-delivering opportunities and capture work.

10%  Other duties as assigned by management.

5%  Serve in an advisory capacity to other SEI technical programs on acquisition or technical issues.

100% TOTAL EFFORT

 

Organizational Chart:  SEI Director’s Office < Director, CERT < Technical Director, Cyber Security Foundations < Technical Manager

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran.

11 Jan
2017
Senior Software Security Engineer - 2004716
Pittsburgh, PA

Position Summary: The Secure Coding Team, of the world renowned CERT division of the Software Engineering Institute, is a pioneer of the identification and development of secure coding and secure software development practices.  We are looking for exceptional candidates to help us continue our legacy of ground-breaking improvements for securing software during development.  Software has never been more important to our lives and our national security, nor has software insecurity ever been a greater risk.

Joining the Secure Coding team, you will work with world-class cyber security experts to help software developers and software development organizations reduce vulnerabilities resulting from coding errors before they are deployed. We identify common programming errors that lead to software vulnerabilities, establish standard secure coding standards, develop tools to evaluate and improve software, educate software developers, and advance the state of the practice in secure coding that leads to secure software systems.

The successful candidate will lead and participate in research and engineering projects that identify and implement best practices for organizations to develop secure software systems.  This will include developing and applying guidelines for writing secure code in C, C++, Java, and other popular languages.  It also includes developing and using tools to verify that software is developed securely.  The candidate will work directly with customers to: develop and provide training in secure coding practices; evaluate, extend, and use tools to improve and automate source code analysis; review and improve code bases to ensure that best practices are being followed; and enhance the customers’ organizational capabilities to produce secure software systems. The candidate will be expected to write reports and deliver presentations that explain the findings of research and software evaluations, helping customers improve their software to meet the security and privacy needs of their users.

 

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science, Software Engineering, Information Science, or Information Systems Management with ten (10) years applicable experience.

Skills/Abilities: Successful candidates will have the ability to:

  • Develop and analyze source code in common programming languages such as C, C#, C++, Java, and Python, with a focus on secure coding principles and practices
  • Use static and dynamic analysis tools to evaluate software to find and remove vulnerabilities
  • Build and configure various software build enviornments, and build custom tools to integrate and automate the use of software building and analysis tools
  • Develop and implement novel and advanced software analysis techniques
  • Develop and modify compilers and interpreters, understanding the underlying computer and compiler architectures, algorithms, performance trade-offs, and impact of optimization techniques on security issues
  • Lead projects in a team environment with other team members with varying skills, experience and locations
  • Plan and organize the evaluation approach for projects, including the collection and analysis of data from multiple sources, generate defensible results, and represent them in reporting products and interactions with customers, sponsors, and the public
  • Recognize and deal appropriately with confidential and sensitive information such as source code and software weaknesses and vulnerabilities
  • Develop and explain technical decisions and recommendations effectively with technical and non-technical audiences through verbal and written communications that lead to actionable and measurable improvements
  • Work meticulously with careful attention to detail required to identify defects and weaknesses in large software systems, and to identify development process improvement opportunities.
  • Be self-motivated and capable of self-learning to maintain a working knowledge of the ever-changing software development landscape.

Mobility: Primarily sedentary, long periods of sitting; ability to travel to various locations within the SEI and Carnegie Mellon community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions:  Normal office conditions, close contact with computer for prolonged periods of time.

Mental: Ability to work under pressure and changing priorities; pay attention to detail; meet inflexible deadlines; deal with challenges while maintaining composure; work with sensitive information.       

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science, Software Engineering, Information Science, or Information Systems Management with eight (8) years applicable experience; or PhD in those disciplines with five (5) years applicable experience.

Skills/Abilities:

  • Work with DoD and other US Government software-intensive systems programs and software maintenance groups, understanding their unique needs, proposing and closing work to meet their needs, and lead projects to develop solutions that address their secure software development and acquisition needs.
  • Representing DoD and US Government program constituency and perspective based on experience to other team members to aid in developing relevant research and development proposals and solutions.
  • Transitioning knowledge, tools, and other work products from research projects to DoD and other US Government partners.
  • Develop approaches to address software assurance in the risk management framework context.
  • Develop and analyze software for specific platforms, such as mobile platforms and embedded systems.
  • Evaluate software assurance using a range of methods, such as dynamic and binary analysis, model checking, assertions, and semantic formalizations.

 

Accountability: Contributes to program objectives and plans development.

Direction: Performs under minimal supervision, independent judgment is encouraged.  Most normal duties and responsibilities are handled independently with the use of established procedures and policies.  Difficult or unique situations are referred to the supervisor. Ability to work directly on-site at a customer location with minimal direct supervision from direct supervisor.

Decisions: Participate in conferences and workshops where security-related issues are discussed as required.

 

Job Functions or Responsibilities:

40%     Lead and directly support customer work in secure coding, verification and validation techniques, and technical training.  Tailor our current offerings to provide value to customers by evaluating their software, software development, and software acquisition/procurement practices, and providing improvement recommendations.  Communicate the findings of such evaluations through reports and presentations. Build new tools and capabilities that improve our ability to meet customer needs.

30%     Contribute to internally funded research projects, developing experimentation environments, evaluating secure software development practices, and communicating results internally and externally in reports and presentations.

15%     Codify knowledge that has been gained through customer and research projects to expand and update knowledge transfer materials, such as Secure Coding guidelines, training materials, and tools.

15%     Develop knowledge and understanding of SEI capabilities; influence new SEI capabilities to be more applicable to customer problems; work directly with other SEI staff supporting the community with disciplines related to secure coding and secure development, sometimes in leadership role.

100%      TOTAL EFFORT

 

Organizational Chart: CERT Director < CERT/CSF Technical Director < CERT/Secure Coding Technical Manager < Senior Software Security Engineer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

11 Jan
2017
Software Engineer - 2004714
Pittsburgh, PA

Position Summary: The Client Technical Solutions Directorate at the Software Engineering Institute (SEI), part of Carnegie Mellon University, is searching for a Software Engineer to fill a position focused on developing advanced prototypes applying image processing, computer vision, virtual machine technology, wireless networking, and other technologies for operation in environments that require rapid analysis and decision making.  AMS conducts applied research, prototypes advanced software systems and concepts, and matures and transitions technologies to the U.S. Department of Defense and other government organizations. The ideal candidate will enjoy working with world-renowned researchers and engineers at the SEI and Carnegie Mellon University, which is consistently ranked among the finest universities in the areas of computer science and engineering.  The candidate should have a strong computer science and/or engineering background, and experience in developing computer software systems.

 

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s Degree in Computer Science, Computer Engineering, Software Engineering, Electrical Engineering or a related technical discipline, with demonstrated excellence in coursework and development activities

Experience:  Three (3) years of substantial software development experience.  Strong academic experience acceptable.

Skills/Abilities:

  • Expertise in one or more of the following: image processing, machine learning, virtual machine technology, wireless networks, cloud services or mobile computing.
  • Ability to design, develop, test, analyze, document, and demonstrate advanced prototypes.  Ability and interest to investigate, learn, and apply emerging technologies and techniques. Ability to understand and resolve complex programming problems. 
  • 2+ years direct experience in one or more of the previously stated areas of interest, preferably with experience in meeting tight performance constraints.
  • Proficient in C/C++, Java, Python, or similar languages.
  • Experience with fusion of data from multiple sources a plus.

Mobility: The ability and willingness to travel is required.

Environmental Conditions: usual office setting with extended use of a computer screeen.

Mental: The ability to:

  • Work meticulously with careful attention to detail;
  • Meet deadlines while working on multiple tasks -- sometimes under pressure and with shifting priorities;
  • Work collaboratively, professionally, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort;
  • Independently and quickly identify and learn new procedures, techniques, and technologies for application to advanced prototypes.                                                                                  

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Master’s Degree in Computer Science, Engineering or a related technical discipline.

Experience: One year of professional development experience with mapping applications, heads-up displays, virtual reality, application of machine learning, virtual machine technologies, wireless networks. Operational, intelligence, or cyber military experience a big plus.

 

Accountability: This position is accountable for work content, quality, and schedule.

Direction: This position operates within broad guidelines from the Initiative Lead and is expected to exercise reasonable discretion on technical solutions.

Decisions: Technical decisions to support specific research or customer needs. Software design choices and tradeoff decisions among technical alternatives.

Supervisory Responsibilities: May lead activities related to a customer task or lead peers to accomplish specific technical tasks or supervise students on a research project.

 

Job Functions or Responsibilities:

55%     Design, develop, test, analyze, document, demonstrate, and deliver high-quality software.

30%     Architect prototype systems

10%     Participate on teams for customer software development specific efforts.

5%       Participate in planning, review, and reporting activities.

100% Total Effort

 

Organizational Chart:  Software Solutions Division (SSD) < Client Technical Solutions Technical Directorate < Software Developer.

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

11 Jan
2017
Software Security Analyst - 2004717
Pittsburgh, PA

Position Summary: The Secure Coding Team, of the world renowned CERT division of the Software Engineering Institute, is a pioneer of the identification and development of secure coding and secure software development practices.  We are looking for exceptional candidates to help us continue our leadership of ground-breaking improvements for securing software during development.  Software has never been more important to our lives and our national security, nor has software insecurity ever been a greater risk.

Joining the Secure Coding team, you will work with world-class cyber security experts to help software developers and software development organizations reduce vulnerabilities resulting from coding errors before they are deployed. We identify common programming errors that lead to software vulnerabilities, establish standard secure coding standards, develop tools to evaluate and improve software, educate software developers, and advance the state of the practice in secure coding that leads to secure software systems.

The successful candidate will participate in research and engineering projects that identify and implement best practices for organizations to develop secure software systems.  This will include developing and applying guidelines for writing secure code in C, C++, Java, and other popular languages.  It also includes developing and using tools to verify that software is developed securely.  The candidate will work directly with customers to: develop and provide training in secure coding practices; evaluate, extend, and use tools to improve and automate source code analysis; review and improve code bases to ensure that best practices are being followed; and enhance the customers’ organizational capabilities to produce secure software systems. The candidate will be expected to write reports and deliver presentations that explain the findings of research and software evaluations, helping customers improve their software to meet the security and privacy needs of their users.

 

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science, Software Engineering, Information Science, or Information Systems Management with three (3) years applicable experience.     

Skills/Abilities: Successful candidates will have the ability to:

  • Develop and analyze source code in common programming languages such as C, C#, C++, Java, and Python, with a focus on secure coding principles and practices
  • Use static and dynamic analysis tools to evaluate software to find and remove vulnerabilities
  • Build and configure various software build environments, and build custom tools to integrate and automate the use of software building and analysis tools
  • Analyze data from multiple sources, generate defensible results, and represent them in reporting products and interactions with customers, sponsors, and the public
  • Contribute in a team environment with other team members with varying skills, experience and locations
  • Recognize and deal appropriately with confidential and sensitive information such as source code and software weaknesses and vulnerabilities
  • Develop and explain technical decisions and recommendations effectively with technical and non-technical audiences through verbal and written communications that lead to actionable and measurable improvements
  • Work meticulously with careful attention to detail required to identify defects and weaknesses in large software systems, and to identify development process improvement opportunities.
  • Be self-motivated and capable of self-learning to maintain a working knowledge of the ever-changing software development landscape.      

Mobility: Primarily sedentary, long periods of sitting; ability to travel to various locations within the SEI and Carnegie Mellon community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions:  Normal office conditions, close contact with computer for prolonged periods of time.

Mental: Ability to work under pressure and changing priorities; pay attention to detail; meet inflexible deadlines; deal with challenges while maintaining composure; work with sensitive information.       

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science, Software Engineering, Information Science, Information Systems Management with one (1) year applicable experience.

Skills/Abilities: Develop and analyze software for specific platforms, such as mobile platforms and embedded systems.

 

Accountability: Contributes to program objectives and plans development.

Direction: Performs under minimal supervision, independent judgment is encouraged.  Most normal duties and responsibilities are handled independently with the use of established procedures and policies.  Difficult or unique situations are referred to the supervisor. Ability to work directly on-site at a customer location with minimal direct supervision from direct supervisor.

Decisions: Participate in conferences and workshops where security-related issues are discussed as required.

 

Job Functions or Responsibilities:

40%     Directly support customer work in secure coding, verification and validation techniques, and technical training.  Tailor our current offerings to provide value to customers by evaluating their software, software development, and software acquisition/procurement practices, and providing improvement recommendations.  Communicate the findings of such evaluations through reports and presentations. Build new tools and capabilities that improve our ability to meet customer needs.

30%     Contribute to internally funded research projects, developing experimentation environments, evaluating secure software development practices, and communicating results internally and externally in reports and presentations.

15%     Codify knowledge that has been gained through customer and research projects to expand and update knowledge transfer materials, such as Secure Coding guidelines, training materials, and tools.

15%     Develop knowledge and understanding of SEI capabilities; learn how SEI capabilities can be applied to customer problems; work directly with SEI staff supporting the community with disciplines related to secure coding and secure development.

100%      TOTAL EFFORT

 

Organizational Chart: CERT Director < CERT/CSF Technical Director < CERT/Secure Coding Technical Manager < Software Security Analyst.

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

09 Jan
2017
Architecture Researcher - 2004691
Pittsburgh, PA or Arlington, VA

Position Summary: The Software Engineering Institute’s Architecture Practices initiative at Carnegie Mellon University seeks to create architecture-centric theories and practices to increase development efficiency and effectiveness on large-scale software and systems engineering projects.  The Architecture Researcher will join the Architecture Practices team to assist in expanding the established research program in order to create and extend architecture-centric theories and practices for the organization in order to produce systems to meet their business and mission goals. The Architecture Researcher will be responsible for:

  • Contributing to ongoing architecture research efforts, building on new research directions, and validating ideas in customer settings;
  • Defining and developing research strategies and projects, leading research teams, such as the customer efforts or transition project teams, and/or conducting planned research projects as necessary;
  • Directing support activities to enable technical work and the activities of work study or graduate students as appropriate;
  • Communicating the results of his/her research, through publication presentations in peer-reviewed venues;
  • Working with collaborators and customers to apply research outcomes to real world systems;
  • Determining and recommending architecture-centric technical solutions for practical system development programs; and
  • Participating in and leading technical activities in community settings (conferences, workshops, and working groups).

 

Minimum Qualifications and Requirements:

Education/Training: BS degree in Software Engineering, Computer Science, Information Systems, or a related field, or equivalent combination of training and experience.

Experience: Must have eight (8) years of experience in architecture research and/or practice architecting systems, which shall include specific experience in:

  • Performing research in architectural modeling, analysis, and generation of safety critical embedded software systems;
  • Performing research in timing analysis and behavioral verification of safety critical systems;
  • Applying architecture-centric research technologies on customer systems in the aerospace domain
  • Publishing at least ten (10) papers in peer-reviewed computer-science venues.
  • Familiarity with avionics standards such as ARINC653, ARINC664, or SAE AS5506 AADL is a plus.

Skills/Abilities: Software development, including Java programming, extending the Eclipse platform (plug-in development). Strong written and verbal communication skills and the ability to present to small and large audiences.

Mobility: Normally sedentary position with some mobility; i.e., able to travel to other campus locations.

Environmental Conditions: Usual office setting, close contact with computer displays for long periods of time.

Mental: Ability to explore and solve complex, ill-defined problems; work meticulously with attention to detail; self-starter willing to take on tasks and develop new research ideas; deal collaboratively, diplomatically, and successfully with customers, co-workers; interact with world-class research community.

Other:  Candidates will be subject to a background check.

 

Preferred Qualifications and Requirements:

Education/Training: MS degree in Software Engineering, Computer Science, Information Systems, or a related field, or equivalent combination of training and experience.

Experience: Five (5) years of experience in architecture research and/or practice architecting systems.

Other:  Candidates who are eligible to obtain and maintain a Department of Defense security clearance.

 

Accountability: Ability to work on research with minimal supervision; meet deadlines while working on multiple tasks;.

Direction: Expected to act with limited supervision in accordance with SEI procedures, policies, such as those involving technical leadership, analysis, report production, and confidentiality. Requires close collaboration and teaming within and across initiatives and directorates.

Decisions: Suggests possible solutions to colleagues and users.

 

Job Functions or Responsibilities:

50%        Research, prototyping, and demonstration of architecture-centric analysis and generation technologies.

30%        Application of architecture-centric technologies in customer settings.

20%        Publication of research results.

100% TOTAL EFFORT


Organizational Chart: SSD Director > AP Initiative Lead > Architecture Researcher

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

09 Jan
2017
Senior Architecture Researcher - 2004690
Pittsburgh, PA or Arlington, VA

Position Summary: The Software Engineering Institute’s Architecture Practices initiative at Carnegie Mellon University seeks to create architecture-centric theories and practices to increase development efficiency and effectiveness on large-scale software and systems engineering projects.  The Architecture Researcher will join the Architecture Practices team to assist in expanding the established research program in order to create and extend architecture-centric theories and practices for the organization in order to produce systems to meet their business and mission goals. The Architecture Researcher will be responsible for:

  • Contributing to ongoing architecture research efforts, building on new research directions, and validating ideas in customer settings;
  • Defining and developing research strategies and projects, leading research teams, such as the customer efforts or transition project teams, and/or conducting planned research projects as necessary;
  • Directing support activities to enable technical work and the activities of work study or graduate students as appropriate;
  • Communicating the results of his/her research, through publication presentations in peer-reviewed venues;
  • Working with collaborators and customers to apply research outcomes to real world systems;
  • Determining and recommending architecture-centric technical solutions for practical system development programs; and
  • Participating in and leading technical activities in community settings (conferences, workshops, and working groups).

 

Minimum Qualifications and Requirements:

Education/Training: Ph.D. degree in Software Engineering, Computer Science, Information Systems, or a related field, or equivalent combination of training and experience.

Experience: Five (5) years of experience in architecture research and/or practice architecting systems, which shall include specific experience in:

  • Performing research in architectural modeling, analysis, and generation of safety critical embedded software systems;
  • Performing research in timing analysis and behavioral verification of safety critical systems;
  • Applying architecture-centric research technologies on customer systems in the aerospace domain
  • Publishing at least ten (10) papers in peer-reviewed computer-science venues.
  • Familiarity with avionics standards such as ARINC653, ARINC664, or SAE AS5506 AADL is a plus.

Skills/Abilities: Software development, including Java programming, extending the Eclipse platform (plug-in development). Strong written and verbal communication skills and the ability to present to small and large audiences.

Mobility: Normally sedentary position with some mobility; i.e., able to travel to other campus locations.

Environmental Conditions: Usual office setting, close contact with computer displays for long periods of time.

Mental: Ability to explore and solve complex, ill-defined problems; work meticulously with attention to

detail; self-starter willing to take on tasks and develop new research ideas; deal collaboratively, diplomatically, and successfully with customers, co-workers; interact with world-class research community.

Other:  Candidates will be subject to a background check.

 

Preferred Qualifications and Requirements:

Other:  Candidates who are eligible to obtain and maintain a Department of Defense security clearance.

 

Accountability: Ability to work on research with minimal supervision; meet deadlines while working on multiple tasks.

Direction: Expected to act with limited supervision in accordance with SEI procedures, policies, such as those involving technical leadership, analysis, report production, and confidentiality. Requires close collaboration and teaming within and across initiatives and directorates.

Decisions: Suggests possible solutions to colleagues and users.

 

Job Functions or Responsibilities:

50%        Research, prototyping, and demonstration of architecture-centric analysis and generation technologies.

30%        Application of architecture-centric technologies in customer settings.

20%        Publication of research results.

100% TOTAL EFFORT


Organizational Chart: SSD Director > AP Initiative Lead > Architecture Researcher

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

09 Jan
2017
Senior Software Engineer - 2004689
Pittsburgh, PA

Position Summary:  We are looking for a senior software engineer to help define and build the next generation of our external web presence. Our primary technology stack is Java/Tomcat using the Liferay DXP framework. We are in the process of rolling several externally facing web properties into a more unified presence that will allow our organization to better serve the government and ecommunity.  

This position participates in the full lifecycle of application development. Key responsibilities include collaborating with stakeholders to understand business processes, designing and implementing systems that meet those requirements, mentoring other team members, and shepherding the system throughout its lifecycle with other IT groups.

Key skills required for this position are primarily Java application development, and Java application frameworks such as Liferay, OSGI, and Hibernate. Also, a working knowledge of frontend web development such as HTML, CSS, JavaScript, and JSP, web service APIs such as REST, data exchange formats such as JSON, XML, and the ability to successfully work in a full-service development environment that uses source control, unit testing, issue tracking, and developer-level collaboration tools.

 

Minimum Qualifications and Requirements:

Education/Training:    Bachelor's degree in information systems or computer science, or equivalent combination of training and experience.

Experience:

  • Five years of Java development experience
  • Three years of web development (e.g., HTML, CSS, JavaScript) experience
  • Three years of experience with web application development, preferably with Java frameworks such as Spring, Struts, Hibernate, etc.
  • Three years of experience coding applications that include an SQL-based database component
  • Three years of experience writing test cases, test scripts, and performing unit, functional, and integration testing
  • Experience with a modern source code control system (Git, SVN, Mercurial) and familiarity with modern code management concepts such as branching and merging.
  • One year of experience with a modern query and/or data interchange formats such as JSON, NoSQL-based technologies, and XML.

