Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Careers

Pursue your passion and work alongside world-recognized leaders in the field of software engineering. Our staff works with the highest levels of U.S. government and industry to secure the nation's critical infrastructure, improve mission-critical systems, and advance the state of the art.

Interested in working with us? To browse employment opportunities and apply for a position at the SEI, see our list of open positions below. You can also visit the Carnegie Mellon site to learn about benefits for eligible employees, search for open positions that match your interests, and create a Job Agent that will notify you by e-mail when jobs that meet your criteria become available.

Resumes from recruiting firms will not be accepted.

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

SEI Job Listings

The position you are looking for is not available. Please take a look at our current open positions listed below.

Select Job Location

Sort by Date Posted Title Location

24 Jul
2015
Mailing Coordinator - 2001481
Pittsburgh, PA

Position SummaryResponsible for sorting, distributing and metering mail and parcel packages.  Assist with shipping services using FedEx and UPS – requires packaging, data entry, labeling and related customer service, such as price comparison and package tracking.  Generate manifest reports; maintain electronic filing systems of shipping reports and requests.  Rearrange internal physical mail slots as employees are added, moved or terminated.  Generate mail reports, maintain databases of employees leaving SEI, forward 1st class mail when needed, and return other mail to senders.  Maintain inventory of office supplies.  Coordinate large orders for special events such as, notebooks, pens and other office supplies – working with SEI internal customers as well as outside vendors.  Deliver supplies as well as mail. Assist with escorting duties and internal moves when needed due.

 

Minimum Qualifications and Requirements:

Education/Training: High School or equivalent combination of training and experience.

Licenses:  Valid driver's license.

Skills/Abilities: Excellent interpersonal skills, as well as the ability to work with numbers and understand math,  to keep accurate records, to understand and follow directions.  The ability to understand and use Microsoft Excel, Word and Share point.

Physical Mobility: Ability to stand for long periods of time, to travel to various campus locations, to climb steps, to stoop, to reach, to bend at waist, to grasp, to   lift up to 70 pounds.

Environmental Conditions: While delivering mail will be exposed to the elements.

Mental: Ability to perform repetitive tasks, to pay close attention to detail, to remain calm and composed when dealing with difficult people or situations.

Other:  Occasional weekend or evening hours may be required. Must be able to drive a box truck. Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Experience: Experience with receiving/mailroom in a facilities service operation.

 

Accountability: Responsible for the mailing, delivery and shipping of SEI mail and equipment.

Direction: Performs under minimal supervision, Normal duties are performed with the use of established policies and procedures, including U.S. Postal regulations. Only the most difficult questions or situations are referred to the supervisor. Work of this position is coordinated by the Shipping and Receiving Coordinator.

Decisions: Required to make decisions regarding the best practices for mail delivery and shipping in compliance with US Postal regulations.

Supervisory Responsibilities: This position does not supervise others.

 

Job Functions or Responsibilities:

65%    Distributes incoming mail and package delivered through US Postal Service and incoming FedEx and  UPS letters. Receives incoming mail and packages delivered through U.S. Postal Service. Unloads trucks and unpacks mail. Sorts mail for distribution according to organizational structure, box and/or building location. Operates a postage meter. Deliver mail and packages to departments following a set schedule by operating a Box truck and walking a set route. May pick up mail and packages for distribution at the satellite mail stop.   May service customers at the Post Office window, , determining postal rates for domestic or international mailings, as well as postage for certified, insured, express and registered mail and packages.

20%     Package and ships large packages.

5 %      Maintain an inventory of office supplies.

10%       Other related duties as required.

100% TOTAL EFFORT

 

Organizational Chart:  Chief Financial Officer < Deputy Director, Financial and Business Services < Manager, Facilities Services < Facilities Operations Supervisor < Facilities Coordinator - Shipping and Receiving < Mailing Coordinator

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

24 Jul
2015
Research Scientist - 2001482
Pittsburgh, PA

Position Summary:  The SEI Emerging Technology Center is focused on matching state-of-the-art software capabilities with critical U.S. Government (USG) needs. This position will support the Center’s mission by capturing government needs and identifying, shaping, and guiding research that matches these needs and operationalizing research concepts in a realistic USG environment. If you are a researcher passionate about big data, cloud computing, human information interaction, analytics/machine learning/data mining/knowledge discovery, or scalability, and you are committed to bringing innovation to government and beyond, then this is the position for you.

Duties include: The SEI Emerging Technology Center Research Scientist will: Work with the Center’s leadership team to plan, develop and implement an overall research strategy, initiate and conduct novel research in-line with the Center’s broad technical focus of “data-intensive scalable computing,” and lead and collaborate with other research and development technical staff in the Center and across the SEI; Directly participate in the formation of a research agenda and assist the SEI Emerging Technology Center in establishing a national agenda in future technology; Develop research ideas in collaboration with sponsors and customers, collaborate with world leaders in the academic community, lead and conduct hands-on research, and direct research staff to advance ideas in support of the Center’s current and future customer needs; Work closely with the SEI Emerging Technology Center Director to define near-term and strategic research approach and agenda, as well as lead, conduct, and direct research projects for the Center. This position will afford the opportunity to participate in strategic planning for the whole of the Center along with an interdisciplinary team of highly talented visionaries. The work requires a deep understanding of technical challenges and emerging trends in computing and information science and awareness of the potential opportunities in industry and government. It also requires effective formulation and presentation of forward looking ideas. While deep technical knowledge in one or more fields is desirable, a demonstrated track record of research contributions across multiple fields is preferred. The SEI Emerging Technology Center and the Center customers are inherently interdisciplinary.

Specific responsibilities include: Interface directly with USG customers to identify, capture, and articulate critical software-related capability needs, specifically in the domain of data-intensive scalable computing; Identify, shape, and guide research activities directed at filling critical USG computing and information needs; Leverage research ideas to design, document, and oversee the development of solutions relevant to critical government needs; Oversee interdisciplinary development teams from problem definition to solution concept to solution development, test and evaluation, and technology transition; Develop and operationalize novel transition strategies for taking solutions from research concept to operational capability; Promote and practice user-centered design methodologies throughout the solution life-cycle, from research concept to operational capability; Publish and promote Center research to contribute to raising awareness and impact of the Center and the SEI; and Mentor other Center staff and collaborators on research methods, technical areas of expertise, user-centered design concepts, and solution design principles.

 

Minimum Qualifications and Requirements:

Education/Training: Bachelors of Science in Computer Science, Information Systems, or related field with eight (8) years’ experience or equivalent, Masters of Science in Computer Science, Information Systems, or related field with five (5) years’ experience or equivalent, or Doctor of Philosophy in Computer Science, Engineering, Mathematics, Information Systems, or related field with two (2) years of experience or equivalent combination of training and experience.