Skills/Abilities: Ability to work effectively on a small but dynamic team, prioritizing work on multiple simultaneous efforts with limited daily tasking from a supervisor. Must be able to clearly communicate information to technical and non-technical stakeholders. Must be a self-starter to research and learn new concepts and technologies to solve challenges.

Physical Mobility:  Sedentary in an office setting with some mobility. Daily foot travel between buildings in and around the CMU campus. Infrequent business travel required, usually to the SEI offices in Arlington, VA (approx. 2 times/year).

Environmental Conditions: Ability to use a computer keyboard and computer display for extended periods of time

Mental: Pay close attention to detail, meet inflexible deadlines, balance multiple tasks, remain calm during difficult situations, work under pressure, and work with frequent interruptions. Highly disciplined in terms of time-management and genuine positive attitude with a passion for the work and ability to project same to influence others.

Deal collaboratively, diplomatically, and successfully with partners, co-workers, and other professional colleagues, managers, and staff; develop and communicate innovative ideas; quickly learn new procedures, techniques, and approaches. Strong information organization skills as well as good oral and written communication skills are required.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements: 

Education/Training:    Master’s degree or equivalent in area of expertise

Experience:               

  • Three years of development using the Liferay Platform 
  • Experience developing applications for Liferay DXP
  • Three years of experience with collaboration/tracking tools like JIRA, Confluence, and Stash
  • Three years of experience researching, identifying, evaluating, and recommending technical solutions to solve business problems
  • Experience using application building blocks such as Node.js or AngularJS
  • Shell scripting in Unix/Linux
  • Domain knowledge of enterprise content management and portal-based systems
  • System administration in Unix/Linux
  • Experience with infrastructure provisioning tools such as Puppet
  • Experience with Microsoft SQL databases
  • Experience providing effective technical leadership on impactful projects involving customers / sponsor stakeholders

 

Accountability: Employee is accountable for describing, developing, implementing and/or maintaining, and providing support for enterprise applications and technology solutions supported by the Web Services development team. Employee is accountable for working collaboratively and strengthening relationships with internal customers to develop and implement technical solutions that solve critical enterprise and communication challenges.

Direction: Employee will be expected to work under minimum supervision within the defined scope of authority and in accordance with departmental and university procedures and policies. Difficult or unique situations are referred to the supervisor.

Decisions: Under management direction, the employee will decide the appropriate configuration for production applications and services supported by the Web Services Application Development team. Employee will communicate with team members and other IT groups on how best to allocate and/or acquire resources necessary to implement and evolve external-facing applications. Employee will determine the cause of problems in applications supported by the Web Services Application Development team and take corrective action in a timely fashion when a system/service fails or becomes unavailable. Employee will describe the appropriate procedures to configure and maintain applications supported by the Web Services Application Development team.

Supervisory Responsibilities: Employee may, at the manager or team leader’s discretion, task/supervise other employees in completion of specific tasks. Employee may be required to coach and mentor junior developers and/or direct activities of temporary / staff or contractors. 

 

Job Functions or Responsibilities:

50%     Application Development - Design, develop, test, and implement technical solutions that support the enterprise architecture and knowledge management platform. Collaborate with business teams, architects, and developers to understand high-level requirements and convert them into low-level specifications and system design plans. Design and develop applications in adherence with standards for code, design, performance, quality, security, and corporate policies. Define, conduct, and participate in testing including development walkthroughs. Assist in developing recommendations for future development, releases, and enhancements.

20%     Maintenance and Support – Troubleshoot and resolve problems with vendor products or in-house development applications. Adhere to change management practices and communicate changes and impact to those affected. Share knowledge and information with others and perform customer outreach to increase user adoption and collect feedback. Respond to outages and develop relationships with customers to accelerate user adoption and collect feedback.

30%     Technical Leadership – Take accountability for your own commitments, team deliverables, and overall team success. Recognize and escalate quality, deadline, or deliverables issues/ Provide technical leadership in the adoption and development of software engineering procedures, standards, and methods. Partner with internal teams to improve internal business processes. Participate in knowledge sharing activities with peers to increase knowledge of software development practices.

100% TOTAL EFFORT

 

Organizational Chart: SEI < Chief Information Officer < Web Services Lead < Senior Software Engineer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

15 Dec
2016
Financial Services Analyst - 2004624
Pittsburgh, PA

Position Summary:  Responsible for development, analysis (including appropriateness of any cost transfers), and reporting on organization’s non-payroll expenditures, totally an annual estimate of $39M USD.  Position is responsible for the oversight and reconciliation of the government pricing procedures to comply with the SEI’s new contractual requirements.  This position will be expected to create and maintain detailed and accurate audit files for direct interface with government and/or university auditors. This position will be the primary point of contact in all matters related to the government pricing contractual requirement.

This position will be responsible for the monthly subcontract/consulting Staff-Year-of-Technical Effort (STE) reporting for use in the development of critical SEI cost metrics.  The position will be responsible for identifying discrepancies and investigating causes and recommending corrective actions related to all matters related to subcontract/consulting STE reporting.  In addition, this position will be required to create, maintain, and analyze subcontract information and present findings and recommendations to senior levels of SEI management.

Position will also play an essential and critical role in the development, testing, and implementation of new systems across the entire spectrum of Financial Services.  Input provided will include analysis of needs, input related to system requirements, and detailed testing including the creation of the plans and maintenance of required documentation. Recommendations provided by this position will be critical in appropriate system creation and implementation decisions.

Position will also be expected to contribute to the overall success of internal initiatives designed to increase efficiencies of the Financial & Business Services department.

Position will also be responsible for audit and reconciliation of SEI PCard transactions to ensure compliance with SEI DoD contract requirements and CMU guidelines, as well as monthly oversight of non-payroll redistributions and internal company transfers.

 

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s Degree or equivalent combination of training and experience.

Experience: One (1) to three (3) years of related experience with an emphasis on financial tracking and reporting

Skills/Abilities: Must have strong organizational, analytical, reasoning, interpersonal and problem solving skills; excellent communications skills; ability to interact with campus community and external customers; a willingness to assume responsibility and to exercise good judgment. Must be willing to take on new tasks, accept responsibility for accuracy and implementation of new ideas. Must be computer literate. Must be able to compose written communications, edit correspondence, have excellent verbal skills, maintain accurate and detailed records and have the ability to understand and follow directions. Must have a working knowledge of Excel and Word, as well as the ability to quickly learn and adapt to new systems.

Mobility: Normal office position with some mobility (i.e., travel to other campus locations, may require some bending, stretching, pushing as well as lifting of several reams of paper, etc.)

Environmental Conditions: Usual office setting, close contact with CRT for long periods of time

Mental:  Ability to pay close attention to detail, meet flexible deadlines, remain calm during difficult situations, work under pressure and work with frequent interruptions. Strong problem-solving, analytical and communication skills.

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Bachelor’s degree or equivalent combination of training and experience.

Experience: Experience in an academic setting.

Skills/Abilities: Oracle 11i financial system.

 

Accountability: Expected to act independently, prioritizing own workload. Expected to work directly with both internal and external customers including auditors as this position will be responsible for the government pricing reconciliations. Establishes priorities, then plans and executes own and/or unit work.  Actively participates with other members of the SEI and CMU to develop systems, procedures, guidelines, system specifications, and maintenance of existing systems. Provides training and consulting to individuals at all levels of the SEI.

Direction: Performs under minimal supervision.  All duties and responsibilities are handled independently using established guidelines, policies and previous experiences as precedents with only the most difficult or unique situations being referred to the supervisor. It is expected that as requirements change, the incumbent will recognize the need to review and analyze policies and procedures and take appropriate action by recommending adjustments to management.

Decisions: Expected to make decisions based upon detailed analyses and investigations.  For example, decisions are made based on policies, procedures, guidelines, past precedence, and current practices. Unique situations will be discussed with management and it is expected that solutions and recommendations be provided.

Supervisory Responsibilities: Will supervise/provide guidance to other staff, such as temporary employees and/or work-studies

 

Job Functions or Responsibilities:

35%     Act as the primary point of contact for all matters related to the SEI’s government pricing contractual requirement.  This includes the detailed analysis of the data as well as the presentation of the data to all levels of management.  Duties include presentation of the data, findings and recommendations to senior leadership as well as direct interface with government and/or university auditors.  Responsibility also includes the assignment of other high-visibility projects related to both government pricing and other projects as assigned by all levels of SEI management.

30%     Responsible for audit and reconciliation of SEI pcard transactions to ensure compliance with SEI DoD contract requirements and CMU guidelines, as well as monthly oversight of non-payroll redistributions and inter company transfers

15%     This position will be responsible for the monthly subcontract/consulting STE reporting for use in the development of critical SEI cost metrics.  The position will be responsible for identifying discrepancies and investigating causes and recommending corrective actions related to all matters related to subcontract/consulting STE reporting.  In addition, this position will be required to create, maintain, and analyze subcontract information and report findings to various levels of SEI management.

10%     Position will also play a key role in the development, testing, and implementation of new systems across the Financial Services spectrum.  Input provided will include analysis of needs, input related to system requirements, and detailed testing including the creation of the plans and maintenance of required documentation. Recommendations provided by this position will be critical in appropriate system creation and implementation decisions.

5%       Position will also be expected to contribute to the overall success of internal initiatives designed to increase efficiencies of the Financial & Business Services department.

5%       Other projects as assigned by all levels of SEI management.

100% TOTAL EFFORT

 

Organizational Chart: Director – Financial & Business Services < Manager, SEI Financial Services < Assistant Manager, SEI Financial Services < Financial Specialist, Team Lead < Financial Services Analyst

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

08 Dec
2016
Cyber Security Engineer - 2004578
REMOTE - San Antonio, TX

Position Summary: As a member of CERT's Workforce Development program, the candidate will work with other team members in developing cyber-security training exercises and simulations, primarily for US military/government customers. This involves interacting directly with customers, gathering training requirements and objectives, producing and facilitating creative and engaging exercise scenarios, and building supporting physical and virtualized systems and network topologies. As such, the candidate will work regularly with a wide range of software and hardware technologies within CERT labs. The candidate may also assist in developing and teaching cyber security training content to external customers. The candidate will also be involved software and hardware prototype development.  Additionally, the position requires the candidate to have demonstrated and effective leadership/management abilities as he/she may supervise and evaluate full time direct reports as well as the activities of graduate student assistants. The successful candidate must be self-directed, have an interdisciplinary approach to problem solving, and work well communicating technical information to technical and non-technical users. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner. 

 

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s degree in Computer Science, Information Science, or related discipline with eight (8) years applicable working experience in information technology, Master’s degree in Computer Science, Information Science, or related discipline with five (5) years of applicable working experience in information technology, PhD Computer Science, Information Science, or related discipline with two (2) years of applicable working experience in information technology, or equivalent combination of training or experience.

Experience: Successful candidates must possess "hands-on" experience with Computer/Network Security and I.T. system and network administration. Additionally, he/she must have practical experience with Windows server and desktop platforms and Linux/Unix operating systems. The candidate must have experience in network design and troubleshooting and implementing standard networking protocols. Additionally, demonstrated practical experience working with common commercial and open-source cyber security tools is required. The candidate should have some experience teaching technical content to students, peers, and non-technical individuals and must enjoy doing so.

Skills/Abilities:  Candidate must be able to prioritize workload and complete deliverables on time, have good technical problem-solving skills, strong analytical and information organization skills, excellent oral and written communication skills, and strong technical teaching skills. Candidate must be able to multitask and work effectively with multiple project teams and sponsors/customers. Experience with virtualization technologies, particularly VMWare ESX server is highly desired. Programming experience in C, C++, C#, Python, and Java is also highly desirable.

Physical Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites.

Environmental Conditions: Close contact with computer for long periods of time.

Mental: Ability to pay close attention to detail, meet deadlines, work under pressure, and communicate effectively.

Other:   Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

  

Preferred Qualifications and Requirements:

Education/Training: BS and MS in Computer Science; training in enterprise security tools (i.e. McAfee ePO/HIPS, ArcSight, etc.)

Licenses: CISSP, Network+, Security+ and/or other industry standard certifications.

Experience:  US military service in a series of positions involving information technology, cyber security, and management of large scale government networks.

Skills/Abilities:  Strong presentation/platform skills and excellent writing skills

 

Accountability: The incumbent is accountable for the definition, creation, and maintenance of final deliverables and products and may manage unclassified/classified DoD projects in excess of $3M annually.

Direction: The incumbent is expected to act independently using CMU and SEI defined policies, practices, and procedures.

Decisions: The incumbent must use good judgment to solve customer and personnel problems and is required to envision, design, develop, pilot, and deliver new capabilities, products, and services.  Candidate will also be required to accurately represent SEI/CERT and its technical work in interactions with customers, sponsors, and the public.

Supervisory Responsibilities:The incumbent may have at least 2 direct reports as well as up to 15 secondary reports and will be required to provide performance management, career guidance, and take personnel corrective actions as required.

 

Job Functions or Responsibilities:              

10%     Design and develop technical documents and instructional materials.

10%     Research, evaluate, develop, install/configure hardware and software including promising new technologies that require examination for cyber security research and development.

10%     Deliver technical and management training to customers.

55%     Mentor, guide and interact with team and other staff.

15%     Contribute to transition planning and strategy.

100% TOTAL EFFORT

 

Organizational Chart:  Director, CERT Division < Technical Director, Cyber Security Solutions Directorate < Technical Manager, Cyber Workforce Development Initiative < Cyber Workforce Development Team Lead < Cyber Security Engineer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

08 Dec
2016
Cyber Security Engineer - Risk and Resilience - 2004597
Pittsburgh, PA or Arlington, VA

Position Summary: The CERT Program is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania and Arlington, Virginia. The CERT Program engages in cutting-edge research and development to improve the state of cybersecurity. As an Cyber Security Engineer, you have a strong desire and drive to contribute to team and customer objectives.

You are a team player with problem-solving skills and demonstrate solid presentation and writing skills. You are able to interact with clients and staff in a highly professional and competent manner. You enjoy the flexibility of an organization that values hard work but appreciates work-life balance and professional development. In your role, you will

  • Research and contribute to improvements in National and organizational policy
  • analyze and measure effectiveness of policy and governance
  • contribute to roadmaps for improvement of cybersecurity capabilities
  • assist in implementation of policy and governance
  • participate in applied research

 

Minimum Qualifications and Requirements:

Education/Training:  BS or BA in relevant field or equivalent experience in professional position

Experience: Experience in information security policy, governance, or leadership. Other potential career backgrounds include: audit, IT security, compliance, project management or similar technical occupation.

Experience and familiarity with;

  • cybersecurity concepts and technical implementations
  • cybersecurity standards, policies, and frameworks
  • strategic planning
  • metrics and measurements methodologies

Travel: Up to 25% travel to various customer locations

Physical Mobility:  Primarily sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites

Environmental Conditions:  normal office conditions; however close contact with CRT for prolonged periods.

Mental:

  • ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities
  • ability to collaborate diplomatically and successfully with customers, co-workers and other professional colleagues, managers, and staff.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.
 

Job Functions or Responsibilities:

70%   Participate as a team member in customer engagement to develop, analyze, and implement cybersecurity policy.

15%   Participate in research into innovative and cutting-edge tools, techniques, and methods to improve cyber security, policy/governance, and resilience; transition research into applied knowledge for customers.

5%   Support conferences, workshops, and meetings as a team contributor.

10%   Engage in professional development activities.

100% TOTAL EFFORT
 

Organizational Chart: Director CERT Program < Technical Director, Cybersecurity Risk and Resilience Directorate < Technical Manager, Cybersecurity Risk Management Team< Cyber Security Engineer – Risk and Resilience

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

 

 

08 Dec
2016
Infrastructure Engineer - 2004591
Pittsburgh, PA

What We Do: The SEI Emerging Technology Center helps the government stay on the edge of technology. The world is innovating software and information technologies rapidly, and the Center identifies, demonstrates, and applies emerging software technologies to meet critical mission needs. We promote government awareness and knowledge of emerging technologies and their application, and our work shapes and leverages academic and industrial research.

Position Summary: The SEI Emerging Technology Center matches state-of-the-art software research with critical U.S. Government (USG) needs. We are seeking an Infrastructure Engineer.

The Infrastructure Engineer supports the Center’s mission by serving as a subject matter expert on developing, evaluating, and maintaining high-performance IT systems. These systems support the Center’s efforts to transition and operationalize research concepts of significant value to the USG. The Center works on leading edge technologies and applies them to important and challenging problems. The work environment is dynamic and flexible, with constant opportunities to develop new skills, to learn about new software frameworks and techniques, to work on emerging architectures and systems, and to make a difference.

The Infrastructure Engineer’s duties include taking a hands-on role on teams of Software Developers, Technical Analysts, and Intelligence Analysts to design, build, and maintain enterprise IT systems - this infrastructure supports delivering capabilities to the USG building on state-of-the-art research in analytics, data architectures, software assurance, security, and human information interaction; daily collaboration with the team to understand, plan and implement infrastructure practices and changes; manage and evolve the HHPC cluster; contribute technical knowledge and experience as available to projects including big data, data intensive scalable computing, and high performance computing; defining, implementing, and communicating best practices and standards for staff that access the Center's Hardware; and serves as primary technical liaison to corporate IT.

 

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s degree in Information Technology field or a related quantitative field of study with eight (8) years of applicable experience, Master’s degree in Information Technology field or a related quantitative field of study with five (5) years of applicable experience.

Experience:
• Experience deploying distributed computing frameworks.
• Experience tuning and measuring high performance systems - high-throughput networking, large disk arrays, etc.
• Strong Linux System Administration Experience - RHEL preferred.
• Experience as a network/system administrator for a networked Linux infrastructure in a professional environment required.
• Experience documenting and evaluating enterprise systems.
• Experience working with one or more host management tools (Puppet, Chef, Ansible, etc.).
• Experience with virtualization and containers.
• Experience maintaining and evolving an enterprise or research-oriented computer network.
• Hands on experiences with switches, firewalls routers, network storage, and virtualized environments.
• Experience with high-performance computing technologies a plus.
• Experience developing policies and best practices a plus.
 

Skills/Abilities:

• Ability to deal with software and network systems integration at various levels.
• Working knowledge of distributed filesystems and clustered frameworks.
• Deep understanding of networking and hardware support.
• Strong hands-on knowledge in the configuration, securing, and troubleshooting of network devices, LAN switching technologies, firewalls, VPNs, routing protocols, Linux/UNIX based network services, network storage and monitoring/maintaining all of these to ensure their continued secure operation is required.
• Write scripts in multiple interpreted languages (bash, Python, Perl, Ruby, Go).
• Build software from source, and create packages.
• Excellent written and verbal communication skills.
• Ability to work effectively without close supervision.
• Able to track multiple projects with different requirements in a shared resource environment.
• Able to support a dynamic and changing research environment.
• Able to interface with corporate IT
 

Mobility: Primarily sedentary in an office setting with some mobility. Flexible to travel to various locations within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion. Travel outside of Pittsburgh limited to no more than 5 working days a month.

Environmental Conditions: Normal office conditions; close contact with computer screen for extended periods of time.

Mental: Ability to work meticulously with careful attention to detail; ability to meet deadlines while working on multiple tasks - sometimes under pressure and with shifting priorities; ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort; ability to quickly learn new procedures, techniques, approaches, etc.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.


Direction: The individual is expected to act independently using all applicable defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual is expected to participate in the decision-making and problem-solving processes of designing, implementing, and maintaining the Center’s computing environments.

Supervisory Responsibilities: This position does not formally supervise others. However, the individual may act in a technical leadership (non-supervisory) role concerning specific work products and activities, or concerning student interns, etc.
 

Job Functions or Responsibilities:
60%   Design, implement, and support IT systems to support the Center’s research and development activities – including participating in the broader SEI software research community through collaboration, papers, and presentations.

25%   Interface with the SEI IT community, the CMU campus community, and the broader Computing community to bring best practices into the Center.

15%   System administration and user support for the Center’s computing environments.

100% Total Effort


Organizational Chart: SEI Emerging Technology Center Director < Prototyping Group Lead < Team Lead < Infrastructure Engineer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

08 Dec
2016
Insider Threat Researcher - 2004595
Pittsburgh, PA or Arlington, VA

Position Summary: The goal of the Enterprise Threat and Vulnerability Management (ETVM) team is to assist organizations in improving their security posture and incident response capability by researching technical threat areas; developing information security assessment methods and techniques; and providing information, solutions and training for preventing, detecting, and responding to illicit activity. ETVM team members are domain experts in insider threat and incident response, and team capabilities include threat analysis and modeling; development of security metrics and assessment methodologies; and creation and delivery of training, courses, and workshops.

The selected individual will participate in the examination, analysis, documentation, modeling, and assessment of insider threat and electronic (cyber) and physical crime activity and information security risks to critical infrastructure systems. The selected individual will analyze technical and behavioral issues (potential risk indicators (PRIs) of insiders, and examine privacy concerns regarding organizational practices for identifying and mitigating insider threats.  The individual will work as a member of collaborative project teams in researching and implementing one or more projects composing these studies. This position will involve close work with customers from a variety of organizations, including government agencies and critical infrastructure providers.

 

Minimum Qualifications and Requirements:

Education/Training:  BS in computer science, software engineering, information systems, or a related technical field with eight (8) years’ experience or equivalent; MS in computer science, software engineering, information systems, a related technical field, or an advanced degree in psychology or other field that will assist in insider threat behavioral identification.

Experience:  Experience in research in a field relevant to insider threat (cyber and behavioral) or experience as a system/network administrator, information systems analyst, or behavioral psychologist.

Skills/Abilities:

  • basic knowledge of scientific research and design methodologies
  • broad understanding of network, database and application security issues
  • knowledge of privacy, intellectual property, technology, and legal issues
  • knowledge of insider threat vulnerability assessment criteria
  • ability to apply reasoning and problem-solving skills to conduct analytical studies and investigations
  • understanding of information technology and telecommunications systems
  • strong oral and written communications skills and ability to interact effectively with technical and non-technical audiences, as well as present in front of small and large groups; participate in external customer and sponsor meetings
  • reasoning and problem-solving skills
  • ability to work independently with limited supervision
  • ability to recognize and deal appropriately with confidential and sensitive information
  • participate in conferences and meetings
  • contribute to customer presentations and technology transfer activities
  • strong interest in security analysis R&D
  • ability to create instructional materials and conduct training
  • effective time management skills; and strong problem solving skills

Mobility:  Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites & various critical infrastructure sites.

Environmental Conditions:  Close contact with CRT for extended periods of time.

Mental:

  • ability and interest in addressing security issues in a holistic manner, addressing both organizational and technical policies and practices; as well as behavioral and organizational issues
  • ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities
  • ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

 

Preferred Qualifications and Requirements:

Education/Training:  MS in computer science, software engineering, information systems, or a related technical or behavioral field with at least five (5) years’ experience preferred; Knowledge of intellectual property or technology law. Certified Information Systems Security Professional (CISSP) or similar certification is desired.

Licenses:  

  • Insider Threat Vulnerability Assessor Certificate
  • Insider Threat Program Manager Certificate

Experience: 

  • experience working in or with the DOD, intelligence community, or law enforcement in a classified environment
  • experience in both physical and cyber security; experience in auditing or conducting assessments
  • experience performing insider threat vulnerability assessments
  • experience performing insider threat program evaluations
  • working in a team environment on collaborative projects in critical infrastructure sectors involving network, system or data security
  • experience employing software engineering techniques in designing and developing distributed, secure software, and experience with / knowledge of any of the following: system administration; networking; firewalls, intrusion detection systems, and other security technologies; application development/programming; relational databases
  • experience working with law enforcement and the intelligence community

 Skills/Abilities: 

  • working knowledge of network security/survivability
  • demonstrated ability to prepare papers and presentations for technical and non-technical audiences
  • knowledge of and experience with sound software engineering practices and best practices for information security
  • working knowledge of systems dynamic modeling techniques and modeling applications and tools
  • experience with statistical techniques
  • project management experience
  • leadership and mentoring skills

 

Accountability: The individual will implement and participate in the planning and execution of projects leading to technical results (this may include the detailed examination and analysis of law enforcement or classified case files). The individual will also contribute to project, department, or program objectives and planning document development. The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction: The individual is expected to act independently using CMU, SEI, and CERT’s defined policies, practices, and procedures – within the scope of assigned work, and to adhere to any additional sponsor-specified requirements related to the projects involved..

Decisions: The individual must make sound technical decisions with little supervision. The individual must accurately represent the program in interactions with customers, sponsors, and the public. The individual is expected to perform analysis on-site at critical infrastructure locations and immediately assess potential vulnerabilities requiring further investigation.

Supervisory Responsibilities: This position will involve the training and supervision of graduate students as well as serve in a mentor role for new employees.

 

Job Functions or Responsibilities:

60%     Participate in the examination, analysis, documentation, modeling, and assessment of insider threat and electronic crime activity (in the form of criminal case files, media reports, court transcripts, and other); examine cases and data on secure information technology risks and problem areas and propose mitigation alternatives.

30%     Participate in the development and delivery of security analysis and risk assessment approaches with customers and partners; participate in research, analysis, and documentation of physical/cyber security vulnerabilities at critical infrastructure sites.

10%     Contribute to conferences and meetings; participate in marketing calls on clients; give talks, lectures and workshops as appropriate.

100% TOTAL EFFORT

 

Organizational Chart: CERT Program, Director < Cyber Risk & Resiliency (CRR), Technical Director < Enterprise Threat & Vulnerability Management (ETVM), Technical Manager < Technical Team Lead – Enterprise Threat & Vulnerability Management

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

 

 

08 Dec
2016
Security Solutions Engineer - 2004593
Arlington, VA

Position Summary: The CERT Situational Awareness group researches and develops cutting-edge technical solutions for operational use in high-impact environments.  The CERT Situational Awareness Security Solutions Engineer will:

  • Provide strategic technical support to senior decision makers
  • Lead teams in the development of security architectures
  • Provide systems engineering, systems requirements development, technology evaluation and deployment guidance
  • Participate in technical efforts, including development and prototyping of new analysis techniques, tools, and platforms, preparation of analytic reports, and contributions to research publications
  • Be respected as a subject matter expert by customers, commercial vendors, and the Internet community as a whole
  • Be expected to appreciably advance the state of art of cybersecurity architectures

 

Minimum Qualifications and Requirements:

Education/Training/: Bachelor’s Degree in Computer Science or related scientific/technical field with ten (10) years’ experience in network operations, security operations, or network security research; Master’s Degree in Computer Science or related scientific/technical field with eight (8) years’ experience in network operations, security operations, or network security research; PhD in Computer Science or related discipline with two (2) years’ experience in network operations, security operations, or network security research; or equivalent combination of training and experience.

Professional Experience: Professional experience should include supporting technical decision-making, acquisition and management of large-scale enterprise network security or middleware systems. Experience with full life-cycle management, from costing, design, deployment, operation, maintenance, and retirement for enterprise scale systems is desired.

Skills/Abilities: Ability to function in the role of a consultant, subject matter expert and project manager. Proven ability to research, compare, test and evaluate alternative technical solutions, and communicate results. Planning and organizational skills; strong problem solving skills; excellent oral and written communication skills. Ability to work both independently and with teams. Proven ability to research, compare, test and evaluate alternative technical solutions, and communicate the results. Broad understanding of network, host and application security issues.  Experience in various architecture roles (e.g. solution, system, enterprise) and architectures frameworks (e.g. TOGAF, DoDAF, etc.).  Ability to brief strategic and technical topics to senior management and non-technical audiences. Knowledge of current challenges and threats faced by USG network security and intelligence organizations. Ability to contribute to strategic direction for a technical group. Expertise in enterprise level systems in network security. Experience in enterprise level transaction systems. Experience in enterprise scale storage with a focus on performance.  Familiarity with various Internet protocols (e.g., TCP/IP, HTTP, DNS, SMTP, BGP, TLS).

Physical Mobility: Primarily sedentary in an office setting with some mobility. Flexibility to travel to various locations within the SEI and CMU community, including sponsor sites, conferences, and meetings.

Environmental Conditions: Normal office conditions; close contact with computer display for extended periods of time.

Mental: Ability to work meticulously with careful attention to detail; ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; ability to participate in conversations collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to develop and communicate innovative ideas; ability to take leadership role in technical projects; ability to quickly learn new procedures, techniques, approaches, etc.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Licenses: Practical network security training (e.g. SANS GIAC Level 2 courses, GIAC Certifications, CCNP, CCIE Security, CISSP, CEH, CISM).

Skills/Abilities: Experience with: working with the government, or within a critical infrastructure sector; developing briefing materials for senior leadership within government or industry; deploying or supporting large-scale network security monitoring infrastructures; working with cloud platform delivery and service models; familiarity with distributed computing and/or big data platforms. Prior responsibility in managing a body of work consisting of numerous large scale projects and multiple customers/external sponsors. History of contributions to the broader industry or research community and experience in a variety of network security areas.

 

Accountability: The individual is accountable for: Active participation in the overall Situational Awareness R&D effort; Participating in the production of original publications in network security analysis; Participating in public speaking engagements, including at remote locations.

Direction: The individual is expected to act with minimal direction using CMU, SEI, CERT and Monitoring and Response defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual is expected to participate in the decision-making and problem-solving processes of basic requirements elicitation and validation participation in fundamental research in network security.

Supervisory Responsibilities: This position does not formally supervise others.  However, the individual will act in a technical leadership or project lead role in regard to specific work products and activities both at CMU and at the customer site.

 

Job Functions and Responsibilities:

75% Leads support to the customer program office in the areas of strategy; process/policies; requirements elicitation; design and architecture; operations; outreach; and training.

15% Enable the transition and appropriate focus of NetSA analysis and engineering approaches and tools into operational environments.

10% Design, prototype, and transition tactical analysis studies and tools appropriate for operational use in situational awareness.

100% TOTAL EFFORT

 

Organizational Chart: CERT Director < Monitoring and Response Technical Director < Situational Awareness Technical Manager < Solutions Team Lead < Sr. Security Solutions Engineer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

08 Dec
2016
Senior Cyber Security Engineer – Risk and Resilience - 2004596
Pittsburgh, PA or Arlington, VA

Position Summary: The CERT Program is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania and Arlington, Virginia. The CERT Program engages in cutting-edge research and development to improve the state of cybersecurity. As a Senior Senior Cyber Security Engineer, you have a background in cybersecurity policy and governance.

You are self-directed, have a track record of creating interdisciplinary approaches to problem solving, and demonstrate exceptionally strong presentation and writing skills. You are able to interact with clients and staff of all levels in a highly professional and competent manner. You enjoy the flexibility of an organization that values hard work but appreciates work-life balance and professional development. In your role, you will

  • shape National and organizational policy
  • analyze and measure effectiveness of policy and governance
  • develop roadmaps for improvement of cybersecurity capabilities
  • participate in standards making bodies
  • assist in implementation of policy and governance
  • participate in applied research

 

Minimum Qualifications and Requirements:

Education/Training:  BS or BA in relevant field with ten (10) years of experience; MS in relevant field with eight (8) years of experience

Experience: Eight (8) to ten (10) years of experience in information security policy, governance, or leadership. Other potential career backgrounds include: audit, IT security, compliance, or similar technical occupation.

Experience with and substantial knowledge of;

  • cybersecurity concepts and technical implementations
  • cybersecurity standards, policies, and frameworks
  • strategic planning
  • metrics and measurements methodologies

Travel: Up to 25% travel to various customer locations

Physical Mobility:  Primarily sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites

Environmental Conditions: normal office conditions; however close contact with CRT for prolonged periods

Mental:

  • ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities
  • ability to collaborate diplomatically and successfully with customers, co-workers and other professional colleagues, managers, and staff.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.
 

Job Functions or Responsibilities:

70%   Participate in customer engagement to develop, analyze, and implement cybersecurity policy.

20%   Participate in research into innovative and cutting-edge tools, techniques, and methods to improve cyber security, policy/governance, and resilience; transition research into applied knowledge for customers.

5%   Contribute to conferences and meetings; participate in marketing calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.

5%   Engage in professional development activities.

100% TOTAL EFFORT

 

Organizational Chart: Director CERT Program < Technical Director, Cybersecurity Risk and Resilience Directorate < Technical Manager, Cybersecurity Risk Management Team< Senior Senior Cyber Security Engineer – Risk and Resilience

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

 

06 Dec
2016
Systems Security Engineer - 2004555
Pittsburgh, PA or Arlington, VA

Position Summary: The CERT Program is part of the Software Engineering Institute (SEI), a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. CERT engages in cutting-edge research and development in computer security.  The CERT Security Automation Directorate helps large network operators and security organizations in the USG distill actionable insights from networks through strategic analysis, tool building, and systems development.

As a member of the Deployment Team, the selected candidate will be responsible for maintaining and evolving a network security test bed used for prototyping and systems analysis.  The selected candidate must be capable of administering commodity systems as well as operating specialized networking equipment and hardware.  As required, the candidate will support operational users and developer project teams.

 

Minimum Qualifications and Requirements:

Education/Training:  BS in computer science, software engineering, computer engineering, or a related quantitative field of study with eight (8) years of applicable experience. 

Experience:  Applicable experience in the design, implementation, and operation of commercial and open source applications including experience in:

  • Networking experience including; Cisco, Routers, Juniper firewalls, VPN (AnyConnect/ASA), OSPF (routing protocol)
  • System design including services, messaging, scalability, etc.      
  • Scripting (Python, Ruby, Perl).
  • System administration, monitoring, and automation in Unix/Linux.

Skills/Abilities:

  • Ability to evaluate and compare various solutions to identify benefits and constraints.
  • Excellent written and verbal communication skills.
  • Excellent reasoning and problem-solving skills.
  • Ability to work effectively without close supervision.
  • Ability to collaborate with customers and external parties.

Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel up to 20% to customer sites.

Environmental Conditions: Close contact with computer for extended periods of time.

Mental: Ability to work meticulously with careful attention to detail; ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort; ability to quickly learn new procedures, techniques, approaches, etc.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: MS in computer science, software engineering, computer engineering, or a related quantitative field of study with five (5) years of applicable experience. 

Experience:

  • Knowledge of Security Operations including log/event management and data analysis techniques. ▪          Working in production computing environment using development and operational support tools like JIRA, Bitbucket, and Confluence.
  • Designing and operating environments that include Unix/Linux, Windows, virtualization, and networking hardware.
  • Automating tasks with DevOps methodologies (continuous integration) using Puppet, Ansible, Chef, etc.
  • Experience using traffic generators to support evaluation and testing functions.

 

 

Direction: The individual is expected to act independently using CMU, SEI, and NSS defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual is expected to participate in the decision-making and problem-solving processes of operating, maintaining and implementing a prototype network environment.

Supervisory Responsibilities: This position does not formally supervise others.  However, the individual may act in a technical leadership (non-supervisory) role in regard to specific work products and activities, or in regard to student interns, etc.

 

Job Functions or Responsibilities:

45%     Manage the hardware and software of a prototype network security test-bed to include all appropriate system administration tasks and processes; provision for new requirements and growth.

20%     Prototype solutions for system deployment/management (DevOps) problems.

20 %    Prototype technology and architectures for cyber defense capabilities including data analytics.

10%     Monitor community and marketplace developments for emerging technology and applicability to the cyber defense mission.

Secondary Functions

5%       Contribute to the broader security community.

100% TOTAL EFFORT

 

Organizational Chart: Director, CERT Program < Technical Director < Team Lead < Integration Engineer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran.

05 Dec
2016
Cyber Security Engineer - Insider Threat - 2004551
Pittsburgh, PA or Arlington, VA

Position Summary: The CERT Division is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Division engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems.

The individual in this position will work as a member of the Enterprise Threat and Vulnerability Management (ETVM) team, which focuses on assisting organizations in improving their insider threat mitigation and incident management practices and developing capabilities for preventing, detecting, deterring, and responding to evolving insider threats. ETVM team members are domain experts in insider threat and incident response, and team capabilities include threat analysis and modeling; development of security metrics and assessment and evaluation methodologies; and creation and delivery of controls, training, courses, and workshops.  

The individual in this position will be a part of the Technical Solutions team within ETVM. The Technical Solutions Team is responsible for the creation, development, and management of novel cybersecurity solutions that support customer driven operational and research missions. The Technical Solutions Team interacts with US Government departments and agencies, industry representatives, contractors, academia and others to identify gaps in cybersecurity tools, techniques, and procedures; create prototype capabilities to fill the gaps, and transition the prototype solutions to customers and partner organizations. The team frequently communicates their work to the community by publishing technical reports and white papers, and presenting at conferences, symposia, and other working groups.

 

Minimum Qualifications and Requirements:

Education/Training: BS in computer science, software engineering, information systems, or a related technical field with three (3) years of experience or equivalent, or MS in computer science, software engineering, information systems, or a related technical field with one (1) year of experience or equivalent.

Experience: 

  • professional experience in software engineering or cyber security.
  • experience applying the engineering process to solve complex real-world challenges. 
  • experience using analytical skills and an ability to interpret established standards and guidelines to solve problems.

Skills/Abilities:

  • system administration and network administration skills and familiarity with Windows, UNIX, LINUX operating systems.
  • software development in at least two of the following languages: C, C++, Java, Perl, and Python.
  • knowledge of core Internet protocols (TCP/IP, UDP, ICMP, DNS, FTP, SMTP, HTTP, SNMP, etc.).
  • knowledge of modern version control systems and integrated development environments.
  • understanding of network design and implementation at LAN and WAN levels.
  • broad understanding and application of multi-tiered enterprise client/server architectures, design, implementation and security.
  • software / systems development lifecycle, QA, testing, build process, revision control, and change management practices.
  • proven ability to innovate, develop, implement, and effectively document complex technical systems and approaches.
  • proven ability to integrate multiple technologies, standards and data sources into a consolidated solution.
  • knowledge of common cyber attack methodologies; common types of security vulnerabilities; basic computer security forensics.
  • strong oral and written communications skills (e.g., technical writing, user guide development, requirements analysis) and ability to interact effectively with technical and non-technical audiences, as well as present in front of small and large groups; participate in external customer and sponsor meetings.
  • ability to travel to various locations within the SEI and CMU community, customer sites, and offsite meetings with weekly/monthly frequency to travel on overnight and on-site assignments; ability to work in varied and diverse situations requiring analytical, interpretative, evaluative and constructive thinking;
  • manage workload and priorities on multiple scheduled assessments;
  • able to function independently or in teams depending on the project;
  • work under pressure; deal with stress;
  • deal with challenging individuals while maintaining composure;
  • ability to exercise tact and discretion when handling highly sensitive and confidential issues;
  • maintain confidentiality while working with highly confidential and sensitive matters.
  • handle sensitive data according to project and/or USG data handling procedures.
  • ability to interpret and communicate information about government regulations and university policies.
  • quantitative and qualitative analytical skills.
  • ability to trouble shoot problems proactively and to answer questions and handle issues as they arise.
  • effective time management skills; and strong problem solving skills.

Environmental Conditions:  close contact with computer monitor for extended periods of time.

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training:  MS in Computer Science with one (1) years applicable experience; Current Associate Certified Information System Security Profession (CISSP), IEEE Professional Software Engineering Master Certification, or similar certification is desired.

Experience: 

  • experience with software development and/or system administration in large-scale, distributed computing environments.
  • experience developing materials for senior leadership in government or industry.
  • experience interfacing with the DOD, US federal civilian government, intelligence community, or law enforcement.
  • experience working in a classified environment.

Skills/Abilities: 

  • data mining.
  • machine learning. 
  • text and natural language processing.
  • proven skills working in a team environment on collaborative projects in US government, critical infrastructure sectors involving network, system or data security.

 

Accountability: The individual will be accountable for meeting established deadlines and project milestones. The individual will also be accountable for managing sensitive, and possibly classified, customer information.

Direction: The individual is expected to act in accordance with direct supervision from management and senior staff, as well as follow CMU, SEI, and CERT defined policies, practices, and procedures, and to adhere to any additional sponsor-specified requirements related to the projects involved.

Decisions:The individual must make sound decisions, and demonstrate a commitment to those decisions. The individual must also be able to escalate out-of-scope problems to more experienced team members. The individual must accurately represent the program in interactions with external customers, sponsors, and the public.

Supervisory Responsibilities: The individual may be responsible for managing student interns.

 

Job Functions or Responsibilities:

60%     Develop, deploy, and transition technical solutions for insider threat prevention, detection, and response.

15%     Participate in research into cutting-edge strategies for insider threat data collection and analysis techniques.

10%     Design and develop training materials for insider threat program practitioners.

10%     Contribute to conferences and meetings; participate in marketing calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.

5%       Provide assistance and input to other teams and projects within the SEI.

100% TOTAL EFFORT

 

Organizational Chart: CERT Program, Director < Risk and Resilience Directorate, Technical Director < Enterprise Threat & Vulnerability Management, Technical Manager < Technical Solutions, Technical Team Lead < Associate Cyber Security Engineer.

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran.

05 Dec
2016
UX Designer - 2004550
Pittsburgh, PA

Position Summary: The Software Engineering Institute (SEI), a not-for-profit Federally Funded Research and Development Center (FFRDC) at Carnegie Mellon University, is looking for a UX Designer to create human-centered solutions for SEI staff and its customers, including government agencies and critical infrastructures. The UX Designer will collaborate with teammates and various teams across the organization to develop public and internal web user interfaces, applications, and tools at the intersection of design, technology, cybersecurity, and software engineering. Using research methods, the UX Designer will provide deeper understanding of people, context of use, and usability, and will be responsible for developing well-thought-out and visually compelling deliverables to effectively communicate interactions, ideas and processes. The ideal candidate will be a champion for UX and human-centered design principles, helping to define and build a culture of UX at the SEI.

 

Minimum Qualifications and Requirements:

Education/Training: Bachelors degree in design, UX, HCI, information science, computer science, product development, communication, or related discipline from an accredited college or university.

Experience: Three (3) to five (5) years of experience in a position that requires a combination of design and technology. Experience conducting design research.