Experience: Professional experience listed above to include the following areas: Leading research and research teams; capturing and documenting user/customer needs and requirements in complex technical areas under uncertainty and changing requirements and priorities; conducting research and applying scientific methods; basic and applied research; facilitating participatory design and innovation sessions for all aspects of software, solutions, and research design concepts; software development in support of research and taking software capabilities from the lab to operations; hands on modeling and simulation, data analysis/analytics, and large-scale computing; proven capabilities in the visual communications of complex ideas and concepts; preparing and delivering technical proposals, papers, and presentations; conducting user-centered design activities including user studies, novel prototyping capabilities, and exploring multiple solution concepts in parallel; design of information architectures for complex human-centered software systems; experience working with DARPA, IARPA, Service Labs, or other government research sponsors is a plus. Ideal candidates have: Three to five years of progressively responsible experience in a technology- or research-based organization in government, industry or higher education; three to five years’ experience in researching, developing, or applying data-intensive scalable computing in a commercial or DoD/government-related environment; experience in building and managing high technology research teams. The candidate should have in-depth knowledge of software and systems engineering. Demonstrated success in formulating and delivering successful research proposals to the federal government and in leading the resulting projects. Demonstrated record of publications and contributions to the science and technology community. Demonstrated management experience with responsibility for projects, people, budgets and contracts.

Skills/Abilities: Knowledge of: Software engineering including design, architecture, development, testing, and deployment; human-computer interaction, Human-machine interaction, and Human-information interaction; modern computing, data, and storage solutions, data processing architectures (MapReduce, Hadoop, NoSQL); cloud Computing; analytics, data mining, machine learning, knowledge discovery; knowledge of information analysis, visualization, and manipulation tools and techniques; must be visionary, with strong sense of purpose; prior academic center research experience; a reputation for applied and/or theoretical research with a track record of valuable publications; track record of accomplishment in leading the research agenda for technology-based organizations; reputation for highest level of integrity; high comfort level with ambiguity; success at building consensus within a matrixed organization; excellent oral, written and presentation skills; able to make decisions and recommendations that significantly change important public policies or scientific programs; understanding and appreciation for the interplay between technology and policy; ability to influence, work and manage technical staff; able to respond quickly and effectively to changing priorities; excellent analytical, organizational, supervisory, reasoning and problem solving skills; ability to interact effectively with diverse constituencies internally and externally; excellent verbal and written communication skills.

Physical Mobility: Primarily sedentary in an office setting with some mobility. Flexible to travel to various locations within the SEI and CMU community, sponsor sites, conferences, and offsite meetings potentially with routine frequency.

Environmental Conditions: Normal office conditions; close contact with computer screen for extended periods of time.

Mental: The ability to: Design and develop detailed problem formulations and research approaches based on requirements elicitation from internal and external stakeholders; communicate with software developers, analyst, and non-technical experts; work meticulously with attention to detail; remain calm during difficult situations; meet inflexible deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities and frequent interruptions; deal collaboratively, diplomatically, and successfully with customers, co-workers, and other professional colleagues, managers, and staff; grasp the big picture, direction, and goals of an effort; interface with world-class research community; develop and communicate innovative ideas; take leadership role in technical projects; oversee the technical activities of teams of 3-4 researchers, developers, and designers; quickly learn new procedures, techniques, and approaches.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Doctor of Philosophy in Computer Science, Engineering, Mathematics, Information Systems, or related field with two (2) years of experience, or equivalent combination of training and experience.

 

Accountability: This position will be responsible for transforming vague and uncertain customer needs and requirements into clear problem statements and research programs. Research will always be conducted with a solutions and outcome focus. This includes matching problems to research ideas, technology capabilities, and ultimately solutions.

Direction: This position is expected to act with minimal supervision in accordance with SEI procedures and policies, such as those involving product development, team interaction, and confidentiality.

Decisions: This position will conduct research, make decisions about research approaches and ideas, explore and specify solutions and designs and make implementation choices for a wide-range of data-intensive scalable computing problems.

Supervisory Responsibilities: This position may include supervisory responsibilities for a small (2) to medium (10) sized team of researchers or research programmers.

 

Job Functions or Responsibilities:

60% Serve as the an interface with USG technical and research customers to understand, capture, and translate USG problems to the research community and other SEI staff focused on developing meaningful research problems, conducting research, and developing solutions. Lead, conduct, and facilitate exploration and innovation sessions and workshops to elicit clear definition of USG challenges and concepts. Craft and conduct research in partnership with USG customers, academic partners, SEI staff, and industry collaborators were appropriate.

15%  Serve as a principal advocate for the research portion of the SEI Emerging Technology Center. Formulate and evolve the research strategy and work with Center management to implement that strategy. Assist with formation and growth of the research team and recruiting appropriate talent.

15%  Serve as liaison to internal CMU/SEI functions and programs in active and potential areas of research. Builds external relationships to foster research collaborations. Represents the Center to the S&T community by participation in S&T community events and forums. Work with Center management to identify critical research areas and research opportunities that support the needs of Center’s current and future customers.

10% Mentor internal researchers, designers and software developers; communicate the design of solutions to internal stakeholders; and provide technical guidance on integration and design to external stakeholders.

100% TOTAL EFFORT

 

Organizational Chart: SEI Emerging Technology Center Director < Chief Scientist <  Research Scientist

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

24 Jul
2015
Software Developer - 2001483
Pittsburgh, PA

What we do:  The SEI Emerging Technology Center helps the government stay on the edge of technology.  The world is innovating software and information technologies rapidly, and the Center identifies, demonstrates, and applies emerging software technologies to meet critical mission needs.  We focus on promoting government awareness and knowledge of emerging technologies and their application, and shaping and leveraging academic and industrial research.


Position Summary:  The SEI Emerging Technology Center is focused on matching state-of-the-art software research with critical U.S. Government (USG) needs.  This position will support the Center’s mission by developing, applying, demonstrating, evaluating, and transitioning software capabilities that operationalize research concepts of significant value to the USG.  Software developers in the Center work on leading edge technologies and apply them to important and challenging problems. It is a dynamic and flexible development environment with constant opportunities to develop new skills, to learn new programming methods and techniques, to work on emerging architectures and systems, and to make a difference.

Duties include:  Develop and code software solutions that provide needed capabilities to the USG building on state-of-the-art research in analytics, data architectures, software assurance, security, and human information interaction;  conduct rapid software prototyping to demonstrate and evaluate technologies in relevant environments; conduct performance, security, and other aspects of evaluating software systems; test software capabilities using novel testing and analysis techniques; document software with an emphasis on architectures, user stories, and interface definitions; practice agile software development methods and actively participate on teams of software developers, researchers, designers, and technical leads; support software development infrastructure and assist in building and configuring computing systems and resources; interface with the research community and the USG to understand challenges, needs, and possible solutions; contribute to improving the overall technical capabilities of the Center by mentoring and teaching others, participating in design (software and otherwise) sessions, and sharing insights and wisdom across the SEI Emerging Technology Center team.