Skills/Abilities:

  • Solid knowledge of human-centered design principles, user experience, UI design, and visual design.
  • Expertise in one of the following UX disciplines: content strategy, information architecture, interaction design, human-computer interaction, human factors, usability testing, or user research.
  • Demonstrated ability to research problems and simplify complexity.
  • Organize and structure complex information systems to make them intuitive and accessible.
  • Ability to facilitate strategic, customer-centric conversations.
  • Advocate for the end user, always seeking ways to improve and innovate.
  • Stay up-to-date on best practices, trends and methods pertaining to the field.
  • Strong analytical, planning, organization, and problem-solving skills.
  • Strong presentation and communication skills.
  • Ability to multi-task and work effectively with interdisciplinary project teams (including business and development) as well as sponsors/customers.
  • Proficiency in InDesign, Illustrator, Photoshop, wireframing tools, or equivalent software.
  • Working knowledge of design research tools (e.g., OptimalWorkshop).

Physical/Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as potential travel to stakeholder or customer sites.

Environmental Conditions: Close contact with a computer for long periods of time.

Mental: Desire to analyze complex problems. Possesses critical thinking about design. Able to balance great design with deadlines. Exceptional attention to detail. Thrive in a work environment that requires independent self-direction coupled with an aptitude for team collaboration and open communication.

Other: Portfolio that exhibits thoughtful process, strong design deliverables and excellent visual design. Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Masters degree in design, UX, HCI, information science, computer science, product development, communication, or related discipline from an accredited college or university.

Experience: Five (5) years of experience (or three (3) with a Masters degree) in a position that requires a combination of design and technology. Two (2) years of experience conducting design research.

Skills/Abilities: Understanding of HTML and CSS and its design applications. Understanding of agile software development practices.

 

Accountability: The candidate is accountable for completing any training required by CMU or SEI. The candidate is required to accurately represent SEI and its technical work in interactions with customers, sponsors, and the public.

Direction: The candidate is expected to act independently using CMU and SEI defined policies, practices, and procedures. The candidate is expected to thrive in a work environment that requires independent self-direction coupled with an aptitude for team collaboration and open communication.

Decisions: The candidate is expected to make any decisions required to execute human-centered design process and decisions required to design and develop human-centered design solutions.

 

Job Functions or Responsibilities:

19%     Create and execute effective research plans to provide deeper understanding of people, context of use, desirability and usability.

19%     Analyze and interpret design research findings to identify opportunities, recommend design direction and inform solutions.

19%     Develop documents, wireframes, mockups, models, workfows, and other design artifacts that effectively communicate findings, ideas and solutions.

19%     Present design artifacts in clear and compelling ways.

19%     Work closely with teammates and stakeholders to ensure implementation of design solutions.

5%       Execute operational work as necessary.

100% Total Effort

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

23 Nov
2016
Cyber Security Engineer - Penetration Tester - 2004519
Pittsburgh, PA or Arlington, VA

This position can be located in Pittsburgh, PA or Arlington, VA.

Position Summary:  The CERT Division is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Division engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems.

The individual in this position will work as a member of the Cybersecurity Assurance (CA) Team within the Networked Systems Survivability Program. The CA team develops solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow organizations to assess, analyze, and manage organizational, operational, and technical risks to mission-critical assets, processes, systems, and infrastructures.

 

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science (or other technical field) with eight (8) years’ experience, or equivalent combination of training and experience.

Certifications:  Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), and/or Certified Ethical Hacker (CEH)

Experience: Professional experience as a penetration tester, system or network administrator, information systems auditor, software engineer, information systems analyst, or similarly technical occupation.

Experience with and applied knowledge in:

  • Common penetration testing methodologies and tactics (PTES, OWASP testing guide, etc.)

  • Popular penetration testing toolsets (Metasploit framework, vulnerability scanners, web application scanners, Nmap)

  • Knowledge of common networking protocols and services

  • Basic knowledge of exploit development and application fuzzing

  • Windows and Linux Operating System environments, networking devices, and common database platforms

  • Cyber security, survivability, and resilience concepts and issues

  • Software and systems engineering

  • Building and maintaining customer relationships

  • Data analytics and quantitative measures

  • Strategic Planning and requirements definition

  • Process improvement

  • Program planning, budgeting, and management

Skills/Abilities: Must exhibit the following skills and abilities:

  • Understanding of information technology, penetration testing, and telecommunications systems

  • Working knowledge of network interoperability, cyber security, and survivability issues, including cyber security best practices and standards

  • Working knowledge of DHS critical infrastructure sectors and related security and resilience issues

  • Working knowledge of the DoD and Agency resilience needs and cyber security roadmaps

  • Development and delivery of information and infrastructure security risk and vulnerability evaluations

  • Ability to conduct analytical studies and investigations

  • Reasoning and problem-solving skills

  • Ability to work independently with limited supervision

  • Ability to interact effectively with diverse constituencies internally and externally

  • Ability to work well as a member of a cooperative team; ability to work in a matrix organizational structure

  • Ability to recognize and deal appropriately with confidential and sensitive information

  • Ability to implement project plans, monitor project budgets, and identify and mitigate project risks

  • Leadership and mentoring skills

  • Excellent written and oral communication skills; ability to contribute to technical research white papers and reports; ability to prepare papers and deliver presentations to technical and non-technical audiences; ability to contribute to customer technical exchanges and marketing presentations

  • Ability to work on customer sites with high-ranking members of the Federal Government and US

  • Participation in professional society activities, particularly IEEE and ACM 

Physical/Mobility: Primarily sedentary in an office setting with some mobility. Ability to travel frequently to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings.

Environmental Conditions: Close contact with computer for extended periods of time.

Mental: Strong interest in the human, managerial, and technical aspects of cyber security is critical for this position as are these abilities:

  • Take or share leadership role in technical projects

  • Work meticulously with careful attention to detail

  • Meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities

  • Deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff

  • Ability to understand the direction, and goals of an effort; ability to develop and communicate innovative ideas; ability to demonstrate initiative and to quickly learn new procedures, techniques, approaches, etc.

Other: Must be able to work independently and travel as needed; this position requires frequent solo travel by car to customer sites in remote areas. Strong interest in cyber security and critical infrastructure protection analysis basis research, applied research, and development.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information. Candidates must be able to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science (or related technical field) with five (5) years’ experience or equivalent experience.

Certifications:  Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), and Certified Information Systems Auditor (CISA),

Experience: 

  • Expert proficiency with a variety of technical vulnerability analysis tools
  • Advanced penetration testing experience
  • Software development experience and advanced exploit development

Skills/Abilities: Strong presentation/platform skills and excellent writing skills.

 

Accountability: The individual will implement and participate in the planning and execution of projects leading to technical results. The individual will also contribute to project, department, or program objectives and planning document development. The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction: The individual is expected to act independently using CMU, SEI, and NSS defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual must make sound technical decisions with little supervision. The individual must accurately represent the program in interactions with customers, sponsors, and the public. The individual is expected to perform analysis on-site at customer locations and immediately assess potential vulnerabilities requiring further investigation. 

Supervisory Responsibilities: This position could involve the training and oversight of the work of other staff members, graduate students, resident affiliates, visiting scientists, and independent contractors. Depending on research project or customer work plan, position may involve task leadership.

 

Job Functions or Responsibilities:

60% Participate in risk and vulnerability assessments operating in a technical leadership role; analyze assessment data to identify risk areas and propose mitigation alternatives.

15% Participate in research into innovative and cutting-edge tools, techniques, and methods to improve cyber security and penetration testing; transition research into applied knowledge for customers.

10% Deliver courses on offensive security tools and tactics and penetration testing management.

5% Contribute to conferences and meetings; participate in marketing calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.

5% Contribute to and review the literature in cyber security, resilience, and software engineering.

5% Provide assistance and input to other teams and projects within the SEI.                     

100% Total Effort

 

Organizational Chart:  Director, CERT Division < Technical Director, Cyber Security Solutions Directorate < Deputy Director, Cyber Security Solutions Directorate < Technical Manager, Cybersecurity Assurance Team < Cyber Security Engineer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

 

21 Nov
2016
Machine Learning Research Scientist - 2004504
Pittsburgh, PA or Arlington, VA

Position SummaryJoin us at the Software Engineering Institute at Carnegie Mellon University, home of CERT. Our team uses statistics and machine learning to influence our national cybersecurity strategy and protect our nation against cyber-related threats. A sampling of our current projects include:

 

  • Predicting cyber attacks using cybersecurity incident data
  • Engineering efficient data intake, processing, and reporting streams for a variety of intelligence-related data
  • Developing metrics and experimental designs for large-scale cybersecurity research programs
  • Classifying malware for our malware reverse engineers
  • Creating automated netflow classification tools for our network monitoring team

 

As part of your work, you will also have a chance to co-author research proposals, execute studies, and present findings to DoD sponsors and at academic conferences.

 

Minimum Qualifications and Requirements:

Education/Training: Bachelor of Science in CS, Math, Machine Learning, Stats, or related discipline, with relevant internship experience. Relevant professional work experience in software engineering or security a plus. Core competencies include fluency in statistical theory and statistical computing (Python-pandas, R, SQL, etc), superior teamwork skills, and exemplary communication skills.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Physical Mobility: Normally sedentary position with some mobility; able to travel to various SEI locations; may require some bending, stretching, pushing as well as lifting several reams of paper; dexterity to operate formal document assembly equipment.

Environmental Conditions: Usual office setting; close contact with CRT for long periods of time.

Mental: Ability to handle multiple tasks simultaneously; ability to successful complete task under inflexible time and quality pressure; ability to remain calm and composed when dealing with difficult people, situations, and frequent interruptions.

 

 Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran.

 

 

 

 

14 Nov
2016
Machine Learning Research Scientist - 2004458
Pittsburgh, PA or Arlington, VA

Position Summary: Work with elite cybersecurity experts and university faculty to build new data mining technologies that will influence the national strategy against cyber attacks in the coming decades. Projects may include developing metrics and experimental designs for large-scale cybersecurity research programs, researching human-in-the-loop machine learning, and analyzing cybersecurity incident data. You will co-author research proposals, execute studies, and present findings to DoD sponsors and academic conferences. Consider applying for this position if you are a proven computer science expert with a firm grasp of security principles and statistical theory.

 

Minimum Qualifications and Requirements:

Education/Training: Background in machine learning, security, statistics, or related quantitative field with a Bachelor’s degree and eight (8) years of experience; Master’s degree and five (5) years of experience; PhD and two (2) years of experience; or equivalent combination of training and experience.

Experience: Two plus (2+) years of experience.

Skills/Abilities: An ideal candidate will have expertise in the following areas. Experience with specific methods is less important than evidence that you can learn.

  • Ability to perform computer science research related to cybersecurity
  • Basic grasp of statistical models
  • Comfortable working in the Unix command line
  • Demonstrated ability to work in a multi-disciplinary environment
  • Expert communication

Physical / Mobility:  Mostly sedentary, with occasional meetings in nearby buildings.

Environmental Conditions:  Close contact with computer for extended periods of time.

Mental:  Meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities. Deal collaboratively, diplomatically, and successfully with customers and colleagues.

Other:  Candidates will undergo a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: PhD in machine learning, computer science, statistics, or other related quantitative field.

Experience: Two plus (2+) years of experience in computer science or machine learning.

Skills/Abilities:

  • Expertise implementing machine learning techniques (e.g., K-means, SVM, neural networks)
  • Familiar with at least one mathematical/statistical programming package (e.g., python numpy/scipy/pandas, R, MATLAB, etc.)
  • Strong software engineering skills
  • Cybersecurity or privacy experience
  • Experience supporting test and evaluation for large-scale government research programs is a plus

 

Decisions:  The individual must be able to make decisions about the proper scope of assigned research.  This includes being able to discern applicable paper topics, making decisions regarding experimental design and methods, and exercising strong time management skills.  The individual must accurately represent the program in interactions with customers, sponsors, and the public.

Supervisory Responsibilities:  This position may involve the training and supervision of graduate students and junior employees.

 

Job Functions or Responsibilities:

40%  Data analysis & data analysis tool development.

25%  Other types of research support including designing experiments and metrics.

15%  Participating in the research community, including attending and presenting at conferences, and reading and writing academic papers.

10%  Writing proposals and reports.                 

10%  Consulting and project planning with other groups in the SEI.

100% Total Effort

 

Organizational Chart:  CERT Program, Director > CERT Program, Technical Director for Cyber Security Foundations > Science of Cyber Security Research Manager > Applied Statistician / Data Scientist

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran.

28 Oct
2016
Cyber Security Engineer - Exercise Developer - 2004371
Pittsburgh, PA or Arlington, VA

This position has multiple openings and can be located in Pittsburgh, PA, Arlington, VA or Fort George G. Meade.

Position Summary:  As a member of CERT's Workforce Development program, the candidate will work with other team members in developing cyber-security training exercises and simulations, primarily for US military/government customers. This involves interacting directly with customers, gathering training requirements and objectives, producing and facilitating creative and engaging exercise scenarios, and building supporting physical and virtualized systems and network topologies. As such, the candidate will work regularly with a wide range of software and hardware technologies within CERT labs. The candidate may also assist in developing and teaching cyber security training content to external customers. The candidate will also be involved software and hardware prototype development.  Additionally, the position requires the candidate to have demonstrated and effective leadership/management abilities as he/she may supervise and evaluate full time direct reports as well as the activities of graduate student assistants. The successful candidate must be self-directed, have an interdisciplinary approach to problem solving, and work well communicating technical information to technical and non-technical users. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner.

 

Minimum Qualifications and Requirements:

Education/Training:  Bachelor’s degree in Computer Science, Information Science, or related discipline with eight (8) years applicable working experience in information technology, Master’s degree in Computer Science, Information Science, or related discipline with five (5) years of applicable working experience in information technology, PhD Computer Science, Information Science, or related discipline with two (2) years of applicable working experience in information technology, or equivalent combination of training or experience.

Experience: Successful candidates must possess "hands-on" experience with Computer/Network Security and I.T. system and network administration. Additionally, he/she must have practical experience with Windows server and desktop platforms and Linux/Unix operating systems. The candidate must have experience in network design and troubleshooting and implementing standard networking protocols. Additionally, demonstrated practical experience working with common commercial and open-source cyber security tools is required. The candidate should have some experience teaching technical content to students, peers, and non-technical individuals and must enjoy doing so.

Skills/Abilities: Candidate must be able to prioritize workload and complete deliverables on time, have good technical problem-solving skills, strong analytical and information organization skills, excellent oral and written communication skills, and strong technical teaching skills. Candidate must be able to multitask and work effectively with multiple project teams and sponsors/customers. Experience with virtualization technologies, particularly VMWare ESX server is highly desired. Programming experience in C, C++, C#, Python, and Java is also highly desirable.

Physical Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites.

Environmental Conditions: Close contact with computer for long periods of time.

Mental: Ability to pay close attention to detail, meet deadlines, work under pressure, and communicate effectively.

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: BS and MS in Computer Science; training in enterprise security tools (i.e. McAfee ePO/HIPS, ArcSight, etc.)

Licenses: CISSP, Network+, Security+ and/or other industry standard certifications

Experience: US military service in a series of positions involving information technology, cyber security, and management of large scale government networks.

Skills/Abilities: Strong presentation/platform skills and excellent writing skills.

 

Accountability:  The incumbent is accountable for the definition, creation, and maintenance of final deliverables and products and may manage unclassified/classified DoD projects in excess of $3M annually.

Direction:  The incumbent is expected to act independently using CMU and SEI defined policies, practices, and procedures.

Decisions: The incumbent must use good judgment to solve customer and personnel problems and is required to envision, design, develop, pilot, and deliver new capabilities, products, and services.  Candidate will also be required to accurately represent SEI/CERT and its technical work in interactions with customers, sponsors, and the public.

Supervisory Responsibilities:  The incumbent may have at least 2 direct reports as well as up to 15 secondary reports and will be required to provide performance management, career guidance, and take personnel corrective actions as required.

 

Job Functions or Responsibilities:

10%      Design and develop technical documents and instructional materials.

10%      Research, evaluate, develop, install/configure hardware and software including promising new technologies that require examination for cyber security research and development.

10%      Deliver technical and management training to customers.

55%      Mentor, guide and interact with team and other staff.

15%      Contribute to transition planning and strategy.

100% TOTAL EFFORT

 

Organizational Chart: Director, CERT Division < Technical Director, Cyber Security Solutions Directorate < Technical Manager, Cyber Workforce Development Initiative < Cyber Workforce Development Team Lead < Cyber Security Engineer - Exercise Developer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

21 Oct
2016
Malware Reverse Engineer - 2004251
Pittsburgh, PA or Arlington, VA

Position Summary:  The CERT Threat Analysis group aims to improve malware analysis capability while addressing active and emerging threats.  The successful candidate will reverse engineer malicious code in support of high-impact customers, design and develop new analysis methods and tools, work to identify and address emerging and complex threats, and effectively participate in the broader security community.

Responsibilities: Perform in-depth reverse engineering of malicious code, document and transition results in reports, presentations, and technical exchanges; Design, prototype, and transition new analysis methods and tools; Identify and document high-impact, emerging, and complex active security threats; design and pursue solutions; and transition results in tools, reports, presentations, and technical exchanges Participate in the broader security community through collaboration, papers, and presentations.

 

Minimum Qualifications and Requirements:

Education/Training: Bachelor of Science in Computer Science, Software Engineering, Information Systems, or related field with eight (8) years of experience, or equivalent; Master’s Degree in Computer Science, Software Engineering, Information Systems, or related field with five (5) year of experience; PhD in Computer Science, Software Engineering, Information Systems, or related field with two (2) year of experience.

Experience:                               

  • Reverse engineering software binaries.
  • Using disassemblers (ie. IDA Pro).
  • Using debuggers (ie. OllyDbg, Immunity, gdb, WinDbg).
  • Using hex editors and tools (ie. BinDiff).
  • C/C++ development.
  • x86 assembly language.
  • Windows Portable Executable (PE) file format Technical Writing Solid understanding of programming languages and operating system concepts.

Skills/Abilities:                  

  • technical writing.
  • analytical and problem solving skills.
  • develop and explain technical decisions.
  • prioritize work.
  • recognize and deal appropriately with confidential and sensitive information.
  • communicate effectively under normal and stressful situations.
  • handle shifting priorities.
  • mentoring/training skills.
  • interact effectively with technical and non-technical audiences both written and verbally.
  • work within a closely coordinated team.
  • work calmly and well under pressure.
  • maintain composure while dealing with difficult people.

Mobility: Primarily sedentary, long periods of sitting; ability to travel to various locations within the SEI and Carnegie Mellon community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions:  Normal office conditions, close contact with computer for prolonged periods of time.

Mental: Ability to work under pressure and changing priorities; pay attention to detail; meet inflexible deadlines; deal with difficult individuals while maintaining composure.     

Other: Candidate will be required to travel on overnight assignments. Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Experience:         

  • YARA.
  • IDAPro plug-in or IDAPython development.
  • Other assembly languages (ie. ARM, x86_64).
  • Python or Java development.
  • Assembly development.
  • Linker and/or Loader development or analysis Executable and Linker Format (ELF) file format Windows, Linux or Mac OS X.
  • APIs and security models.
  • Internet Protocols.
  • Cryptographic algorithms.
  • Kernel-level debugging (ie. WinDbg).
  • Device driver development.
  • Mobile device development.
  • Mobile device reverse engineering.
  • Software vulnerability analysis.
  • VirtualBox or VMWare admin or development Network packet captures (ie. Wireshark, pcap formats).

 

Accountability: Develop and implement project technical results.  Contribute to program objectives and plans development.  Keep in confidence sensitive information such as security, vulnerability, and site information.

Direction: The individual is expected to act independently in accordance with Carnegie Mellon, Software Engineering Institute, CERT Program, and CERT Threat Analysis procedures and policies, such as those involving product development, team interaction, and confidentiality.

Decisions: Must accurately represent the program in interactions with customers, sponsors, and the public.  Participate in conferences and workshops where security-related issues are discussed as required.

Supervisory Responsibilities: This position has no supervisory responsibilities.

 

Job Functions or Responsibilities:       

50%   Perform in-depth reverse engineering of malicious code, document and transition results in reports, presentations, and technical exchanges;

20%   Design, prototype, and transition new analysis methods and tools;

20%   Identify and document high-impact, emerging, and complex active security threats; design and pursue solutions; and transition results in tools, reports, presentations, and technical exchanges.

10%   Participate in the broader security community through collaboration, papers, and presentations.

100%      TOTAL EFFORT

 

Organizational Chart: CERT Program Director < CERT Threat Analysis Technical Director < CERT Malware Analysis Technical Manager < Malware Reverse Engineer.

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran.

17 Oct
2016
Cyber Security Engineer - Insider Threat - 2002835
Pittsburgh, PA or Arlington, VA

Position Summary: The CERT Division is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Division engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems.

The individual in this position will work as a member of the Enterprise Threat and Vulnerability Management (ETVM) team, which focuses on assisting organizations in improving their insider threat mitigation and incident management practices and developing capabilities for preventing, detecting, deterring, and responding to evolving insider threats. ETVM team members are domain experts in insider threat and incident response, and team capabilities include threat analysis and modeling; development of security metrics and assessment and evaluation methodologies; and creation and delivery of controls, training, courses, and workshops.  