 

Minimum Qualifications and Requirements:

Education/Training:  Bachelors of Science in Computer Science, Information Systems, or related field with eight (8) years’ experience in hands on software development, or equivalent; Masters of Science in Computer Science, Information Systems, or related field with five (5) years’ experience in hands on software development, or equivalent; Ph.D. with two (2) years’ experience is a plus.

Experience:  Professional experience listed above to include the following areas:  five (5) years of production or intensive research software development experience in modern languages such as C/C++ or Java; knowledge of other commonly used language such as Perl, Python, Ruby, JavaScript, etc.; working knowledge of some modern computing paradigms and environments such as NoSQL systems (Hadoop, CouchDB, MapReduce), cloud computing and virtualization, parallel programming, HPC development, network programming, mobile development, and interface development; familiarity with end-to-end software development activities in Linux/Windows/Unix/Web environments; familiarity with software development tools including IDEs (Eclipse, IntelliJ, emacs etc.), version control systems (git, svn, p4, etc.) and bug tracking systems (e.g., bugzilla); working knowledge and experience in participating in agile software development practices and team design sessions; demonstrated problem solving ability with the ability to explore and evaluate many possible solutions to problems; proven contribution to open source development projects is a plus.

Skills/Abilities: Knowledge of:  software development in Python, C/C++, Java, and other modern languages; modern computing, data, and storage solutions including advanced web development (HTML5, Adobe Flex, PHP), data processing architectures (MapReduce, Hadoop, BigTable) including cloud computing and virtualization concepts; algorithm design and analysis including analysis of algorithm complexity; familiarity with of core Internet protocols (e.g., TCP/IP, BGP, UDP, ICMP, DNS, SMTP, HTTP, etc); software / systems development lifecycle, QA testing, revision control, and change management practices.

Physical Mobility: Primarily sedentary in an office setting with some mobility. Flexible to travel to various locations within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion. Travel outside of Pittsburgh limited to no more than 5 working days a month.

Environmental Conditions: Normal office conditions; close contact with computer screen for extended periods of time.

Mental: The ability to:  explore and solve complex, ill-defined problems; work meticulously with attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; self-starter willing to take on tasks and initiate constructive activity with little guidance; deal collaboratively, diplomatically, and successfully with customers, co-workers, and other professional colleagues, managers, and staff; grasp the big picture, direction, and goals of an effort; interface with world-class research community; develop and communicate innovative ideas; quickly learn new procedures, techniques, and approaches.

Other:  Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Accountability:  This position will be responsible for exploring, defining, developing, demonstrating, and, in some cases, transitioning software capabilities.  This includes working with a team of developers, researchers, designers, and other technical personnel to create solutions.

Direction:  This position is expected to act with minimal supervision in accordance with SEI procedures and policies, such as those involving product development, team interaction, and confidentiality.

Decisions:  This position will explore, develop, and demonstrate software capabilities and make implementation choices for a wide-range of software-intensive problems.

Supervisory Responsibilities:  This position does not supervise others, but may provide technical leadership to projects and act in the capacity of a mentor to solutions architects, software developers, and designers.

 

Job Functions or Responsibilities:

60% Design, develop, test, document, and demonstrate software.

15% Interface with the research community to understand the state of research ideas and the practicality of applying those ideas to real USG problems and challenges.  Interface with USG customers to understand their needs and capabilities and identify possible solutions.

15% Actively participate in agile team software development activities and team brainstorming, innovations, and design sessions.

10% Participate in the broader SEI software research community through collaboration, papers, and presentations.

100% TOTAL EFFORT

 

Organizational Chart:  SEI Emerging Technology Center Director < SEI Emerging Technology Center Technical Director < Software Developer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

21 Jul
2015
Senior Engineer - Client Technical Solutions - 2001436
Pittsburgh, PA or Arlington, VA

This position can be located in Pittsburgh, PA or Arlington, VA.

 

Position Summary:  The Senior Member of the Engineering Technical Staff of Software Solutions Division will be responsible for leading teams that enable the organizations within the Department of Defense Civil Agencies and Intel Community to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems. Key activities include understanding customer requirements and key challenge problems and addressing them with tailored solutions; applying, adapting, integrating, verifying and transitioning the SEI body of knowledge and other bodies of knowledge to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software engineering state of the practice; and maintaining situational awareness in technical and DoD domains. The candidate will coordinate closely with technical staff in CTSD, SSD  and other SEI programs to deliver software engineering technical expertise to customers throughout the life-cycle.


Minimum Qualifications and Requirements:
 
Education/Training: BS or equivalent degree in relevant discipline with ten (10) years applicable experience; MS or equivalent degree in relevant discipline with eight (8) years applicable experience; PhD or equivalent degree in relevant discipline with five (5) years applicable experience, or equivalent combination of training and experience.

Experience: The candidate must have experience in software engineering, development or management, and/or systems engineering. Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD, Intelligence Community or Civilian Agency acquisition processes. The candidate should have experience building, leading, managing and participating on cross-functional, high technology teams, should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors.

Skills/Abilities: Detailed knowledge of software engineering; detailed knowledge of at least one core competency: requirements, architecture and design, program and acquisition management, performance improvement, assurance, or security and depth in at least one SEI body of work.  Experience in five or more of the following: DoD or Civilian Agency software systems acquisition on major programs (For the purposes of this announcement, our definition of major is at least 100K SLOC of custom developed code, and/or significant integration of COTS/GOTS products); solid technical breadth and understanding of all aspects of the end-to-end software lifecycle (e.g., requirements, design, implementation, testing, etc.); alternative life cycles (e.g. waterfall, agile); major DoD, Intelligence Community, or Civilian Agency software acquisition policies and directives; enterprise architecture ; software architecture development and evaluation, software architecture patterns (e.g. SOA) and concepts (e.g. Cloud computing); information Assurance/survivability; systems engineering on software intensive systems; COTS product integration; performance measurement including definition and application of goals, measurements and metric; system of systems engineering; requirements development and management; software integration and test and software/hardware integration; deployment of software intensive systems, especially including transition from legacy systems; cost estimation.

Strong written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization.  Proven program and project management skills including: interfacing with clients, developing proposals, and establishing relationships with new DoD and/or government clients and programmatic and project management skills (e.g., ability to develop project plans, track deliverables, manage risks, perform staff planning, provide budget oversight).  Ability to lead and participate in multidisciplinary teams.

Mobility: Will be required to travel on overnight assignments

Environmental Conditions: Usual office setting with extended use of CRT.

Other: U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.


Preferred Qualifications and Requirements: 

Education/Training: Master's degree in Computer Science, Information Systems, systems engineering, software engineering, or acquisition management.

Licenses: Certified DoD Acquisition Professional. Certified PMP.


Accountability:  The member will be directly accountable for understanding DoD acquisition needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction:  As a technical staff member, he/she will be expected to operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions:  Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  Must be able to lead and supervise others.


Job Functions or Responsibility:

85%  Participate as a leader or member of technical teams in support of government acquisition program offices or participate as a member of a technical team performing research. Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

10%  Other duties as assigned by the Client Technical Solutions Directorate, Executive Director, Deputy Director, Associate Director or Chief Engineer.