The individual in this position will be a part of the Technical Solutions team within ETVM. The Technical Solutions Team is responsible for the creation, development, and management of novel cybersecurity solutions that support customer driven operational and research missions. The Technical Solutions Team interacts with US Government departments and agencies, industry representatives, contractors, academia and others to identify gaps in cybersecurity tools, techniques, and procedures; create prototype capabilities to fill the gaps, and transition the prototype solutions to customers and partner organizations. The team frequently communicates their work to the community by publishing technical reports and white papers, and presenting at conferences, symposia, and other working groups.

 

Minimum Qualifications and Requirements:

Education/Training: BS in computer science, software engineering, information systems, or a related technical field with three (3) years of experience or equivalent, or MS in computer science, software engineering, information systems, or a related technical field with one (1) year of experience or equivalent.

Experience: 

  • professional experience in software engineering or cyber security.
  • experience applying the engineering process to solve complex real-world challenges. 
  • experience using analytical skills and an ability to interpret established standards and guidelines to solve problems.

Skills/Abilities:

  • system administration and network administration skills and familiarity with Windows, UNIX, LINUX operating systems.
  • software development in at least two of the following languages: C, C++, Java, Perl, and Python.
  • knowledge of core Internet protocols (TCP/IP, UDP, ICMP, DNS, FTP, SMTP, HTTP, SNMP, etc.).
  • knowledge of modern version control systems and integrated development environments.
  • understanding of network design and implementation at LAN and WAN levels.
  • broad understanding and application of multi-tiered enterprise client/server architectures, design, implementation and security.
  • software / systems development lifecycle, QA, testing, build process, revision control, and change management practices.
  • proven ability to innovate, develop, implement, and effectively document complex technical systems and approaches.
  • proven ability to integrate multiple technologies, standards and data sources into a consolidated solution.
  • knowledge of common cyber attack methodologies; common types of security vulnerabilities; basic computer security forensics.
  • strong oral and written communications skills (e.g., technical writing, user guide development, requirements analysis) and ability to interact effectively with technical and non-technical audiences, as well as present in front of small and large groups; participate in external customer and sponsor meetings.
  • ability to travel to various locations within the SEI and CMU community, customer sites, and offsite meetings with weekly/monthly frequency to travel on overnight and on-site assignments; ability to work in varied and diverse situations requiring analytical, interpretative, evaluative and constructive thinking;
  • manage workload and priorities on multiple scheduled assessments;
  • able to function independently or in teams depending on the project;
  • work under pressure; deal with stress;
  • deal with challenging individuals while maintaining composure;
  • ability to exercise tact and discretion when handling highly sensitive and confidential issues;
  • maintain confidentiality while working with highly confidential and sensitive matters.
  • handle sensitive data according to project and/or USG data handling procedures.
  • ability to interpret and communicate information about government regulations and university policies.
  • quantitative and qualitative analytical skills.
  • ability to trouble shoot problems proactively and to answer questions and handle issues as they arise.
  • effective time management skills; and strong problem solving skills.

Environmental Conditions:  close contact with computer monitor for extended periods of time.

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training:  MS in Computer Science with one (1) years applicable experience; Current Associate Certified Information System Security Profession (CISSP), IEEE Professional Software Engineering Master Certification, or similar certification is desired.

Experience: 

  • experience with software development and/or system administration in large-scale, distributed computing environments.
  • experience developing materials for senior leadership in government or industry.
  • experience interfacing with the DOD, US federal civilian government, intelligence community, or law enforcement.
  • experience working in a classified environment.

Skills/Abilities: 

  • data mining.
  • machine learning. 
  • text and natural language processing.
  • proven skills working in a team environment on collaborative projects in US government, critical infrastructure sectors involving network, system or data security.

 

Accountability: The individual will be accountable for meeting established deadlines and project milestones. The individual will also be accountable for managing sensitive, and possibly classified, customer information.

Direction: The individual is expected to act in accordance with direct supervision from management and senior staff, as well as follow CMU, SEI, and CERT defined policies, practices, and procedures, and to adhere to any additional sponsor-specified requirements related to the projects involved.

Decisions:The individual must make sound decisions, and demonstrate a commitment to those decisions. The individual must also be able to escalate out-of-scope problems to more experienced team members. The individual must accurately represent the program in interactions with external customers, sponsors, and the public.

Supervisory Responsibilities: The individual may be responsible for managing student interns.

 

Job Functions or Responsibilities:

60%     Develop, deploy, and transition technical solutions for insider threat prevention, detection, and response.

15%     Participate in research into cutting-edge strategies for insider threat data collection and analysis techniques.

10%     Design and develop training materials for insider threat program practitioners.

10%     Contribute to conferences and meetings; participate in marketing calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.

5%       Provide assistance and input to other teams and projects within the SEI.

100% TOTAL EFFORT

 

Organizational Chart: CERT Program, Director < Risk and Resilience Directorate, Technical Director < Enterprise Threat & Vulnerability Management, Technical Manager < Technical Solutions, Technical Team Lead < Associate Cyber Security Engineer.

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran.

13 Oct
2016
Chief Technology Officer
Pittsburgh, PA

Boyden Global Executive Search

Founded in 1946, Boyden pioneered the executive search industry. Boyden is the oldest and one of the largest privately owned search firms in the world, with more than 70 offices in over 40 countries. In the world of executive search, Boyden is distinguished by the expertise of our consultants, the resources of our global firm, our commitment to our clients, and our culture of professionalism and integrity. For further information about Boyden, visit www.boyden.com.

Background

Our client, the Carnegie Mellon Software Engineering Institute (SEI), is seeking a highly experienced and dynamic candidate to fill the position of Chief Technology Officer (CTO). The venue is Pittsburgh, PA. 

Since 1984, the Carnegie Mellon Software Engineering Institute (SEI) has served the nation as a federally funded research and development center. As part of Carnegie Mellon University, which is well known for its highly rated programs in computer science and engineering, the SEI operates at the leading edge of technical innovation.  Its mission is to support the Nation’s defense by advancing the science, technologies, and practices needed to acquire, develop, operate, and sustain software systems that are innovative, affordable, trustworthy, and enduring.

CMU SEI is positioned at the nexus of academia, government, and industry and undertakes the following activities to fulfill its mission as a national resource:

  • Performs research to advance and mature the discipline of engineering and securing software systems
  • Builds proof-of-concept and demonstration systems that are used in conjunction with stakeholders, to assess the viability of new approaches to mission challenges
  • Widely disseminates recent advances and proven solutions relevant to its mission statement
  • Deploys domain expertise on-demand, in short order to assist with critical, urgent, or sensitive government program challenges

CMU SEI aspires to bring software-reliant capabilities with confidence to the DoD, Intelligence Community, and other government entities. Confidence is multi-faceted—in cost and schedule, in functionality, in security, and in desirable architectural properties (i.e., the “ilities” or non-functional requirements such as reliability, sustainability, extensibility, flexibility, availability, safety, etc.). It is also the confidence that people with conventional levels of education and training are able to operate software systems effectively and safely.

The SEI is recognized internationally for its work in software engineering and cyber security. For more information, you may visit the SEI web site at www.sei.cmu.

Position

The CTO is a close working partner with the Director/CEO and Deputy Director/COO. The position reports to the Director/CEO.

Key Responsibilities

The CTO’s focus is strategic in nature. The CTO role is to support the Director in formulating technical and business strategy that is responsive to the needs of the sponsor, and that leverages a view of the future of technology. Total budget for the organization is approximately $149 million, and the CTO has line responsibility for $20 million of research funding which SEI would like to grow, and technical oversight and influence over the entire SEI program.

While the CTO provides input and shares in the development of the overall SEI strategic plan, the CTO has responsibility for the creation and maintenance of the research strategy plan. The CTO develops this plan based on current and predicted future trends of technology in industry and government, and input from the research programs and performance measures. The CTO ensures that the programs’ research plans are aligned with the overall research strategy plan. The CTO is responsible for the technical and business reviews of line funded projects, and for an exploratory program that nurtures new research that develops and realizes the strategic research vision. The CTO is also responsible for understanding the breadth of technical work at the SEI.

The key responsibilities of the CTO are:

  • Managing and reviewing the funded research program
  • Creating a long range vision and developing it into an executable strategic research program
  • Conducting activities to predict the future of technology in industry and government
  • Creating and overseeing an exploratory program
  • Enhancing the brand and reputation of the SEI with current and future constituents
  • Supporting the Director/CEO and Deputy Director/COO in conducting reviews (programmatic, financial, technical)
  • Presenting SEI research strategic direction and technical overviews at professional and technical meetings (e.g., representing the SEI at professional meetings such as IEEE or ACM SWE Conferences, DDR&E and DARPA program reviews, and to forums associated with ASD(R&E), USD(AT&L), Service SAEs, PEOs, and other key stakeholders in the DoD, IC, USG, and industry)
  • Identifying opportunities for technical integration among initiatives
  • Acting as a strong liaison between the SEI and Carnegie Mellon faculty

Selection Criteria

The qualified candidate will have a Ph.D. in Computer Science, Engineering, or a related discipline. He/she must have a minimum of 15 years of progressively increasing CTO responsibilities managing large complex research projects in a University, the Department of Defense, or in a software intensive systems environment. The ideal candidate must have experience in building and managing high technology teams. They must have knowledge of the software engineering discipline and the software acquisition process, as well as cyber expertise and familiarity with cyber missions. The successful candidate must be able to demonstrate experience managing large, complex, research projects that were strategic in nature and the content of which have focused on information technology, software technology, assurance, cyber, and/or software engineering. Management experience within a university, government, military, and/or Fortune 500 technology-based organization is preferred. 

 

Additionally, the candidate should possess:

  • Tier one academic experience with a stellar reputation
  • Strong business acumen
  • He/she must be a visionary, with a strong sense of purpose
  • A reputation for applied and/or theoretical research and be well published
  • Success in securing support and funding for research projects
    • Track record of accomplishment in leading the research agenda for technology-based organizations
  • Strong influencing skills
  • Demonstrated abilities in strategic planning
  • Demonstrated understanding of the DoD and Federal acquisition and developer communities
  • Reputation for highest level of integrity
  • High comfort level with ambiguity
  • Success at building consensus within a matrixed organization
  • Excellent oral, written, and presentation skills
  • Cleared or the ability to be cleared at the Top Secret level

Compensation and Benefits

This is an outstanding career opportunity for an individual interested in a genuine professional challenge. With this position comes a very competitive compensation and benefits program.

HOW TO APPLY

The Officer-in-Charge of this engagement is Tim McNamara, Managing Partner. Linda Kearschner, Principal, is leading the recruiting effort for the project. Interested parties should submit, in electronic format, a resume with salary history and a cover letter outlining reasons for interest in this opportunity to lkearschner@boyden.com, or may call our toll free number at 1 877.2.BOYDEN (226-9336) or 1 202.536.5168 for additional information.

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

29 Sep
2016
Senior Cyber Security Researcher - 2004139
Pittsburgh, PA

Position Summary: The CMU/SEI Forensic Operations and Investigations team is a leading edge analytical resource focusing on critical U.S. Government (USG) needs.  For the past 10 years, CERT has provided analytical and operational support to high-profile investigations including numerous activities of national or international significance. Through this work the FOI can see the current limitations of digital analysis and incident response in the field first hand. Combining applied research with the unique talents, operational experience, research capabilities, and the vast knowledge base of Carnegie Mellon University, FOI is unmatched in its ability to develop new tools and methods to address cyber security limitations and critical gap areas.

This individual will serve in a multi-disciplinary role providing ongoing support to federal law enforcement, defense agencies, and the national intelligence community. As a member of the FOI team this candidate will provide support to on-going operations in the areas of incident response and investigation, full-spectrum digital forensics and applied research in emerging areas of cybercrime. At times, this position will require the team member to develop and deliver training modules related the aforementioned domains.

The successful candidate must have proven computer forensics experience in multi-jurisdiction criminal investigations, be self-directed, have a track record of creating interdisciplinary approaches to problem solving, and demonstrate exceptionally strong presentation and instructional skills. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner.

 

Minimum Qualifications and Requirements:

Education/Training: BS Computer Science, Information Security or other related discipline and a minimum of ten (10) years of related experience; or equivalent combination of training and experience.

Licenses: Certified Encase Examiner, ACE. CISSP, GIAC, SSCP, OSCP or other related/relevant certifications preferred.

Experience:  At least four or more (4+) year’s relevant experience in computer forensics, to include field and laboratory collection/imaging, analysis, with prior court room testimony preferred.  Technical experience required with host and network based forensics investigations and tools, analysis of Microsoft Windows, Unix/Linux and Mac OS operating systems, and removable media data recovery.

Skills/Abilities: Candidate must be able to prioritize workload and complete deliverables on time, have good technical problem-solving skills, have strong analytical and information organization skills, have excellent oral and written communication skills, and strong technical teaching skills.  Candidate must be skilled in instructional design, course development, and evaluation techniques.  Candidate must be able to multi-task and work effectively with multiple project teams and sponsors/customers. Technical proficiency with operating systems and detailed knowledge of network protocols are required.

Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites.

Environmental Conditions: Close contact with CRT for long periods of time.

Mental:  Ability to pay close attention to detail, meet deadlines, work under pressure, and communicate effectively.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements

Education/Training: BS in Computer Science, Information Security or other related discipline with a minimum of ten (10) years of applicable experience; MS in Computer Science, Information Security or other related discipline with a minimum of eight (8) years of applicable experience; PhD in Computer Science, Information Security or other related discipline with a minimum of five (5) years of applicable experience; or equivalent combination of training and experience.

Experience: Experience with state or federal law enforcement organization; operational knowledge of recently enacted state and federal laws and procedures relating to computer forensics investigations; coordination with criminal investigators, including courtroom testimony. 

Skills/Abilities:

  • Penetration Testing

  • Information and network security including experience with IDS/IPS

  • Knowledge of common vulnerabilities, exploits and mitigations

  • Digital Forensics (host, network and mobile devices)

  • Incident Response

  • Ability to research and characterize security threats including defining appropriate countermeasures

  • Hardware or software reverse engineering for either vulnerability discovery/assessment or malware analysis

  • Virtual infrastructure and hypervisors

  • Experience with common security controls including firewalls, proxies, IDS/IPS, Web Application Firewalls

  • Technical knowledge of fundamental Internet protocols, services, and technologies to include HTTP, TLS, DNS, SMTP, TCP/IP, ICMP, AJAX, JSON, REST

  • 2+ years with a scripting language including SQL, Python, Ruby, JavaScript, Perl, PHP and/or shell scripting

 

Accountability:  The incumbent is accountable for the definition, creation, and maintenance of final deliverables and products.

Direction: The incumbent is expected to act independently using CMU and SEI defined policies, practices, and procedures.

Decisions:  Required to design, develop, pilot and deliver products.  Required to accurately represent NSS and its technical work in interactions with customers, sponsors, and the public.

Supervision:  Contributes to hiring decisions of program staff; mentors junior staff; supervises student interns.  The experienced candidate may perform project management responsibilities.

 

Job Functions or Responsibilities:

55%     Operational support for SEI customers.

20%     Perform applied research in emerging areas of digital forensics.

15%     Deliver technical and management training to customers.

5%       Mentor, guide and interact with team and other staff.

5%       Contribute to the research and technical agendas of the FOI. 

 

Organizational Chart:  CERT Division Director, Technical Director, Cyber Security Solutions > Deputy Director, Cyber Security Solutions > Technical Manager, Forensic Operations and Investigations > Senior Cyber Security Researcher

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

29 Aug
2016
Arlington, VA Career Fair
Arlington, VA

The Software Engineering Institute at Carnegie Mellon University is hiring.

Join us at our invitational career fair in Arlington, VA on September 28-29, 2016.

SEI staff will be interviewing in Arlington, VA to fill immediate local positions. At the SEI you will have opportunities to make an impact on internet security and work with some of the most talented people in the field.  

Pursue your passion and work alongside world-recognized leaders in the field of software engineering and cyber security. Our staff works with the highest levels of U.S. government and industry to secure the nation’s critical infrastructure, improve mission-critical systems, and advance the state of the art.

We are hiring in the following areas:

Cyber Security Workforce Exercise Development                             Insider Threat Research
Software Architecture                                                                         Information Security Research
Software Development                                                                       Critical Infrastructure
High Performance Computing                                                            Network Security Deployment
Vulnerability Assessment                                                                   Cloud Computing
Malware Analysis                                                                                Systems Administration
Network Defense Analysis                                                                  Solutions Engineering

Penetration Testing                                                                             Information System Security Management
 

*You must have a degree in computer science, electrical engineering, mathematics, or a related discipline (master’s degree or doctorate preferred), and you must be eligible to obtain a Department of Defense security clearance.

*INTERVIEWS ARE BY APPOINTMENT ONLY.

*An SEI representative will contact you if there is initial interest.

 

-  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  - -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -

 

The Software Engineering Institute

The SEI is a research organization on the cutting edge of cybersecurity. Using proven software engineering principles and practices, we serve as a national resource in software engineering, computer security, and process improvement.

Our collaborative work environment enables our staff to participate in cross-functional teams in the CERT Division, the SEI, other Carnegie Mellon departments, and across the global community.  We also recognize the value of professional growth and take advantage of opportunities to increase subject matter knowledge and leadership capabilities.

Excellent Employee Benefits

The university offers competitive employee benefits, including

  • Carnegie Mellon tuition benefit programs for you and your dependent children

  • Health benefits (a wide selection of medical insurance plans from several different providers, drug prescription plans, flexible spending accounts, multiple vision and dental plans)

  • Competitive (8%) salary contributions to 403(b) retirement accounts

  • Relocation assistance

  • Lifestyle support (university-run child care, free public transportation, paid time off, etc.)

 

29 Aug
2016
Pittsburgh, PA Career Fair
Pittsburgh, PA

The Software Engineering Institute at Carnegie Mellon University is hiring.

Join us at our invitational career fair in Pittsburgh, PA on November 17 - 18, 2016.

SEI staff will be interviewing in Pittsburgh, PA to fill immediate local positions. At the SEI you will have opportunities to make an impact on internet security and work with some of the most talented people in the field.  

Pursue your passion and work alongside world-recognized leaders in the field of software engineering and cyber security. Our staff works with the highest levels of U.S. government and industry to secure the nation’s critical infrastructure, improve mission-critical systems, and advance the state of the art.

We are hiring in the following areas:

Cyber Security Workforce Exercise Development                            Insider Threat Research
Software Architecture                                                                        Information Security Research
Software Development                                                                      Critical Infrastructure
High Performance Computing                                                           Network Security Deployment
Vulnerability Assessment                                                                   Cloud Computing
Malware Analysis                                                                               Systems Administration
Network Defense Analysis                                                                 Solutions Engineering

Penetration Testing                                                                           Front-End Web Developer
 

*You must have a degree in computer science, electrical engineering, mathematics, or a related discipline (master’s degree or doctorate preferred), and you must be eligible to obtain a Department of Defense security clearance.

*INTERVIEWS ARE BY APPOINTMENT ONLY.

*An SEI representative will contact you if there is initial interest.

 

-  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  - -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -

 

The Software Engineering Institute

The SEI is a research organization on the cutting edge of cybersecurity. Using proven software engineering principles and practices, we serve as a national resource in software engineering, computer security, and process improvement.

Our collaborative work environment enables our staff to participate in cross-functional teams in the CERT Division, the SEI, other Carnegie Mellon departments, and across the global community.  We also recognize the value of professional growth and take advantage of opportunities to increase subject matter knowledge and leadership capabilities.

Excellent Employee Benefits

The university offers competitive employee benefits, including

  • Carnegie Mellon tuition benefit programs for you and your dependent children

  • Health benefits (a wide selection of medical insurance plans from several different providers, drug prescription plans, flexible spending accounts, multiple vision and dental plans)

  • Competitive (8%) salary contributions to 403(b) retirement accounts

  • Relocation assistance

  • Lifestyle support (university-run child care, free public transportation, paid time off, etc.)

15 Aug
2016
Information System Security Manager - 2003860
Arlington, VA

This position is located in Arlington, VA.

Position Summary:  The Information System Security Manager is a hands-on information system security role within the Office of the CIO Information Assurance (IA) team of the Software Engineering Institute (SEI) that operates, monitors, and maintains accredited information systems. This is an opportunity for a cleared IA professional in the Arlington VA area with strong organization and communication skills and working experience with modern Windows system administration tools and operating techniques in a Windows-based accredited network. This position is responsible for facilitating and assuring that information systems in the Arlington VA office remain complaint with DoD and other USG regulations. The position works closely with SEI groups and outside sponsors to coordinate the certification and accreditation of accredited information systems.

 

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s degree in Computer Science, Information Technology, or related field, or equivalent combination of training and experience. Current Microsoft server certifications; one or more of MCITP (Server & Client), MCSA, MCSE, etc.

Licenses:   One or more of: CAP, CASP CE, Security+CE, SSCP, GSEC, CISM

Experience: Five or more (5+) years of system and network administration experience using modern system administration tools and operating techniques in an accredited production Microsoft Windows infrastructure. Prior experience as an ISSO / ISSM (IAO/IAM) in a small to medium-scale classified enclave. Experience as a system / network administrator for services under government cognizance (e.g., DISA, DSS); knowledge of the DOD STIGs and their application in establishing and operating information systems. Experience confirming audit records and STIG compliance for systems in an accredited Microsoft Windows infrastructure.

Skills/Abilities: Problem solving skills. Demonstrated knowledge of Windows operating system commands/utilities; demonstrated knowledge of system administration tools and processes such as those used to manage software, Group Policy Objects, and other aspects of Active Directory; demonstrated knowledge of server and network problem resolution based on examination of events/alerts and system monitors/logs.

Mobility:  Normally sedentary but some business travel required (e.g., training, other SEI locations, etc.) Computer hardware installation and configuration required on an infrequent basis involving objects typically <= 30 pounds (heavier objects with assistance).

Environmental Conditions: Normal office condiditons, close contact with computer displays for prolonged periods of time.

Mental: Ability to identify, isolate and resolve systems problems. Communicate the nature of problems to different parties (e.g., system / network administrators, IA professionals, IT user support, etc.) to resolve technical issues, sometimes under pressure. Temperament and maturity to self-motivate and prioritize tasks with input from a remotely located manager.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance. Must meet and maintain DoD 8570-M readiness requirements within six (6) months of employment. Additional work hours (weekend and evening hours) may be required on an infrequent basis. May be required to stay at or return to work during incidents and/or emergencies to perform duties as requested.

 

Preferred Qualifications and Requirements:

Licenses:   One or more of the following: Active CISSP (or Associate), GSLC, CISM.                                                                                            

Experience:  ICD-501/503 experience; prior use of the ACAS tool chain, Security Content Automation Protocol (SCAP) validation tools, awareness of NISPOM IS-relevant rules, etc.

 

Accountability:  Ensures server(s) and client stations are operating efficiently and resolves issues. Verifies that accredited systems maintain their prescribed configuration and addresses/reports deviations from same immediately.  Recommends and performs modifications to enhance server/service performance and reliability.

Regularly communicates with the ISSO and ISSM as well as IT engineering group leaders in Pittsburgh to convey operational status information relevant to the services in scope.

Responsible for proper handling (e.g., safe storage, proper marking, approved destruction) of document and media used in the operation and maintenance of classified systems.

Responsible for providing information relating to equipment and facility needs each fiscal planning session to aid in budgeting expenses related to the operation of accredited systems in “closed” areas.

Participates in the development or revision of IS-specific security safeguards and local operating procedures to satisfy certification requirements. Works with the ISSM and ISSO in Pittsburgh to align policies to DC operations.

Direction:  Works under limited supervision from a remote manager as part of the OCIO IA team.

Expected to act independently to maintain and securely operate accredited systems with guidance from the lead ISSM, FSO, and OCIO senior management. Draws guidance from relevant operational security guidelines / manuals, turning to the lead ISSM for clarification when needed.

Most work is performed independently, or in concert with the lead ISSM and appropriate IT staff.

Decisions: Must be able to identify user and systems issues and resolve trivial issues independently. Information Security issues and complex operational problems are handled in concert with the ISSO, ISSM and appropriate IT or Security staff.

Supervisory Responsibilities:  No regular staff supervisory responsibilities.

Regularly inspects accredited systems and may task other IT personnel in order to address infractions or post-audit POA&M issues.

Will assist in the training process for new staff and users of accredited systems.

 

Job Functions or Responsibilities:

20%   Installs, maintains, configures and upgrades accredited servers, workstations and network devices in accordance with most current STIG documents. Assists users to resolve problems related to closed area systems and services.

15%   Reviews server logs directly or with analysis tools to discern operational anomalies, including operational threats (e.g., resource contention/exhaustion) and security concerns; addresses and/or reports these to IA colleagues or IT as appropriate.

15%   Reports on the operational status of accredited information systems based on reviews and scans to accrediting agencies, possibly through established channels such as ACAS, HBSS, etc. Reporting is coordinated with the IA team in the Pittsburgh office.

10%  Performs C&A duties including submission of accreditation documents. Drives IS related self-inspection activities and C&A / CCRI preparations. Primary interface to the local DSS IS representative.

10%  Performs classified IS user indoctrination briefings and manages IT accounts / credentials of classified systems, including required recordkeeping (account lifecycle, DoD IAA training status, policy acknowledgements, etc.).

5%   Functions as the secondary COMSEC custodian for the SEI Arlington (a/k/a DC) office responsible for device inventory, key management and loading, etc.

5%   Supports the FSO to prepare for traditional security inspection activities, complete self-inspections, etc.

5%   Performs limited FSO or CSSO duties in a backup capacity as directed.

Secondary Functions

10%    Other IT / IA related duties as assigned by the OCIO.

5%    Training and professional development to keep current with new technologies and regulations.

100% Total Effort

 

Organizational Chart:  CIO < Deputy CIO < Information System Security Manager

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran.

21 Jul
2016
Software Systems Engineer - 2003677
REMOTE - San Antonio, TX

Position Summary: The Client Technical Solutions (CTS) Directorate is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. CTS is focused on matching state-of-the-art software capabilities with critical US Department of Defense and other government agency acquisitions and organizations. This position will support the SEI’s mission by capturing government needs and identifying, shaping, and guiding programs to operationalize the most appropriate software engineering and acquisition techniques and practices. If you are an engineer passionate about improving the ability to deliver high quality, mission critical systems, and you are committed to bringing innovation to government and beyond, then this is the position for you.

The Member of the Engineering Technical Staff of the Software Solutions Division will be responsible for participating on teams that enable the organizations within the Department of Defense to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems. Key activities include understanding customer requirements and key challenge problems and addressing them with tailored solutions; applying, adapting, integrating, verifying and transitioning the SEI body of knowledge and other bodies of knowledge to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software engineering state of the practice; and maintaining situational awareness in technical and DoD domains. The candidate will coordinate closely with staff across the SEI to deliver software engineering technical expertise to customers throughout the life-cycle.

 

Minimum Qualifications and Requirements:

Education/Training: BS or equivalent degree in relevant discipline with eight (8) years applicable experience; MS or equivalent degree in relevant discipline with five (5) years applicable experience; PhD or equivalent degree in relevant discipline with two (2) years applicable experience, or equivalent combination of training and experience.

Experience: The candidate must have experience in software engineering, development or management, and/or systems engineering. Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD, Intelligence Community, or Civilian Agency acquisition processes. The candidate should have experience building, leading, managing, and participating on cross-functional, high technology teams. The candidate should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors.  Experience in three (3) or more of the following: DoD or Civilian Agency software systems acquisition on major programs (~100K SLOC or more of custom developed code, and/or significant integration of COTS/GOTS products); solid technical breadth and understanding of all aspects of the end-to-end software lifecycle (e.g., requirements, design, implementation, testing, etc.); alternative life cycles (e.g. waterfall, agile); major DoD, Intelligence Community, or Civilian Agency software acquisition policies and directives; enterprise architecture; software architecture development and evaluation, software architecture patterns (e.g. SOA) and concepts (e.g. Cloud computing); information Assurance/survivability; systems engineering on software intensive systems; COTS product integration; performance measurement including definition and application of goals, measurements and metric; system of systems engineering; requirements development and management; software integration and test and software/hardware integration; deployment of software intensive systems, especially including transition from legacy systems; cost estimation.

Skills/Abilities: Detailed knowledge of software engineering; detailed knowledge of at least one (1) core competency: requirements, architecture and design, program and acquisition management, performance improvement, assurance, or security and depth in at least one SEI body of work.  [Excellent] Strong written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization.  Good program and project management skills including: interfacing with clients, developing proposals, and establishing relationships with new DoD and/or government clients and programmatic and project management skills (e.g., ability to develop project plans, track deliverables, manage risks, perform staff planning, provide budget oversight). Good team related skills with the desire to lead and participate in multidisciplinary teams.

Mobility: Will be required to travel on overnight assignments.

Environmental Conditions: Usual office setting with extended use of CRT.

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Master's degree in Computer Science, Information Systems, systems engineering, software engineering, or acquisition management, or equivalent combination of training and experience.

Licenses: Certified DoD Acquisition Professional. Certified PMP.

 

Accountability:  The member will be directly accountable for understanding DoD acquisition needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction:  As a technical staff member, he/she will be expected to operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions:  Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  Must be able to lead and supervise others.

 

Job Functions or Responsibilites:

85%  Participate as a leader or member of technical teams in support of government acquisition program offices or participate as a member of a technical team performing research. Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

10%  Other duties as assigned by the Client Technical Solutions Directorate Executive Director, Deputy Director, Associate Director or Chief Engineer.

5%  Serve in an advisory capacity to other SEI technical programs on acquisition or technical issues.

100% TOTAL EFFORT

 

Organizational Chart:  SEI Director’s Office < Director, Software Solutions Division < Technical Director, Client Technical Solutions Directorate < Engineer, Member of the Technical Staff

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

21 Jul
2016
Software Systems Engineer - 2003689
El Segundo, CA

This position is located in Los Angeles, CA.

Position Summary: The Client Technical Solutions (CTS) Directorate is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. CTS is focused on matching state-of-the-art software capabilities with critical US Department of Defense and other government agency acquisitions and organizations. This position will support the SEI’s mission by capturing government needs and identifying, shaping, and guiding programs to operationalize the most appropriate software engineering and acquisition techniques and practices. If you are an engineer passionate about improving the ability to deliver high quality, mission critical systems, and you are committed to bringing innovation to government and beyond, then this is the position for you.

The Member of the Engineering Technical Staff of the Software Solutions Division will be responsible for participating on teams that enable the organizations within the Department of Defense to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems. Key activities include understanding customer requirements and key challenge problems and addressing them with tailored solutions; applying, adapting, integrating, verifying and transitioning the SEI body of knowledge and other bodies of knowledge to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software engineering state of the practice; and maintaining situational awareness in technical and DoD domains. The candidate will coordinate closely with staff across the SEI to deliver software engineering technical expertise to customers throughout the life-cycle.

 

Minimum Qualifications and Requirements:

Education/Training: BS or equivalent degree in relevant discipline with eight (8) years applicable experience; MS or equivalent degree in relevant discipline with five (5) years applicable experience; PhD or equivalent degree in relevant discipline with two (2) years applicable experience, or equivalent combination of training and experience.

Experience: The candidate must have experience in software engineering, development or management, and/or systems engineering. Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD, Intelligence Community, or Civilian Agency acquisition processes. The candidate should have experience building, leading, managing, and participating on cross-functional, high technology teams. The candidate should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors.  Experience in three (3) or more of the following: DoD or Civilian Agency software systems acquisition on major programs (~100K SLOC or more of custom developed code, and/or significant integration of COTS/GOTS products); solid technical breadth and understanding of all aspects of the end-to-end software lifecycle (e.g., requirements, design, implementation, testing, etc.); alternative life cycles (e.g. waterfall, agile); major DoD, Intelligence Community, or Civilian Agency software acquisition policies and directives; enterprise architecture; software architecture development and evaluation, software architecture patterns (e.g. SOA) and concepts (e.g. Cloud computing); information Assurance/survivability; systems engineering on software intensive systems; COTS product integration; performance measurement including definition and application of goals, measurements and metric; system of systems engineering; requirements development and management; software integration and test and software/hardware integration; deployment of software intensive systems, especially including transition from legacy systems; cost estimation.

Skills/Abilities: Detailed knowledge of software engineering; detailed knowledge of at least one (1) core competency: requirements, architecture and design, program and acquisition management, performance improvement, assurance, or security and depth in at least one SEI body of work.  [Excellent] Strong written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization.  Good program and project management skills including: interfacing with clients, developing proposals, and establishing relationships with new DoD and/or government clients and programmatic and project management skills (e.g., ability to develop project plans, track deliverables, manage risks, perform staff planning, provide budget oversight). Good team related skills with the desire to lead and participate in multidisciplinary teams.

Mobility: Will be required to travel on overnight assignments.

Environmental Conditions: Usual office setting with extended use of CRT.

Other:   Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Master's degree in Computer Science, Information Systems, systems engineering, software engineering, or acquisition management, or equivalent combination of training and experience.

Licenses: Certified DoD Acquisition Professional. Certified PMP.

 

Accountability:  The member will be directly accountable for understanding DoD acquisition needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction:  As a technical staff member, he/she will be expected to operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions:  Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  Must be able to lead and supervise others.

 

Job Functions or Responsibilites:

85%  Participate as a leader or member of technical teams in support of government acquisition program offices or participate as a member of a technical team performing research. Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

10%  Other duties as assigned by the Client Technical Solutions Directorate Executive Director, Deputy Director, Associate Director or Chief Engineer.

5%  Serve in an advisory capacity to other SEI technical programs on acquisition or technical issues.

100% TOTAL EFFORT

 

Organizational Chart:  SEI Director’s Office < Director, Software Solutions Division < Technical Director, Client Technical Solutions Directorate < Engineer, Member of the Technical Staff

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

19 Jul
2016
Senior Software Systems Engineer - 2003629
REMOTE - San Antonio, TX

Position Summary: The Client Technical Solutions (CTS) Directorate is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. CTS is focused on matching state-of-the-art software capabilities with critical US Department of Defense and other government agency acquisitions and organizations. This position will support the SEI’s mission by capturing government needs and identifying, shaping, and guiding programs to operationalize the most appropriate software engineering and acquisition techniques and practices. If you are an engineer passionate about improving the ability to deliver high quality, mission critical systems, and you are committed to bringing innovation to government and beyond, then this is the position for you.

The Senior Technical Staff Member of the Engineering Technical Staff of the Software Solutions Division will be responsible for leading and/or participating on teams that enable the organizations within the Department of Defense to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems. Key activities include understanding customer requirements and key challenge problems and addressing them with tailored solutions; applying, adapting, integrating, verifying and transitioning the SEI body of knowledge and other bodies of knowledge to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software engineering state of the practice; and maintaining situational awareness in technical and DoD domains. The candidate will coordinate closely with staff across the SEI to deliver software engineering technical expertise to customers throughout the life-cycle.

 

Minimum Qualifications and Requirements:

Education/Training: BS or equivalent degree in relevant discipline with ten (10) years applicable experience; MS or equivalent degree in relevant discipline with eight (8) years applicable experience; PhD or equivalent degree in relevant discipline with five (5) years applicable experience, or equivalent combination of training and experience.

Experience: The candidate must have experience in software engineering, development or management, and/or systems engineering. Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD, Intelligence Community, or Civilian Agency acquisition processes. The candidate should have experience building, leading, managing, and participating on cross-functional, high technology teams. The candidate should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors.  Experience in five (5) or more of the following: DoD or Civilian Agency software systems acquisition on major programs (~100K SLOC or more of custom developed code, and/or significant integration of COTS/GOTS products); solid technical breadth and understanding of all aspects of the end-to-end software lifecycle (e.g., requirements, design, implementation, testing, etc.); alternative life cycles (e.g. waterfall, agile); major DoD, Intelligence Community, or Civilian Agency software acquisition policies and directives; enterprise architecture; software architecture development and evaluation, software architecture patterns (e.g. SOA) and concepts (e.g. Cloud computing); information Assurance/survivability; systems engineering on software intensive systems; COTS product integration; performance measurement including definition and application of goals, measurements and metric; system of systems engineering; requirements development and management; software integration and test and software/hardware integration; deployment of software intensive systems, especially including transition from legacy systems; cost estimation.

Skills/Abilities: Deep detailed knowledge of software engineering; detailed knowledge of at least two core competencies: requirements, architecture and design, program and acquisition management, performance improvement, assurance, or security and depth in at least one SEI body of work.  Excellent written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization.  Proven program and project management skills including: interfacing with clients, developing proposals, and establishing relationships with new DoD and/or government clients and programmatic and project management skills (e.g., ability to develop project plans, track deliverables, manage risks, perform staff planning, provide budget oversight).  Proven team related skills with the ability to lead and participate in multidisciplinary teams.

Mobility: Will be required to travel on overnight assignments.

Environmental Conditions: Usual office setting with extended use of CRT.

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Master's degree in Computer Science, Information Systems, systems engineering, software engineering, or acquisition management, or equivalent combination of training and experience.

Licenses: Certified DoD Acquisition Professional. Certified PMP.

 

Accountability:  The member will be directly accountable for understanding DoD acquisition needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction:  As a technical staff member, he/she will be expected to operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions:  Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  Must be able to lead and supervise others.

 

Job Functions or Responsibilities:

85%  Participate as a leader or member of technical teams in support of government acquisition program offices or participate as a member of a technical team performing research. Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

10%  Other duties as assigned by the Client Technical Solutions Directorate Executive Director, Deputy Director, Associate Director or Chief Engineer.

5%  Serve in an advisory capacity to other SEI technical programs on acquisition or technical issues.

100% TOTAL EFFORT

 

Organizational Chart:  SEI Director’s Office < Director, Software Solutions Division < Technical Director, Client Technical Solutions Directorate < Sector Lead, CTSD Sector Team

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

19 Jul
2016
Software Systems Engineer - 2003630
Pittsburgh, PA or Arlington, VA

Position Summary: The Client Technical Solutions (CTS) Directorate is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. CTS is focused on matching state-of-the-art software capabilities with critical US Department of Defense and other government agency acquisitions and organizations. This position will support the SEI’s mission by capturing government needs and identifying, shaping, and guiding programs to operationalize the most appropriate software engineering and acquisition techniques and practices. If you are an engineer passionate about improving the ability to deliver high quality, mission critical systems, and you are committed to bringing innovation to government and beyond, then this is the position for you.

The Member of the Engineering Technical Staff of the Software Solutions Division will be responsible for participating on teams that enable the organizations within the Department of Defense to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems. Key activities include understanding customer requirements and key challenge problems and addressing them with tailored solutions; applying, adapting, integrating, verifying and transitioning the SEI body of knowledge and other bodies of knowledge to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software engineering state of the practice; and maintaining situational awareness in technical and DoD domains. The candidate will coordinate closely with staff across the SEI to deliver software engineering technical expertise to customers throughout the life-cycle.

 

Minimum Qualifications and Requirements:

Education/Training: BS or equivalent degree in relevant discipline with eight (8) years applicable experience; MS or equivalent degree in relevant discipline with five (5) years applicable experience; PhD or equivalent degree in relevant discipline with two (2) years applicable experience, or equivalent combination of training and experience.

Experience: The candidate must have experience in software engineering, development or management, and/or systems engineering. Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD, Intelligence Community, or Civilian Agency acquisition processes. The candidate should have experience building, leading, managing, and participating on cross-functional, high technology teams. The candidate should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors.  Experience in three (3) or more of the following: DoD or Civilian Agency software systems acquisition on major programs (~100K SLOC or more of custom developed code, and/or significant integration of COTS/GOTS products); solid technical breadth and understanding of all aspects of the end-to-end software lifecycle (e.g., requirements, design, implementation, testing, etc.); alternative life cycles (e.g. waterfall, agile); major DoD, Intelligence Community, or Civilian Agency software acquisition policies and directives; enterprise architecture; software architecture development and evaluation, software architecture patterns (e.g. SOA) and concepts (e.g. Cloud computing); information Assurance/survivability; systems engineering on software intensive systems; COTS product integration; performance measurement including definition and application of goals, measurements and metric; system of systems engineering; requirements development and management; software integration and test and software/hardware integration; deployment of software intensive systems, especially including transition from legacy systems; cost estimation.

Skills/Abilities: Detailed knowledge of software engineering; detailed knowledge of at least one (1) core competency: requirements, architecture and design, program and acquisition management, performance improvement, assurance, or security and depth in at least one SEI body of work.  [Excellent] Strong written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization.  Good program and project management skills including: interfacing with clients, developing proposals, and establishing relationships with new DoD and/or government clients and programmatic and project management skills (e.g., ability to develop project plans, track deliverables, manage risks, perform staff planning, provide budget oversight). Good team related skills with the desire to lead and participate in multidisciplinary teams.

Mobility: Will be required to travel on overnight assignments.

Environmental Conditions: Usual office setting with extended use of CRT.

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Master's degree in Computer Science, Information Systems, systems engineering, software engineering, or acquisition management, or equivalent combination of training and experience.

Licenses: Certified DoD Acquisition Professional. Certified PMP.

 

Accountability:  The member will be directly accountable for understanding DoD acquisition needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction:  As a technical staff member, he/she will be expected to operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions:  Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  Must be able to lead and supervise others.

 

Job Functions or Responsibilities:

85%  Participate as a leader or member of technical teams in support of government acquisition program offices or participate as a member of a technical team performing research. Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

10%  Other duties as assigned by the Client Technical Solutions Directorate Executive Director, Deputy Director, Associate Director or Chief Engineer.

5%  Serve in an advisory capacity to other SEI technical programs on acquisition or technical issues.