5%  Serve in an advisory capacity to other SEI technical programs on acquisition or technical issues.
100% TOTAL EFFORT


Organizational Chart:  SEI Director’s Office < Director, Software Solutions Division < Technical Director, Client Technical Solutions Directorate < Sector Lead, CTSD Sector Team

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

17 Jul
2015
Administrative Assistant II - 2001394
Pittsburgh, PA

What we do:  The SEI Emerging Technology Center helps the government stay on the edge of technology.  The world is innovating software and information technologies rapidly, and the Center identifies, demonstrates, and applies emerging software technologies to meet critical mission needs.  We focus on promoting government awareness and knowledge of emerging technologies and their application, and shaping and leveraging academic and industrial research. 

Position Summary:  Responsible for providing a wide variety of administrative assistance and support to the SEI Emerging Technology Center (SEI ETC). This position will organize and expedite workflow and information, including: scheduling and arranging meetings; making travel arrangements; generating and submitting travel reimbursements and expense reimbursements; handling confidential matters; generating correspondence, reports and presentations; and interpreting and implementing SEI/CMU policies and procedures. This position will also perform research to respond to requests and summarizes findings; manage SEI ETC internal processes (e.g., customer portfolio reviews, project reviews, staff reviews, financial reviews, reporting, communications management); will be responsible for timely entering of team effort reports each month; performs related duties and projects as assigned.

 

Minimum Qualifications and Requirements:

Education/Training: High School diploma or equivalent combination of training and experience.

Experience: Five (5) years of administrative experience.

Skills/Abilities:  Must have strong organizational, analytical, reasoning, interpersonal and problem solving skills; excellent communications skills; ability to interact with campus community and external customers; a willingness to assume responsibility and to exercise good judgment.  Must have the ability to handle multiple tasks simultaneously. Must be willing to take on new tasks, accept responsibility for accuracy and implementation of new ideas. Must be able to compose written communications, edit correspondence, have excellent written and verbal skills, produce presentation materials, maintain accurate and detailed records and have the ability to understand and follow directions.  A working knowledge of Microsoft Office products and related software, such as PowerPoint, Excel, Word and calendar management systems (e.g., Outlook).

Physical Mobility:   Mostly sedentary; may need to drive or walk to other campus locations; requires bending, stretching, pushing as well as lifting.

Environmental Conditions:  Usual office setting; close contact with computer for long periods of time.

Mental: Ability to work under pressure and with frequent interruptions.  Ability to meet inflexible deadlines, pay close attention to detail, and remain calm in difficult situations. Excellent judgment and the ability to multi-task and follow shifting priorities quickly.  Strong problem-solving and analytical skills. Ability to direct others, as needed.

Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.

 

Preferred Qualifications and Requirements:

Education/Training: Associate’s degree or equivalent combination of training and experience.

Experience: Experience in an academic setting. Some team lead experience. 

Skills/Abilities:  Experience using various databases applications; experience using Web authoring tools (e.g., Dreamweaver) and Oracle financial system. Past experience in assisting in research information gathering activities; experience working with government customers.

 

Accountability:  Provides administrative support; assists with the workflow within the departments; supports budget and other related processes; acts as resource to less experience staff. Actively participates in SEI ETC teams on a regular basis and may be asked to participate on SEI teams.

Direction: This position is expected to act in accordance with SEI procedures and policies. Expected to work independently in most instances with the use of established procedures and policies; work with supervisor to manage changing workload or priorities; review and document procedures for improving workflow within the team.

Decisions: This position would be expected to make decisions requiring specialized knowledge and understanding of the practices, policies and procedures of the SEI ETC, and demonstrate general knowledge in areas outside of SEI ETC. Has latitude to consider which among many related procedures or precedents to follow. Solutions result from comparison of problem elements to reference points within the incumbent’s own experience. Recognize the opportunity for process improvement and participate in the implementation.

Supervisory Responsibilities:  This position does not directly supervise others. May assist in oversight of work performed by other administrative staff on the team.

 

Job Functions or Responsibilities:
40%  Provides administrative assistance such as coordinating meetings, conference and event logistics and resources; drafting correspondence, reports, and other documents for supervisor’s signature and/or approval. Coordinates travel reservations, prepares paperwork for reimbursements and oversees distribution of reimbursement funds.


25% Maintains calendars to ensure time-critical issues such as provisional and annual performance reviews, performance management activities, group meetings, project reviews, etc. are identified and adhered to.

 

20% Acts as a liaison or contact person with other university departments, and with outside organizations. Assists in the research, preparation and processing of information for items, including purchase requests and agreements.


5%  Assists with the workflow within the department.


5% Provides general office management by setting up and maintaining complex file systems, and supporting staff and budget related processes and work.


5% Performs related work and special projects as assigned.

 

Organizational Chart:  SEI Emerging Technology Center Director < SEI Emerging Technology Center Director of Operations < Administrative Assistant II

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

14 Jul
2015
Security Administrator - 2001396
Pittsburgh, PA

Position Summary:  The individual in this position will work as a member of the OCOS (Office of Chief of Staff) on the Security Team. The primary responsibilities include:  Assist with OCONUS (Outside the Contiguous United States) travel briefings; personnel security administration; assist with documentation; exposure to all aspects of Industrial Security as it relates to the protection of National Security.

 

Minimum Qualifications and Requirements:

Education/Training:  BA/BS or equivalent combination of training and experience.     

Skills/Abilities: Good problem solving skills; ability to interact with other OCOS teams; ability to maintain accurate and detailed records; working knowledge of desktop operating systems and common tools including email clients and web browsers.  Basic knowledge of Windows operating system and Office applications.

Physical / Mobility:  Able to walk to various locations across campus; able to lift and carry standard file boxes; able to maneuver in tight spaces, to bend, reach, stoop, etc.

Environmental Conditions: Ability to use a computer keyboard and display for extended periods of time.

Mental: Able to work under pressure; meet inflexible deadlines; deal with difficult individuals while maintaining composure.  Must have strong customer service orientation.

Other: U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information, and maintain that clearance as a condition of employment.   

 

Preferred Qualifications and Requirements:

Education/Training: Additional course work, seminars, workshops, etc., in national security or homeland security related disciplines.  

Skills/Abilities:  Ability to multi-task; detail orientated; good customer service and communication skills.

 

Accountability:  Follow direction of supervisor.

Direction: Follow direction of supervisor.

Decisions:  Assesses support issues and either resolves or escalates to appropriate resource for resolution.

Supervisory Responsibilities:  This position does not supervise others.

 

Job Functions or Responsibilities:

40%        Assist Security team with personnel security files.

20%        Participate in OCONUS travel briefing library creation/updates based on current threats to include foreign travel requirements.

20%        Security team specific support with documentation, meetings, and general customer support.

20%        Other duties as assigned.

100% TOTAL EFFORT

 

Organizational Chart:  OCOS Deputy Director > Security Manager > Security Administrator

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

11 Jun
2015
Cyber Security Engineer - Exercise Developer - 2001200
Pittsburgh, PA or Arlington, VA

This position has multiple openings and can be located in Pittsburgh, PA or Arlington, VA.

Position Summary:  As a member of CERT's Workforce Development program, the candidate will work with other team members in developing cyber-security training exercises and simulations, primarily for US military/government customers. This involves interacting directly with customers, gathering training requirements and objectives, producing and facilitating creative and engaging exercise scenarios, and building supporting physical and virtualized systems and network topologies. As such, the candidate will work regularly with a wide range of software and hardware technologies within CERT labs. The candidate may also assist in developing and teaching cyber security training content to external customers. The candidate will also be involved software and hardware prototype development.  Additionally, the position requires the candidate to have demonstrated and effective leadership/management abilities as he/she may supervise and evaluate full time direct reports as well as the activities of graduate student assistants. The successful candidate must be self-directed, have an interdisciplinary approach to problem solving, and work well communicating technical information to technical and non-technical users. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner.

 

Minimum Qualifications and Requirements:

Education/Training:  Bachelor’s degree in Computer Science, Information Science, or related discipline with three (3) years applicable working experience in information technology, Master’s degree in Computer Science, Information Science, or related discipline with one (1) years of applicable working experience in information technology, or equivalent combination of training or experience.

Experience: Successful candidates must possess "hands-on" experience with Computer/Network Security and I.T. system and network administration. Additionally, he/she must have practical experience with Windows server and desktop platforms and Linux/Unix operating systems. The candidate must have experience in network design and troubleshooting and implementing standard networking protocols. Additionally, demonstrated practical experience working with common commercial and open-source cyber security tools is required. The candidate should have some experience teaching technical content to students, peers, and non-technical individuals and must enjoy doing so.

Skills/Abilities: Candidate must be able to prioritize workload and complete deliverables on time, have good technical problem-solving skills, strong analytical and information organization skills, excellent oral and written communication skills, and strong technical teaching skills. Candidate must be able to multitask and work effectively with multiple project teams and sponsors/customers. Experience with virtualization technologies, particularly VMWare ESX server is highly desired. Programming experience in C, C++, C#, Python, and Java is also highly desirable.

Physical Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites.

Environmental Conditions: Close contact with computer for long periods of time.

Mental: Ability to pay close attention to detail, meet deadlines, work under pressure, and communicate effectively.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training: BS and MS in Computer Science; training in enterprise security tools (i.e. McAfee ePO/HIPS, ArcSight, etc.)

Licenses: CISSP, Network+, Security+ and/or other industry standard certifications

Experience: US military service in a series of positions involving information technology, cyber security, and management of large scale government networks.

Skills/Abilities: Strong presentation/platform skills and excellent writing skills.

 

Accountability:  The incumbent is accountable for the definition, creation, and maintenance of final deliverables and products and may manage unclassified/classified DoD projects in excess of $3M annually.

Direction:  The incumbent is expected to act independently using CMU and SEI defined policies, practices, and procedures.

Decisions: The incumbent must use good judgment to solve customer and personnel problems and is required to envision, design, develop, pilot, and deliver new capabilities, products, and services.  Candidate will also be required to accurately represent SEI/CERT and its technical work in interactions with customers, sponsors, and the public.

Supervisory Responsibilities:  The incumbent may have at least 2 direct reports as well as up to 15 secondary reports and will be required to provide performance management, career guidance, and take personnel corrective actions as required.

 

Job Functions or Responsibilities:

10%      Design and develop technical documents and instructional materials.

10%      Research, evaluate, develop, install/configure hardware and software including promising new technologies that require examination for cyber security research and development.

10%      Deliver technical and management training to customers.

55%      Mentor, guide and interact with team and other staff.

15%      Contribute to transition planning and strategy.

100% TOTAL EFFORT

 

Organizational Chart: Director, CERT Division < Technical Director, Cyber Security Solutions Directorate < Technical Manager, Cyber Workforce Development Initiative < Cyber Workforce Development Team Lead < Cyber Security Engineer - Exercise Developer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

11 Jun
2015
Cyber Security Engineer - Exercise Developer - 2001201
Pittsburgh, PA or Arlington, VA

This position has multiple openings and can be located in Pittsburgh, PA or Arlington, VA.

Position Summary:  As a member of CERT's Workforce Development program, the candidate will work with other team members in developing cyber-security training exercises and simulations, primarily for US military/government customers. This involves interacting directly with customers, gathering training requirements and objectives, producing and facilitating creative and engaging exercise scenarios, and building supporting physical and virtualized systems and network topologies. As such, the candidate will work regularly with a wide range of software and hardware technologies within CERT labs. The candidate may also assist in developing and teaching cyber security training content to external customers. The candidate will also be involved software and hardware prototype development.  Additionally, the position requires the candidate to have demonstrated and effective leadership/management abilities as he/she may supervise and evaluate full time direct reports as well as the activities of graduate student assistants. The successful candidate must be self-directed, have an interdisciplinary approach to problem solving, and work well communicating technical information to technical and non-technical users. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner.

 

Minimum Qualifications and Requirements:

Education/Training:  Bachelor’s degree in Computer Science, Information Science, or related discipline with eight (8) years applicable working experience in information technology, Master’s degree in Computer Science, Information Science, or related discipline with three (2) years of applicable working experience in information technology, PhD Computer Science, Information Science, or related discipline with one (1) year of applicable working experience in information technology, or equivalent combination of training or experience.

Experience: Successful candidates must possess "hands-on" experience with Computer/Network Security and I.T. system and network administration. Additionally, he/she must have practical experience with Windows server and desktop platforms and Linux/Unix operating systems. The candidate must have experience in network design and troubleshooting and implementing standard networking protocols. Additionally, demonstrated practical experience working with common commercial and open-source cyber security tools is required. The candidate should have some experience teaching technical content to students, peers, and non-technical individuals and must enjoy doing so.

Skills/Abilities: Candidate must be able to prioritize workload and complete deliverables on time, have good technical problem-solving skills, strong analytical and information organization skills, excellent oral and written communication skills, and strong technical teaching skills. Candidate must be able to multitask and work effectively with multiple project teams and sponsors/customers. Experience with virtualization technologies, particularly VMWare ESX server is highly desired. Programming experience in C, C++, C#, Python, and Java is also highly desirable.

Physical Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites.

Environmental Conditions: Close contact with computer for long periods of time.

Mental: Ability to pay close attention to detail, meet deadlines, work under pressure, and communicate effectively.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training: BS and MS in Computer Science; training in enterprise security tools (i.e. McAfee ePO/HIPS, ArcSight, etc.)

Licenses: CISSP, Network+, Security+ and/or other industry standard certifications

Experience: US military service in a series of positions involving information technology, cyber security, and management of large scale government networks.

Skills/Abilities: Strong presentation/platform skills and excellent writing skills.