100% TOTAL EFFORT

 

Organizational Chart:  SEI Director’s Office < Director, Software Solutions Division < Technical Director, Client Technical Solutions Directorate < Engineer, Member of the Technical Staff

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

11 Jul
2016
Senior Software Systems Engineer - 2003540
El Segundo, CA

This position is located in Los Angeles, CA

Position Summary: The Client Technical Solutions (CTS) Directorate is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. CTS is focused on matching state-of-the-art software capabilities with critical US Department of Defense and other government agency acquisitions and organizations. This position will support the SEI’s mission by capturing government needs and identifying, shaping, and guiding programs to operationalize the most appropriate software engineering and acquisition techniques and practices. If you are an engineer passionate about improving the ability to deliver high quality, mission critical systems, and you are committed to bringing innovation to government and beyond, then this is the position for you.

The Senior Technical Staff Member of the Engineering Technical Staff of the Software Solutions Division will be responsible for leading and/or participating on teams that enable the organizations within the Department of Defense to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems. Key activities include understanding customer requirements and key challenge problems and addressing them with tailored solutions; applying, adapting, integrating, verifying and transitioning the SEI body of knowledge and other bodies of knowledge to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software engineering state of the practice; and maintaining situational awareness in technical and DoD domains. The candidate will coordinate closely with staff across the SEI to deliver software engineering technical expertise to customers throughout the life-cycle.

 

Minimum Qualifications and Requirements:

Education/Training: BS or equivalent degree in relevant discipline with ten (10) years applicable experience; MS or equivalent degree in relevant discipline with eight (8) years applicable experience; PhD or equivalent degree in relevant discipline with five (5) years applicable experience, or equivalent combination of training and experience.

Experience: The candidate must have experience in software engineering, development or management, and/or systems engineering. Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD, Intelligence Community, or Civilian Agency acquisition processes. The candidate should have experience building, leading, managing, and participating on cross-functional, high technology teams. The candidate should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors.  Experience in five (5) or more of the following: DoD or Civilian Agency software systems acquisition on major programs (~100K SLOC or more of custom developed code, and/or significant integration of COTS/GOTS products); solid technical breadth and understanding of all aspects of the end-to-end software lifecycle (e.g., requirements, design, implementation, testing, etc.); alternative life cycles (e.g. waterfall, agile); major DoD, Intelligence Community, or Civilian Agency software acquisition policies and directives; enterprise architecture; software architecture development and evaluation, software architecture patterns (e.g. SOA) and concepts (e.g. Cloud computing); information Assurance/survivability; systems engineering on software intensive systems; COTS product integration; performance measurement including definition and application of goals, measurements and metric; system of systems engineering; requirements development and management; software integration and test and software/hardware integration; deployment of software intensive systems, especially including transition from legacy systems; cost estimation.

Skills/Abilities: Deep detailed knowledge of software engineering; detailed knowledge of at least two core competencies: requirements, architecture and design, program and acquisition management, performance improvement, assurance, or security and depth in at least one SEI body of work.  Excellent written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization.  Proven program and project management skills including: interfacing with clients, developing proposals, and establishing relationships with new DoD and/or government clients and programmatic and project management skills (e.g., ability to develop project plans, track deliverables, manage risks, perform staff planning, provide budget oversight).  Proven team related skills with the ability to lead and participate in multidisciplinary teams.

Mobility: Will be required to travel on overnight assignments.

Environmental Conditions: Usual office setting with extended use of CRT.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

 

Preferred Qualifications and Requirements:

Education/Training: Master's degree in Computer Science, Information Systems, systems engineering, software engineering, or acquisition management or equivalent combination of training and experience.

Licenses: Certified DoD Acquisition Professional. Certified PMP.

 

Accountability:  The member will be directly accountable for understanding DoD acquisition needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction:  As a technical staff member, he/she will be expected to operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions:  Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  Must be able to lead and supervise others.

 

Job Functions or Responsibilities:

85%  Participate as a leader or member of technical teams in support of government acquisition program offices or participate as a member of a technical team performing research. Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

10%  Other duties as assigned by the Client Technical Solutions Directorate Executive Director, Deputy Director, Associate Director or Chief Engineer.

5%  Serve in an advisory capacity to other SEI technical programs on acquisition or technical issues.

100% TOTAL EFFORT

 

Organizational Chart:  SEI Director’s Office < Director, Software Solutions Division < Technical Director, Client Technical Solutions Directorate < Sector Lead, CTSD Sector Team

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

11 Jul
2016
Senior Software Systems Engineer - 2003538
Pittsburgh, PA or Arlington, VA

Position Summary: The Client Technical Solutions (CTS) Directorate is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. CTS is focused on matching state-of-the-art software capabilities with critical US Department of Defense and other government agency acquisitions and organizations. This position will support the SEI’s mission by capturing government needs and identifying, shaping, and guiding programs to operationalize the most appropriate software engineering and acquisition techniques and practices. If you are an engineer passionate about improving the ability to deliver high quality, mission critical systems, and you are committed to bringing innovation to government and beyond, then this is the position for you.

The Senior Technical Staff Member of the Engineering Technical Staff of the Software Solutions Division will be responsible for leading and/or participating on teams that enable the organizations within the Department of Defense to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems. Key activities include understanding customer requirements and key challenge problems and addressing them with tailored solutions; applying, adapting, integrating, verifying and transitioning the SEI body of knowledge and other bodies of knowledge to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software engineering state of the practice; and maintaining situational awareness in technical and DoD domains. The candidate will coordinate closely with staff across the SEI to deliver software engineering technical expertise to customers throughout the life-cycle.

 

Minimum Qualifications and Requirements:

Education/Training: BS or equivalent degree in relevant discipline with ten (10) years applicable experience; MS or equivalent degree in relevant discipline with eight (8) years applicable experience; PhD or equivalent degree in relevant discipline with five (5) years applicable experience, or equivalent combination of training and experience.

Experience: The candidate must have experience in software engineering, development or management, and/or systems engineering. Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD, Intelligence Community, or Civilian Agency acquisition processes. The candidate should have experience building, leading, managing, and participating on cross-functional, high technology teams. The candidate should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors.  Experience in five (5) or more of the following: DoD or Civilian Agency software systems acquisition on major programs (~100K SLOC or more of custom developed code, and/or significant integration of COTS/GOTS products); solid technical breadth and understanding of all aspects of the end-to-end software lifecycle (e.g., requirements, design, implementation, testing, etc.); alternative life cycles (e.g. waterfall, agile); major DoD, Intelligence Community, or Civilian Agency software acquisition policies and directives; enterprise architecture; software architecture development and evaluation, software architecture patterns (e.g. SOA) and concepts (e.g. Cloud computing); information Assurance/survivability; systems engineering on software intensive systems; COTS product integration; performance measurement including definition and application of goals, measurements and metric; system of systems engineering; requirements development and management; software integration and test and software/hardware integration; deployment of software intensive systems, especially including transition from legacy systems; cost estimation.

Skills/Abilities: Deep detailed knowledge of software engineering; detailed knowledge of at least two core competencies: requirements, architecture and design, program and acquisition management, performance improvement, assurance, or security and depth in at least one SEI body of work.  Excellent written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization.  Proven program and project management skills including: interfacing with clients, developing proposals, and establishing relationships with new DoD and/or government clients and programmatic and project management skills (e.g., ability to develop project plans, track deliverables, manage risks, perform staff planning, provide budget oversight).  Proven team related skills with the ability to lead and participate in multidisciplinary teams.

Mobility: Will be required to travel on overnight assignments.

Environmental Conditions: Usual office setting with extended use of CRT.

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Master's degree in Computer Science, Information Systems, systems engineering, software engineering, or acquisition management.

Licenses: Certified DoD Acquisition Professional. Certified PMP.

 

Accountability:  The member will be directly accountable for understanding DoD acquisition needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction:  As a technical staff member, he/she will be expected to operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions:  Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  Must be able to lead and supervise others.

 

Job Functions or Responsibilities:

85%  Participate as a leader or member of technical teams in support of government acquisition program offices or participate as a member of a technical team performing research. Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

10%  Other duties as assigned by the Client Technical Solutions Directorate Executive Director, Deputy Director, Associate Director or Chief Engineer.

5%  Serve in an advisory capacity to other SEI technical programs on acquisition or technical issues.

100% TOTAL EFFORT

 

Organizational Chart:  SEI Director’s Office < Director, Software Solutions Division < Technical Director, Client Technical Solutions Directorate < Sector Lead, CTSD Sector Team

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

11 Jul
2016
Software Engineer - 2003539
Pittsburgh, PA

Position Summary: The Advanced Mobile Systems (AMS) initiative at the Software Engineering Institute (SEI), part of Carnegie Mellon University, is searching for a Software Engineer to fill a position focused on developing advanced prototypes applying image processing, computer vision, virtual machine technology, wireless networking, and other technologies for operation in environments that require rapid analysis and decision making.  AMS conducts applied research, prototypes advanced software systems and concepts, and matures and transitions technologies to the U.S. Department of Defense and other government organizations. The ideal candidate will enjoy working with world-renowned researchers and engineers at the SEI and Carnegie Mellon University, which is consistently ranked among the finest universities in the areas of computer science and engineering.  The candidate should have a strong computer science and/or engineering background, and experience in developing sophisticated computer software systems.

 

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s Degree in Computer Science, Computer Engineering, Software Engineering or a related technical discipline, with demonstrated excellence in coursework and development activities.

Experience:  Three (3) of substantial software development experience.  Strong academic experience acceptable.

Skills/Abilities: Expertise in one or more of the following: image processing, computer vision, machine learning, virtual machine technology, wireless networks.

  • Ability to design, develop, test, analyze, document, and demonstrate advanced prototypes.  Ability and interest to investigate, learn, and apply emerging technologies and techniques. Ability to understand and resolve complex programming problems. Grounding in good software engineering practices. 
  • 2+ years direct experience in one or more of the previously stated areas of interest, preferably with experience in meeting tight performance constraints.
  • Proficient in C/C++, Java, Python, or similar languages.
  • Experience with fusion of data from multiple sources a plus.

Physical Mobility: The ability and willingness to travel is required.

Environmental Conditions: usual office setting with extended use of CRT.

Mental: The ability to:

  • Work meticulously with careful attention to detail;
  • Meet deadlines while working on multiple tasks -- sometimes under pressure and with shifting priorities;
  • Work collaboratively, professionally, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort;
  • Independently and quickly identify and learn new procedures, techniques, and technologies for application to advanced prototypes                                                                                              

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Master’s Degree in Computer Science, Engineering or a related technical discipline.

Experience: One year of professional development experience with mapping applications, heads-up displays, virtual reality, application of machine learning, virtual machine technologies, wireless networks. Operational, intelligence, or cyber military experience a big plus.

 

Accountability: This position is accountable the Advanced Mobile Systems Initiative Lead for work content, quality, and schedule.

Direction: This position operates within broad guidelines from the Initiative Lead and is expected to exercise reasonable discretion on technical solutions.

Decisions: Technical decisions to support specific research or customer needs. Software design choices and tradeoff decisions among technical alternatives. 

Supervisory Responsibilities: May lead activities related to a customer task or lead peers to accomplish specific technical tasks or supervise students on a research project.

 

Job Functions or Responsibilities:

55%      Design, develop, test, analyze, document, demonstrate, and deliver high-quality software.

30%      Architect complex prototype systems.

10%      Participate on teams for customer software development specific efforts. 

5%       Participate in planning, review, and reporting activities.

100% Total Effort

 

Organizational Chart:  Software Solutions Division (SSD) < Critical System Capabilities (CSC) Technical Directorate < Advanced Mobile Systems Initiative Lead < Software Developer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

23 Jun
2016
Machine Learning Research Scientist - 2003423
Pittsburgh, PA

Position Summary: The Software Engineering Institute (SEI) is a federally funded research and development center located at Carnegie Mellon University. Our Advanced Mobile Systems (AMS) Initiative is seeking a Machine Learning Research Scientist. This is an excellent opportunity to work with leading researchers and faculty at a truly world-class institution. The Machine Learning Research Scientist will focus on advancing and applying machine learning technology to analyzing streaming data. The AMS team conducts applied research, matures and prototypes technology; and transitions technology to government organizations.

The ideal candidate will enjoy working with world-renowned researchers/engineers at the SEI, Carnegie Mellon University, and other universities and R&D centers.  S/he will apply promising technologies to applications requiring rapid processing of large volumes of streaming data.  The candidate should have a strong mathematics and/or computer science background and experience in machine learning technology and developing highly-distributed systems performing near-real-time analysis of data. 

 

Minimum Qualifications and Requirements:

Education/Training: M.S. degree in computer science or related discipline with eight (8) years of experience or equivalent combination or training and experience. PhD strongly preferred.

Experience: Two or more (2+) years in three or more of the following: system/software architecture and development, virtual machine technology, distributed processing, data analytics, machine learning and/or natural language processing.

Skills/Abilities: Ability to contribute to machine learning research and design and develop advanced prototypes. Excellent analytical, problem solving and organizational skills. Ability to work successfully in small team environments, and communicate with prominent researchers and engineers.  Interest in the application of advanced technologies to extremely complex and challenging problems

Mobility: Normally sedentary position with some mobility; i.e., able to travel to campus and potentially other locations.

Environmental Conditions: Usual office setting, close contact with CRT for long periods of time.

Mental: Ability to pay close attention to detail, meet deadlines, balance multiple tasks, work under pressure, and work with frequent interruptions.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: PhD in Computer Science or related discipline with five (5) years of experience or equivalent combination of training and experience. Advanced coursework in machine learning/natural language processing.  Advanced coursework in architecting highly-distributed systems.  Additional course work in computer applications, software engineering and networking.

Experience: Four or more (4+) years’ experience in system/software architecture and development, virtual machine technology, distributed processing, data analytics, machine learning and/or natural language processing.  Experience developing data analytics applications, and applications for intermittently connected, low bandwidth, and low power environments; sensor integration and fusion. 

Skills/Abilities: Experience working with the intelligence community.

 

Accountability: Completes project tasks from routine to complex; is accountable for meeting established deadlines and project milestones with a commitment to decisions that have been made.

Direction: Expected to perform with limited supervision. Most normal duties and responsibilities are handled independently with the use of established research and engineering protocols and departmental and university procedures and policies.

Decisions: Works with researchers and developers to implement pragmatic solutions to complex problems.

Supervisory Responsibilities: Potential small team supervision.

 

Job Functions or Responsibilities:

30%     Works with CMU, SEI, other researchers, and the intelligence community to enhance the state of the art in technologies to assist in the analysis of large volume and streaming data.

30%     Works with CMU and SEI engineers to apply state of the art technologies to prototype systems that assist in the analysis of large volume and streaming data.

20%     Attends meetings, submits work progress reports, and performs related duties as required.

20%     Represents work plans and prototypes via publications, conferences, and meetings to the academic research, engineering, DoD, and first responder communities.

100% Total Effort

 

Organizational Chart: SSD Director > CSC Directorate Lead > AMS Initiative Lead > Machine Learning Research Scientist.

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran.

16 Jun
2016
Cybersecurity Risk Management Technical Manager - 2003362
Pittsburgh, PA or Arlington, VA

Position Summary: The CERT Program is part of the Software Engineering Institute (SEI), a federally funded research and development center at Carnegie Mellon University with offices in Pittsburgh, Pennsylvania and Arlington, Virginia. The CERT Program engages in cutting-edge research, development, testing, and evaluation to improve the state of cybersecurity. As Cybersecurity Risk Management Technical Manager, you will lead a team of technical staff in developing and transitioning cybersecurity capabilities to both government and the private sector with a focus to benefit the US Department of Defense (DoD). 

You have both a breadth and diversity of experience with applied research, technology, information assurance, risk management, and technology lifecycle in DoD/Government domains. You are considered an expert source in risk management for your team, and you continue to acquire and expand your knowledge. You enjoy spending time with customers and practitioners to understand their problems and find innovative solutions.

You know how to lead teams (both co-located and geographically dispersed) of senior level engineers and complex projects – to supervise and review their work products, to guide their career paths, and to ease administrative burdens so that they can achieve jointly-developed technical goals. You know how to identify and propose new business development opportunities.  You know how to manage a diverse portfolio of work products and customers. You also bring advanced problem-solving and consulting skills in your role as a conduit and representative of the SEI with the community. You enjoy presenting to groups, publishing written works, and teaching/training others, and as a member of the Carnegie Mellon University community, you will have the opportunity to work with world-renowned faculty members and experts in cybersecurity.

As a member of our management team, you work with your Director and other Technical Managers to develop a Directorate-wide strategy, then you roll up your sleeves to develop and execute an implementation plan for your team to meet these goals, thereby assessing and improving the cybersecurity posture of the DoD, US Federal Government, Critical Infrastructure, and Industry.
 

Minimum Qualifications and Requirements:

Education/Training: BS in computer science, software engineering, information systems, or a related scientific/technical field with ten (10) years’ experience or equivalent combination of training and experience.

Experience:  Familiarity with process improvement models that contain the essential elements of effective management, development, and acquisition processes for one or more disciplines (e.g. the SEI’s CMMI) and experience transitioning these models into organizational practice; three or more years of leadership experience with responsibility for project and budget management.

Skills/Abilities:

  • Consulting skills and experience.
  • Demonstrated ability to develop and deliver training courses.
  • Project management experience.
  • Leadership and mentoring skills.
  • Strong knowledge of cybersecurity standards and related bodies of practice.
  • Experience with DoD customers.
  • Background in process improvement and capability measurement.
  • Ability to collaborate with other team members to accomplish organizational goals.
  • Critical-thinking skills.
  • Excellent written and verbal communications skills.

Physical/Mobility: Primarily sedentary in an office setting with some mobility.  Ability to travel frequently to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings.

Environmental Conditions: Close contact with computer for extended periods of time.

Mental: Strong interest in the human, managerial, and technical aspects of cyber security is critical for this position as are these abilities: take or share leadership role in technical projects; work meticulously with careful attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to understand the big picture, direction, and goals of an effort; ability to develop and communicate innovative ideas; ability to demonstrate initiative and to quickly learn new procedures, techniques, approaches, etc.

Accountability: The individual will implement and participate in the planning and execution of projects leading to technical products and results. The individual will also contribute to project, department, and program objectives and planning document development. The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction: The individual is expected to act independently using CMU, SEI, and CERT defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual must make sound technical decisions with little supervision. The individual must accurately represent the program in interactions with customers, sponsors, and the public. The individual is expected to perform analysis on-site at customer locations and immediately assess potential vulnerabilities requiring further investigation.

Supervisory Responsibilities: This position could involve the training and oversight of the work of other staff members, graduate students, resident affiliates, visiting scientists, and independent contractors. Depending on research project or customer work plan, position may involve task leadership.

Other: Must have a strong interest in cyber security and critical infrastructure protection, applied research, and development. Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.


Preferred Qualifications and Requirements:

Education/Training: MS in computer science, software engineering, information systems, or a related scientific/technical field with eight (8) years’ experience; PhD in computer science, software engineering, information systems, or a related scientific/technical field with five (5) years’ experience, or equivalent combination of training and experience.

Licenses: CISSP, CISM, GIAC, or similar; certifications from the audit discipline (such as CISA) are also acceptable.

Skills/Abilities: In addition to the minimum skills/abilities above, preferred skills/abilities include: demonstrated ability to develop and deliver coursework and training.


Job Functions or Responsibilities:

30%    Manages team to effectively implement and accomplish the SEI Program Plan, the CERT Division strategic plan, and the directorate strategic plan. Sets goals and objectives and manages operational and functional business activities. Develops, implements and tracks short and long term operational plans (financial, staffing, infrastructure, project).

30%   Provides guidance to and monitors the success of team/technical leads in meeting strategic and operational goals. Assesses performance of direct reports and makes salary recommendations for all staff within areas of responsibility. Provides oversight of team/technical leads and their supervisory responsibilities of technical staff. Conducts performance reviews. Responsible for recruitment, hiring, development and retention of all technical and support staff for the CRM team.

20%   Sets technical direction for team. Leads strategic planning process and contributes to the development of the CRR, CERT, and SEI strategic and program plans. Ensures annual update of plan; reviews feasibility of plan, identifies risks and defines risk mitigation strategy. Articulates vision for internal and external audiences.

10%   Identifies opportunities for new technical projects and manages start-up of new, high-priority technical areas of work. Works with Technical Director and business management personnel to develop and implement a funding and transition plan for new work areas.

10%   Directs organizational effectiveness and staff training and development plans. Identifies operational success measures and process improvements. Leads corrective actions.

TOTAL 100%


Organizational Chart: Director CERT Program < Technical Director, Cybersecurity Risk & Resilience Directorate < Technical Manager, Cybersecurity Risk Management

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

10 Jun
2016
Senior Engineer - 2003268
REMOTE - Lexington Park, MD

Position Summary: The Senior Member of the Technical Staff/Senior Engineer will be located at the Lexington Park, Maryland operating location and will lead technical teams providing software engineering expertise to the NAVAIR PMA 281, Strike Planning and Execution Systems/Common Control System program.

The successful candidate will analyze DoD and commercial needs to formulate and prosecute a technical agenda that addresses these needs and will interact extensively with DoD and industry He or she will have the opportunity to have a seminal and lasting influence on an emerging body of technical research and practice.