 

Accountability:  The incumbent is accountable for the definition, creation, and maintenance of final deliverables and products and may manage unclassified/classified DoD projects in excess of $3M annually.

Direction:  The incumbent is expected to act independently using CMU and SEI defined policies, practices, and procedures.

Decisions: The incumbent must use good judgment to solve customer and personnel problems and is required to envision, design, develop, pilot, and deliver new capabilities, products, and services.  Candidate will also be required to accurately represent SEI/CERT and its technical work in interactions with customers, sponsors, and the public.

Supervisory Responsibilities:  The incumbent may have at least 2 direct reports as well as up to 15 secondary reports and will be required to provide performance management, career guidance, and take personnel corrective actions as required.

 

Job Functions or Responsibilities:

10%      Design and develop technical documents and instructional materials.

10%      Research, evaluate, develop, install/configure hardware and software including promising new technologies that require examination for cyber security research and development.

10%      Deliver technical and management training to customers.

55%      Mentor, guide and interact with team and other staff.

15%      Contribute to transition planning and strategy.

100% TOTAL EFFORT

 

Organizational Chart: Director, CERT Division < Technical Director, Cyber Security Solutions Directorate < Technical Manager, Cyber Workforce Development Initiative < Cyber Workforce Development Team Lead < Cyber Security Engineer - Exercise Developer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

05 Jun
2015
Cyber Security Engineer - Exercise Developer - 2001122
Fort George G. Meade

Position Summary:  As a member of CERT's Workforce Development program, the candidate will work with other team members in developing cyber-security training exercises and simulations, primarily for US military/government customers. This involves interacting directly with customers, gathering training requirements and objectives, producing and facilitating creative and engaging exercise scenarios, and building supporting physical and virtualized systems and network topologies. As such, the candidate will work regularly with a wide range of software and hardware technologies within CERT labs. The candidate may also assist in developing and teaching cyber security training content to external customers. The candidate will also be involved software and hardware prototype development.  Additionally, the position requires the candidate to have demonstrated and effective leadership/management abilities as he/she may supervise and evaluate full time direct reports as well as the activities of graduate student assistants. The successful candidate must be self-directed, have an interdisciplinary approach to problem solving, and work well communicating technical information to technical and non-technical users. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner.

 

Minimum Qualifications and Requirements:

Education/Training:  Bachelor’s degree in Computer Science, Information Science, or related discipline with eight (8) years applicable working experience in information technology, Master’s degree in Computer Science, Information Science, or related discipline with five (5) years of applicable working experience in information technology, PhD Computer Science, Information Science, or related discipline with two (2) years of applicable working experience in information technology, or equivalent combination of training or experience.

Experience: Successful candidates must possess "hands-on" experience with Computer/Network Security and I.T. system and network administration. Additionally, he/she must have practical experience with Windows server and desktop platforms and Linux/Unix operating systems. The candidate must have experience in network design and troubleshooting and implementing standard networking protocols. Additionally, demonstrated practical experience working with common commercial and open-source cyber security tools is required. The candidate should have some experience teaching technical content to students, peers, and non-technical individuals and must enjoy doing so.

Skills/Abilities: Candidate must be able to prioritize workload and complete deliverables on time, have good technical problem-solving skills, strong analytical and information organization skills, excellent oral and written communication skills, and strong technical teaching skills. Candidate must be able to multitask and work effectively with multiple project teams and sponsors/customers. Experience with virtualization technologies, particularly VMWare ESX server is highly desired. Programming experience in C, C++, C#, Python, and Java is also highly desirable.

Physical Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites.

Environmental Conditions: Close contact with computer for long periods of time.

Mental: Ability to pay close attention to detail, meet deadlines, work under pressure, and communicate effectively.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training: BS and MS in Computer Science; training in enterprise security tools (i.e. McAfee ePO/HIPS, ArcSight, etc.).

Licenses: CISSP, Network+, Security+ and/or other industry standard certifications.

Experience: US military service in a series of positions involving information technology, cyber security, and management of large scale government networks.

Skills/Abilities: Strong presentation/platform skills and excellent writing skills.

 

Accountability:  The incumbent is accountable for the definition, creation, and maintenance of final deliverables and products and may manage unclassified/classified DoD projects in excess of $3M annually.

Direction:  The incumbent is expected to act independently using CMU and SEI defined policies, practices, and procedures.

Decisions: The incumbent must use good judgment to solve customer and personnel problems and is required to envision, design, develop, pilot, and deliver new capabilities, products, and services.  Candidate will also be required to accurately represent SEI/CERT and its technical work in interactions with customers, sponsors, and the public.

Supervisory Responsibilities:  The incumbent may have at least 2 direct reports as well as up to 15 secondary reports and will be required to provide performance management, career guidance, and take personnel corrective actions as required.

 

Job Functions or Responsibilities:

10%      Design and develop technical documents and instructional materials.

10%      Research, evaluate, develop, install/configure hardware and software including promising new technologies that require examination for cyber security research and development.

10%      Deliver technical and management training to customers.

55%      Mentor, guide and interact with team and other staff.

15%      Contribute to transition planning and strategy.

100% TOTAL EFFORT

 

Organizational Chart: Director, CERT Division < Technical Director, Cyber Security Solutions Directorate < Technical Manager, Cyber Workforce Development Initiative < Cyber Workforce Development Team Lead < Cyber Security Engineer - Exercise Developer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

05 Jun
2015
Information Security Critical Infrastructure Analyst - 2001121
Pittsburgh, PA

Position Summary: The CERT Program is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Program engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems.  The individual in this position will work as a member of the Critical Resilience Center within the Networked Systems Survivability Program. The CRC team develops solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow organizations to identify, analyze, and manage organizational, operational, and technical risks to mission-critical assets, processes, systems, and infrastructures. The individual will conduct applied research and perform assessments, diagnostics, and analysis techniques to better understand and mitigate risks to cyber environments and the organizational processes that depend on them. Activities will include close work with customers from a variety of organizations, including DoD, government agencies, and commercial organizations.

 

Minimum Qualifications and Requirements:

Education/Training: BS in computer science, software engineering, information systems, or a related scientific/technical field with eight (8) years’ experience.

Licenses: CISSP or CISA

Experience: Professional experience in Industrial Control Systems Security in the Water, Chemical, or Energy Sectors. Operational experience in Critical Infrastructure. Experience with and applied knowledge in: data Analysis, Statistics, and Statistical Tools for quantitative methods; information technology and telecommunications systems; cyber security, survivability, and resilience concepts and issues; critical Infrastructure and Key Resources; software and systems engineering.

Skills/Abilities: Must exhibit the following skills and abilities: understanding of information technology and telecommunications systems; working knowledge of network interoperability, cyber security, and survivability issues, including cyber security best practices and standards; working knowledge of DHS critical infrastructure sectors and related security and resilience issues; development and delivery of information and infrastructure security risk and vulnerability evaluations; ability to conduct analytical studies and investigations; reasoning and problem-solving skills; ability to work independently with limited supervision; ability to interact effectively with customer and to represent the SEI and its capabilities; ability to work well as a member of a cooperative team; ability to work in a matrix organizational structure; ability to recognize and deal appropriately with confidential and sensitive information; ability to implement project plans, monitor project budgets, and identify and mitigate project risks; leadership and mentoring skills; excellent written and oral communication skills; ability to contribute to technical research white papers and reports; ability to prepare papers and deliver presentations to technical and non-technical audiences; ability to contribute to customer technical exchanges and marketing presentations; participation in professional society activities, particularly IEEE and ACM.

Physical/Mobility: Primarily sedentary in an office setting with some mobility. Ability to travel frequently to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings.

Environmental Conditions: Close contact with computer for extended periods of time.

Mental: Strong interest in the human, managerial, and technical aspects of cyber security is critical for this position as are these abilities: take or share leadership role in technical projects; work meticulously with careful attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to understand the big picture, direction, and goals of an effort; ability to develop and communicate innovative ideas; ability to demonstrate initiative and to quickly learn new procedures, techniques, approaches, etc.

Other: Strong interest in cyber security and critical infrastructure protection analysis basis research, applied research, and development.  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information, and maintain that clearance as a condition of employment.   

 

Preferred Qualifications and Requirements:

Education/Training: MS in computer science, software engineering, information systems, or a related scientific/technical field with five (5) years’ experience.  PhD in computer science, software engineering, information systems, or a related scientific/technical field with two (2) years’ experience.

Licenses: CISSP, CISM, GIAC, or similar; certifications from the audit discipline (such as CISA) are also acceptable.

Experience: In addition to the minimum experience above, preferred experience includes: experience in both physical and cyber aspects of security; familiarity with resilience concepts; familiarity with process improvement models such as CMMI or SixSigma, TQM, ISO9000, CERT-RMM; familiarity with standards for measurement (including ISO 15939); familiarity with NIST 800-series standards for information security; familiarity with the DoD DIACAP standard for information assurance certification and accreditation; familiarity with standards for security (ISO 27000), business continuity (BS 25999), and IT operations (ISO 20000); working in a team environment on collaborative projects in critical infrastructure sectors involving network, system or data security; experience employing software engineering techniques in designing and developing distributed, secure software, and experience with / knowledge of any of the following; system administration; networking; firewalls, intrusion detection systems, and other security technologies; application development/programming; relational databases.

Skills/Abilities: In addition to the minimum skills/abilities above, preferred skills/abilities include: ability to lead work teams as needed; consulting skills; demonstrated ability to deliver coursework and training.

 

Accountability: The individual will implement and participate in the planning and execution of projects leading to technical results. The individual will also contribute to project, department, or program objectives and planning document development. The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction: The individual is expected to act independently using CMU, SEI, and CERT defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual must make sound technical decisions with little supervision. The individual must accurately represent the program in interactions with customers, sponsors, and the public. The individual is expected to perform analysis on-site at customer locations and immediately assess potential vulnerabilities requiring further investigation.

Supervisory Responsibilities: This position could involve the training and oversight of the work of other staff members, graduate students, resident affiliates, visiting scientists, and independent contractors. Depending on research project or customer work plan, position may involve task leadership.

 

Job Functions or Responsibilities:

30%     Participate in the examination, analysis, and documentation of assessments, diagnostics, and analysis techniques for information and infrastructure security; examine data on cyber security and technology risks to identify problem areas and propose mitigation alternatives.

25%     Participate in the delivery of existing CERT cyber security, resilience, and risk assessment and analysis approaches with customers and partners; participate in research, analysis, and documentation of cyber security issues, concerns, and risks at customer locations.

20%     Participate in research into innovative and cutting-edge tools, techniques, and methods to improve cyber security and resilience; transition research into applied knowledge for customers.

10%     Deliver courses in operational resilience management, cyber security management, and information security risk management.

5%       Contribute to conferences and meetings; participate in marketing calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.

5%       Contribute to and review the literature in cyber security, resilience, and software engineering.

5%       Provide assistance and input to other teams and projects within the SEI.

100% Total Effort

Organizational Chart: Director CERT Program > Technical Director, Cyber Enterprise and Workforce Management Directorate > Technical Manager, Cyber Resilience Center Team > Information Security Critical Infrastructure Analyst

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

29 May
2015
Multi Media Designer - 2000970
Pittsburgh, PA

Position Summary: The person in this position plans and executes multimedia and/or communication design projects from start to finish to meet customer needs on time and within budget, and according to SEI branding guidelines. He or she understands all aspects and processes related to assigned projects and impacts the project’s final form.

 

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s Degree in art/design or a technical field or equivalent experience.

Experience: Two to three (2-3)  years of experience working in communication design, with experience in information architecture, web design, and video/animation creation.

Skills/Abilities: A combination of communication/information design for print, multimedia, and web design/layout. A deep knowledge of current Adobe products (Photoshop, Illustrator, InDesign, and Acrobat) is a must, as well as proficiency in Microsoft PowerPoint and Word. Must be able to follow branding guidelines and design templates.

Physical Mobility: Normal sedentary position with some mobility, i.e., able to travel throughout SEI facilities and to various campus locations.

Environmental Conditions: Office setting, possibly shared with another staff member. Use of keyboard for prolonged periods. Occasional need to be available outside of regular business hours.

Mental: Ability to translate complex information into tangible work products. Ability to work under pressure; ability to meet deadlines; ability to remain calm while dealing with difficult situations and individuals; must be able to deal with frequent interruptions. Must exercise discretion, keeping sensitive information confidential. Must be flexible, adapting quickly to changes in the workload and work environment, and shifting and competing priorities.

Other: U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Skills/Abilities:  Knowledge of still and video photography. Ability to use a camera. Experience with video editing software. Basic understanding of HTML and CSS, wireframe development and production of visual content for the web.

 

Accountability: Produces quality and creative multimedia or visualization projects from start to finish to meet customers’ needs on time and within budget, and in accordance with SEI branding guidelines.

Direction: Works independently with little supervision. Has latitude for independent judgment in determining materials and methods used to perform necessary work, within SEI branding guidelines.

Decisions: Contributes to multiple projects. Collaborates with project team members and project manager. Prioritizes work requests based on customer needs, job requirements, or budgetary limitations.

Supervision: This position does not supervise others.

 

Job Functions or Responsibilities:

60%      Plans and executes multimedia and/or communication/information design projects from start to finish.

20%      Consults with technical and operational staff to determine multimedia and communication/information design project needs. Uses creative skills to influence the look and design of project components.

10%      Contributes to technical and creative development of new multimedia solutions by Communication Services team. Assists in integrating new multimedia technologies.

10%      Handles aspects of project management: planning, managing, scheduling, and tracking.