Key candidate activities include: engineering/architecting a complex system-of-systems; soliciting and aligning requirements from stakeholders or other Subject Matter Experts; leading a team to write system requirements for communication systems and associated networks; information assurance; cross domain solutions; interfaces; mission planning systems; situational awareness systems; and program protection (domain expertise in one or more of these areas is a plus), leading a combined government and Prime Contractor team in the development of design concepts to implement system requirements, creating, analyzing, and briefing courses of action to leadership for decision, monitoring and, where applicable, guiding and advising on project efforts building the technical solution leading up to and through key acquisition milestones – System Requirement Review, Preliminary Design Review, and Critical Design Review, developing the plan and coordinating the test and evaluation of the overall system, Providing inputs to program Statements of Work, performing technical evaluation of contractor proposals, including Basis of Estimates.  The candidate will coordinate closely with on-site, Washington DC and Pittsburgh based SEI technical staff as well as remotely located subject matter experts in the Client Technical Solutions (CTS) Directorate and other SEI programs to deliver system & software engineering technical expertise to customers throughout the lifecycle.  The senior engineer will be able to lead and participate in multi-disciplinary teams.

 

Minimum Qualifications and Requirements:

Education/Training:  The candidate must have at least:  BS or equivalent degree in related discipline with ten (10) years applicable experience; MS or equivalent degree in relevant discipline with eight (8) years applicable experience; PhD or equivalent degree in relevant discipline with five (5) years applicable experience.  A Master’s degree in systems engineering, software engineering, Computer Science, Information Systems, acquisition management or equivalent combination of experience and training is strongly desired.

Experience:  The candidate must have experience in software and systems engineering.  Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD acquisition lifecycle processes.   The candidate should have experience building, leading, managing and participating on cross-functional, high technology teams, should be able to operate effectively with all organizations within the software, engineering, and acquisition communities and be able to interact diplomatically with partners, customers and sponsors.   The candidate should have experience with software/system acquisition in the Command and Control (C2) or Integrated Air and Missile Defense domains.  NAVAIR experience is considered a plus.

Skills/Abilities:

Detailed knowledge of software/systems engineering; detailed knowledge of at least one core competency: requirements, architecture and design, program and acquisition management, performance improvement, assurance, or security.

Broad systems engineering and system lifecycle experience with a focus in one or more of following domains:

  • Unmanned Systems
  • Autonomy
  • Service Oriented Architectures/Distributed Systems
  • Interoperability
  • Multi-Domain Mission Management
  • Networks
  • Cyber Security
  • Cross Domain Solutions
  • Interfaces
  • Communication Systems
  • Mission Planning
  • Situational Awareness Systems
  • International Traffic in Arms Regulations and Export Licensing

Experience defining, developing, analyzing, and acquiring large software intensive systems. Mastery of writing complete, unambiguous, and verifiable requirements. Experience in systems integration and analysis. Experience in risk analysis and mitigation strategies. Experience in agile software development methodologies, specifically scrum. Ability to recognize and summarize areas of potential software engineering research. Government acquisition experience. Strong leadership, interpersonal, and engagement skills in a multicultural environment. Strong written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization.  

Proven program and project management skills including:

  • Interfacing with clients, developing proposals, and establishing relationships with new DoD and/or government clients.
  • Programmatic skills (e.g., ability to develop project plans, track deliverables).
  • Project management skills (e.g., program control activities, budget oversight and staff planning).

Experience in organizational change management would be considered a plus. Completion of DoD acquisition accreditation levels (SPRDE, Program Management, and/or Test) and attendance at relevant DAU courses would be considered a plus. Ability to lead and participate in multidisciplinary teams

Mobility:  Will be required to travel on overnight assignments both domestic and international.

Environmental Conditions: Usual office setting with extended use of CRT.

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Licenses: Certified DoD Acquisition Professional.  Certified PMP.

Other Skills/Abilities:  Experience in organizational change management.  Completion of DoD acquisition accreditation levels (SPRDE, Program Management, and/or Test) and attendance at DAU courses.

 

Accountability:  The member will be directly accountable for understanding DoD acquisition needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction:  As a technical staff member, he/she will be expected operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions: Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  Must be able to lead and supervise project teams and other technical staff members.

 

Job Functions or Responsibilities:

85%     Participate as a leader or member of technical teams assisting/collaborating with government acquisition program offices or participate as a member of a technical team performing research.  Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

10%     Other duties as assigned by the CTS Technical Director or Deputy Director.

5%       Serve in an advisory capacity to other SEI technical programs on acquisition or technical issues.

100% TOTAL EFFORT

 

Organizational Chart:  SEI Director’s Office < SSD Director < Technical Director, Client Technical Solutions Directorate < Aviation Sector Lead < PMA 281 Operating Location Manager < Senior Engineer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

10 Jun
2016
Software Architect - 2003267
REMOTE - Lexington Park, MD

Position Summary:  This position will be located at the Lexington Park, Maryland operating location and will lead architecture-centric activities and teams providing software engineering expertise to NAVAIR PMA 281, Strike Planning and Execution Systems/Common Control System program.

The successful candidate will be a member of the Air Sector team in the Client Technical Solutions Directorate and will contribute to the development of software, system, and system of system architecture practices, their application in real-world settings, and general software engineering knowledge.  Individual responsibilities include: working in teams, on-site in the Lexington Park operating location and at the NAVAIR Patuxent River PMA 281, Strike Planning and Execution Systems facility, employing the use of architecture practices to identify and solve large-scale development problems; analyzing customer needs throughout the development lifecycle and recommending courses of action; contributing to the development and improvement of architecture practices and software engineering practice; using customer experiences to inform and advance an architectural research agenda; and contributing to the technical community through publications and presentations.

The successful candidate will analyze DoD and commercial needs to formulate and prosecute a technical agenda that addresses these needs and will interact extensively with DoD and commercial stakeholders. He or she will have the opportunity to have a seminal and lasting influence on an emerging body of technical research and practice.

The candidate will coordinate closely with on-site, Washington DC, and Pittsburgh based SEI technical staff as well as remotely located subject matter experts in the Client Technical Solutions (CTS) Directorate and other SEI programs to deliver system architecture & software engineering technical expertise to the NAVAIR customer throughout the lifecycle.  The software architect will be able to lead and participate in multi-disciplinary teams.

 

Minimum Qualifications and Requirements:

Education/Training: MS degree in software engineering, computer science, or information systems or an equivalent combination of training and experience.

Experience: The candidate must have at least:  BS or equivalent degree in relevant discipline with ten (10) years applicable experience; MS or equivalent degree in relevant discipline with eight (8) years applicable experience.

Skills/Abilities: The Candidate must have experience in architecting software-intensive systems that includes managing quality attribute concerns (e.g., performance, modifiability, and scalability). Experience in system architecture, and System of Systems (SoS) or Enterprise Architecture (EA) development and integration environments. Experience in Service Oriented Architectures (SOA)/Distributed Architecture Systems.  Ability to assist with activities across the development lifecycle (including requirements, architecture, design, integration, and testing activities) and to effectively leverage architecture concepts in these activities. Ability to analyze customer problems, determine needs, and recommend a course of action. Ability to quickly learn and adapt to new technologies, platforms, and environments. Knowledge of modern software development languages, platforms, development methods, architecture and design practices, and their application to practice. Ability to work effectively with team members, customers, and collaborators. Effective written and oral communication skills.

Broad systems of systems architecture and system lifecycle experience with a focus in one or more of following domains:

  • Unmanned Systems
  • Autonomy
  • Service Oriented Architectures/Distributed Systems
  • Interoperability
  • Multi-Domain Mission Management
  • Networks
  • Cyber Security
  • Cross Domain Solutions
  • Interfaces
  • Communication Systems
  • Mission Planning
  • Situational Awareness Systems
  • International Traffic in Arms Regulations and Export Licensing

Experience defining, developing, analyzing, and acquiring large software intensive systems. Mastery of writing complete, unambiguous, and verifiable requirements. Experience in systems integration and analysis.  Experience in risk analysis and mitigation strategies. Experience in agile software development methodologies, specifically scrum. Ability to recognize and summarize areas of potential software engineering research. Government acquisition experience. Strong leadership, interpersonal, and engagement skills in a multicultural environment. Strong written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization.

Proven program and project management skills including:

  • Interfacing with clients, developing proposals, and establishing relationships with new DoD and/or government clients
  • Programmatic skills (e.g., ability to develop project plans, track deliverables to schedule)
  • Project management skills (e.g., program control activities, budget oversight and staff planning)

Experience in organizational change management would be considered.

Physical Mobility: The ability and willingness to travel is required. On-site at the Lexington Park, MD operating location with some travel to SEI Pittsburgh and DC/Arlington offices, as required.  PMA 281 requested travel will be CONUS, as required.  Estimated travel is 15%.

Environmental Conditions: Usual office setting, including extended work at a computer screen.

Mental: Ability to meet deadlines and function productively as a team member.

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Experience: Experience as listed above, plus: knowledge of SEI architecture work such as the Architecture Trade-off Analysis Method, Quality Attribute Workshop, and documentation with the Views and Beyond Approach; experience with the design and development of software-intensive systems, systems of systems, or mission-critical systems; and experience working with industry and DoD stakeholders.  Virtualization experience is strongly desired.

 

Accountability:  Estimation and tracking of time and schedule for all delegated technical tasks.

Direction:  Expected to act independently, with little day-to-day guidance. Expected to also work collaboratively in teams with minimal needed outside facilitation.

Decisions:  Determine architecture-centric solution techniques for practical system development problems.  Determine and recommend appropriate technology to use at a customer site in order to solve specific problems. Determine appropriate technical content for published report.

Supervisory:  Direct support activities to enable technical work.  May direct the activities of work study or graduate student.  Lead or co-lead customer efforts or transition project teams.

 

Job Functions or Responsibilities:

70%     Participate on teams for customer specific efforts in architecture-centric life cycle practices.

15%     Contribute to development of architecture practices.                                           

10%     Author publication-quality technical reports and deliver presentations as part of the defined technical work plan.

5%       As a member of the CTSD Aviation Sector, provide input to its goals, strategies, and technical direction.

100% TOTAL EFFORT

 

Organizational Chart:  SEI Director’s Office < SSD Director < Technical Director, Client Technical Solutions Directorate < Aviation Sector Lead < PMA 281 Operating Location Manager < Software Architect.

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

 

 

08 Jun
2016
International Cybersecurity Analyst - 2003266
Pittsburgh, PA or Arlington, VA

Position Summary: The CERT Program is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Program engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the US Department of Defense, federal civilian agencies, private sector organizations and their networked information systems. CERT supports government customers by developing and transitioning cutting-edge analysis techniques and tools, providing strategic advisement, and supporting tactical operations.

The International Cybersecurity Analyst is a member of the CERT technical staff and based either in the SEI Office in Pittsburgh, Pennsylvania or in Arlington, Virginia. The candidate selected to fulfil this role will provide technical subject matter expertise in CERT support of International cybersecurity efforts and associated capability and capacity development efforts. This support will include assisting with the development and pursuit of CERT strategic drivers for engaging in these initiatives and vision for cybersecurity community interaction, regularly interacting with sponsors and stakeholders of these efforts, and execution of efforts as directed by the International CSIRT Initiatives Team Lead to ensure that the work being performed drives toward sponsor goals and CERT strategic drivers.

 

Minimum Qualifications and Requirements:

Education / Training: Bachelor’s Degree in Computer Science or scientific/technical field with three (3) years of experience or a MS/MA in a scientific or technical field with one (1) year of experience or equivalent combination of training and experience.

Experience: Professional experience should include three (3) or more years of experience supporting or managing large organizational or national-level CSIRT capabilities to include incident response, incident analysis, and development and implementation of mitigation actions and proactive security measures. This should include experience:

  • in creating, assessing, and improving these types of teams, as well as a working knowledge of existing global capabilities, advanced technology solutions and initiatives;
  • as an operational cybersecurity analyst, incident handler, or operations specialist;
  • working with and engaging people in diverse cultural environments, and;
  • fostering interaction and collaboration amongst peer organizations.

Skills / Abilities:

  • knowledge of current and effective CSIRT organizational and functional structures and the technical operations performed by these teams.
  • ability to work independently or within a team with members of varying skill sets and levels.
  • broad understanding of enterprise technology security issues.
  • broad working knowledge of commonly deployed computer network defense tools and processes to include leading vendor solutions.
  • ability to brief strategic and technical topics to senior management, technical and non-technical audiences.
  • knowledge of current operational challenges and technical threats faced by network security and intelligence organizations.
  • familiarity with project planning and management best practices.
  • ability to write / create clear, understandable documentation that translates complicated technical processes to a target audience (a writing sample is required).

Physical Mobility: Possibly sedentary, long periods of sitting, flexibility to travel to other campus locations or customer sites, frequent travel between Pittsburgh and Virginia offices, international travel as required.

Environmental Conditions: Normal office conditions, close contact with computer display for prolonged periods of time.

Mental: Ability to:

  • Work meticulously with careful attention to detail.
  • Meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities.
  • Deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort.
  • Develop and communicate innovative ideas.
  • Take leadership role in technical projects.
  • Quickly learn new procedures, techniques, and approaches.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education / Training: MS/MA in a scientific or technical field with one (1) year of experience.

Licenses: CISSP, CEH, CISM, CompTIA, or similar.

Experience:

  • Participation in broad public forums through activities such as standards, open source development, or publication.
  • Experience publishing research and academic papers.
  • Experience working with the government, or within a critical infrastructure sector.
  • Active in regional or international trade-related organizations such as the Forum of Incident Response and Security Teams (FIRST), North American Network Operators' Group (NANOG), Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), Anti-Phishing Working Group (APWG), etc.
  • Demonstrable experience effectively deliver training to technical and management level audiences on subject matter related to computer incident response team (CSIRT) development, incident response operations.
  • Background in international capacity and community building.

 

Accountability: This position is accountable for ensuring that the International CSIRT Initiatives team delivers on the execution of the statement of work for customers sponsoring capability building efforts.  The individual is accountable for aligning cybersecurity operations projects with customer needs and re-prioritizing efforts as appropriate, in close coordination with the International CSIRT Initiatives Team Lead.

Direction: The individual is expected to act independently using CMU, SEI, and CERT defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual is expected to participate in the decision-making and problem-solving processes of defining, designing, implementing, and sustaining national-level cybersecurity and related operations; suggesting and implementing policies and procedures to support these activities; and creating and sharing information regarding the state of the practice for broad dissemination.

Supervisory Responsibilities: This position will not formally supervise any personnel.

 

Job Functions or Responsibilities:

70%     Create framework and methodology documents, both general and specific to individual stakeholder groups, intended to facilitate the organizational and technical capacity development of international partners.

20%     Support planning, development, and execution of customer led and/or supported development activities, planning discussions, and awareness raising exercises. Through partnership, awareness, and action evaluate the need for, develop blueprints for, and assist with the implementation of national-level CYBERSECURITY capabilities.

10%     Capture knowledge from the engagements undertaken, integrate it with lessons learned from other similar work, and help transfer that knowledge for the betterment of the global CYBERSECURITY community.

100% TOTAL EFFORT

 

Organizational Chart: CERT Program Director < Monitoring and Response Technical Director < Security Operations Technical Manager < International CSIRT Initiatives Team Lead < International Cybersecurity Analyst.

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

18 May
2016
Security Operations Technical Manager - 2003124
Pittsburgh, PA

Position Summary: The CERT Program is a world-class program within the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Program engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the US Department of Defense, US Intelligence Community, federal civilian agencies, private sector organizations and their networked information systems. CERT supports government customers by developing and transitioning cutting-edge analysis techniques and tools, providing strategic advisement, and supporting tactical operations.

CERT is seeking a dynamic Security Operations Technical Manager (TM) who will lead, shape and manage the growth of a cutting edge security operations program. This candidate will be able to reason about complex problems, be an innovator, and a leader.

This candidate must be able to develop and execute a technical agenda and strategic roadmap to continually improve the state of the art and practice of Security Operations and Incident Management/Response. The TM will need to be able to communicate this technical vision and be capable of building consensus within the team and to maintain a successful culture built on high-quality and impactful customer work.

This approximately 20-person Security Operations team works from the SEI’s Pittsburgh and Arlington offices, and is embedded at USG facilities in the Washington DC-Baltimore area.  The position of technical manager is responsible for all aspects of developing and executing the body of work to include setting the technical direction; managing financials; business development; and personnel issues.

This role reports to the Director of Monitoring and Response, a directorate in the CERT Division.

 

Minimum Qualifications and Requirements:

Education/Training:  BS in a Computer Science or related scientific/technical field with ten (10) years’ experience, or equivalent combination of training and experience.

Experience:  Experience listed above should include:

  • Work in cyber security or intelligence operations;
  • Prior responsibility managing a team comprising a total of at least 10 individuals with commensurate personnel and financial authority.
  • These individuals should have had cyber operations roles.

Skills/Abilities: Working knowledge of:

  • Current security challenges and threats faced by a subset of the following audiences: USG intelligence, defense, law enforcement, civilian departments, and critical infrastructure.
  • USG mission’s areas/owners in cyber security.
  • Community best practices in cyber operations and associated tools/techniques.
  • Understanding of existing standards and models for security operations, incident response, intrusion analysis and cyber threat intelligence.
  • Internet protocols, operations, and governance.
  • International policies, frameworks, treaties and conventions.

Ability to:

  • Set and implement a strategic direction for a technical area and group.
  • Codify operational experience into best practices.
  • Conduct technical project management.
  • Brief strategic and technical topics to senior management and non-technical audiences;
  • Sustain a team with business development activity.
  • Foster professional growth and develop technical/professional leadership capabilities in technical staff.

Physical Mobility: Primarily sedentary in an office setting with some mobility.  Requires travel to various domestic locations within the SEI and CMU community to include the SEI Arlington/Pittsburgh office; sponsor sites; conferences; and offsite meetings with routine frequency (up to one 2 day trip every week).

Environmental Conditions: Normal office conditions; close contact with computer display for extended periods of time.

Mental:  The ability to: work meticulously with careful attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort; develop and communicate innovative ideas; and excellent oral and written communication skills.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: MS in a related technical field with ten (10) years of experience, or equivalent combination of training and experience.

Experience:  Experience listed above should include:

  • Working for or supporting the USG.
  • Supporting multiple sponsors/customers.
  • Supporting customers in an operational security environment such as incident response, intelligence, or a security operations center.
  • Supporting elements of the critical infrastructure sectors or international NCSIRTs.
  • Leading community building activities in the critical infrastructure, NCSIRT, or USG space.
  • Establishing and defining processes for operational security organizations, and codifying best practices from community and operational experience.
  • Leading workforce/capacity building projects.
  • Prior responsibility in managing a team of 15-20 individuals with commensurate personnel and financial authority.
  • Participation in public and closed community security forums through activities such as publication, presentation, collaborative security operations, and collaborative research.
  • Experience leading work internationally.

Skills/Abilities:

  • Practical experience leading, defining, or applying TTPs for cyber operations; 
  • Working knowledge of secure systems and network architecture practices.

 

Accountability:  This position is accountable for the specification and execution of all any Incident Analysis technical area work plans and a subset of the SEI operational plan.

Direction:  The individual in this position is expected to act autonomously using CMU, SEI, and CERT, defined policies, practices, and procedures.  Additionally, this position will define those set for their technical area and influence those set for CERT.

Decisions:  The individual in this position is expected to make strategic choices about the direction of the technical area that will be distilled into a technical agenda funded by a defined set of existing or new customers and implemented by a team hired to support the specifics tasking.

Supervisory Responsibilities:  This position has ultimate supervisory responsibility over all staff in the technical area to include hiring, performance reviews, salary adjustments, task assignment, and setting the tone and culture of the group.

 

Job Functions or Responsibilities:

30%     Manages group to effectively implement the SEI and task order work plans.  Sets goals and objectives and manages operational and functional business activities.   Develops, implements and tracks short and long term operational plans (financial, staffing, infrastructure, project).

30%     Provides guidance to and monitors the success of team leads in meeting strategic and operational goals. Assesses performance of direct reports and makes salary recommendations for all staff within areas of responsibility.  Provides oversight of team leads and their supervisory responsibilities of technical staff and conducting performance reviews. Responsible for recruitment, hiring, development and retention of all technical and support staff.

20%     Sets technical agenda of the technical area.  Leads planning process and contribute to the development the CERT strategic plan.  Ensures regular update of technical area’s plan; reviews feasibility of plan, identifies risks and defines risk mitigation strategy.  Articulates vision for internal and external audiences.

10%     Identifies opportunities for new technical projects and manages start-up of new, high-priority technical programs of work. Works with Technical Director of Response and Monitoring to develop and implement a funding and transition plan for new work areas.

10%     Directs organizational effectiveness and staff learning and development plans. Identifies operational success measures and process improvements.  Leads corrective action.

100% Total Effort

 

Organizational Chart: Division Director, CERT < Monitoring and Response Technical Director < Security Operations Technical Manager.

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran.

Search for Postions

 Interested in working with us?

Search positions

Accessibility Needs for Applicants, Students and Visitors

Carnegie Mellon University makes every effort to provide physical and programmatic access individuals with disabilities. If you require an accommodation to participate in any part of the employment process, please contact Disability Resources by emailing access@andrew.cmu.edu or calling 412-268-3930.

Carnegie Mellon University considers applicants for employment without regard to, and does not discriminate on the basis of, gender, race, protected veteran status, disability, or any other legally protected status.