 

Organizational Chart: Chief of Staff > Chief Information Officer > Manager, Communication Services > Team Lead, Communication Design, Multi-Media Designer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

20 May
2015
Cyber Operations Trainer - 2000969
Arlington, VA

Position Summary:  This position is with the CERT Coordination Center (CERT/CC) at the Software Engineering Institute (SEI) of Carnegie Mellon University. The CERT/CC is world renowned for excellence in neutral, unbiased expert analysis and opinion on technical issues involving cyber security, and has played a key role in internet security since 1988. The location for the position will be at the SEI office in Arlington, Virginia.

Role: This position is highly technical, and will involve developing and providing technical training to security professionals working with the Department of Homeland Security (DHS), Critical Infrastructure and Key Resources (CIKR) entities, Department of Defense (DoD) and other security and governmental organizations. Works closely with senior staff to develop and deliver technical training to sponsor cyber operations centers.

Explores new and innovative ways in which SEI's technical competencies and capabilities can be applied to current and future technical challenges faced by the constituency. This includes, but is not limited to areas such as malicious code, vulnerability, network traffic, and incident analysis.

 

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science or a related field with three (3) years of experience; MS in Computer Science or related scientific/technical field with one (1) year experience; or equivalent combination of training and experience.

Experience: Candidate should possess one to three (1-3) years’ experience in teaching technical material to small groups developing technical training basic system, network, and/or malware analysis customer service

Skills/Abilities: Successful candidate must:

  • possess excellent analytical and technical problem-solving skills;

  • possess strong customer service skills;

  • have experience in basic scripting and/or programming in a high level language;

  • have significant understanding of and practical experience with various Internet protocols (e.g., TCP/IP, DNS, SMTP, BGP).

Have an excellent understanding of:

  • host/operating system security issues;

  • network security architecture and security issues at all protocol layers;

  • incident response methodology and practices;

  • must have strong written and oral communications skills as well as good interpersonal skills.

Physical Mobility: Primarily sedentary, long periods of sitting; ability to travel to various locations within the SEI and Carnegie Mellon community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions:  Normal office conditions, close contact with computer for prolonged periods of time.

Mental: Ability to work with changing priorities, work meticulously with careful attention to detail, and meet inflexible deadlines.             

Other:    U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science or related field with 3 years applicable experience.

Licenses: Information systems security, incident response and analysis, and other similar certifications are desired.

Experience: Ideal candidates will have 3-5 years’ experience in teaching technical material to small groups training requirements solicitation developing technical training advanced system, network, and/or malware analysis customer service.

 

Accountability: The individual is accountable for Active participation in the development of training materials and delivering technical training as primary or secondary instructor.

Direction: The individual is expected to act with minimal direction using CMU, SEI, , and CERT defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual is expected to participate in the decision-making and problem-solving processes of basic requirements elicitation and validation develop new training materials based on customer requirements.

Supervisory Responsibilities: This position does not formally supervise others.

 

Job Functions or Responsibilities:

60%  Develop and update training materials and related documentation.

25%  Deliver technical training to sponsors.

15% Work directly with SEI staff supporting the community with incident, vulnerability, network, or malicious code analysis work, primarily to maintain and grow candidate skill set.

100%      Total Effort

 

Organizational Chart: CERT Program Director > CERT/CC Technical Director > CERT/CC CSIRT Operations Technical Manager > OAT Team Lead > Cyber Operations Trainer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

20 May
2015
Vulnerability Analysis Technical Manager - 2000967
Pittsburgh, PA

Position Summary:  The Vulnerability Analysis technical area of the CERT/CC is focused on lowering the birth rate of new software vulnerabilities, while increasing their death rate should they be found in operational systems.  This work entails research and development of new vulnerability discovery techniques and tools; coordinating vulnerability disclosure across vendors; providing enterprise guidance on vulnerability management; and supporting system owners in adopting and applying vulnerability analysis techniques.  This group works from the SEI’s Pittsburgh and Washington, D.C. offices, primarily supporting customers in the Washington DC-area.  The position of technical manager is responsible for all aspects of developing and executing the body of work to include setting the technical direction, managing financials, business development, and personnel issues.

 

Minimum Qualifications and Requirements:

Education/Training:  BS in a scientific or technical field with ten (10) years’ experience.

Experience: Experience listed above should include work in providing enterprise-wide security guidance; software development; system evaluation; penetration testing; or security operations.

Prior responsibility managing a collection of teams comprising a total of at least 5 individuals with commensurate personnel and financial authority.

Skills/Abilities:

  • Technical understanding of system, network, and configuration-based vulnerabilities.

  • Knowledge of vulnerability assessment/discovery tools and techniques for software and systems.

  • Knowledge of asset hardening techniques; patch management tools; and associated metrics that track this information for an enterprise.

  • Knowledge of current security and mission challenges by USG intelligence, defense, law enforcement, and civilian organizations in cyber operations.

  • Ability to make security-related metrics have a compelling story to a concerned, but non-technical audience.

  • Practical knowledge of Internet protocols, operations, and governance.

  • Ability to set and implement a strategic direction for a technical group.

  • Ability to conduct technical project management.

  • Ability to brief strategic and technical topics to senior management and non-technical audiences.

  • Ability to sustain a team with business development activity.

  • Ability to foster professional growth and develop technical/professional leadership capabilities in technical staff.

  • Ability to deliver products and services to operational groups.

Physical Mobility: Primarily sedentary in an office setting with some mobility.  Requires travel to various domestic locations within the SEI and CMU community to include the SEI Arlington office; sponsor sites; conferences; and offsite meetings with routine frequency (up to one 2 day trip every 2 weeks).

Environmental Conditions:  Normal office conditions; close contact with computer display for extended periods of time.

Mental:  The ability to:

  • work meticulously with careful attention to detail;

  • meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities;

  • deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff;

  • ability to grasp the big picture, direction, and goals of an effort;

  • develop and communicate innovative ideas; and

excellent oral and written communication skills.

Other: U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information, and maintain that clearance as a condition of employment.   

 

Preferred Qualifications and Requirements:

Education/Training: MS in a related technical field with eight (8) years of experience.

Experience

  • Experience listed above should include running applied research and development projects.

  • Experience above should include working for or supporting the USG.

  • Experience with multiple sponsors.

  • Experience providing support to an operational security environment; missions performing full spectrum cyber operations; for USG PEOs; or customers in critical infrastructure sectors.

  • Experience in system testing and evaluation for the USG.

Skills/Abilities

  • Knowledge of the DoD Information Assurance Vulnerability Management (IAVM) program; and USCC’s INFOCONs, OPORDs, WARNORDs, ODMs, CTOs, and NTDMs.

  • Knowledge of various software testing methodologies, test plans and test case creation, and the defect reporting process.

  • Working knowledge of secure systems and network architecture practices.

  • Knowledge of USG organizational policies and missions areas/owners in cyber operations.

  • Expertise in security monitoring technologies (e.g., NIDS,IPS,HIDS, web proxies, firewalls) and associated analysis tools (e.g., SIEM) and techniques.

  • Expertise in Linux and/or Windows system administration and configuration.

  • Expertise with penetration testing or security evaluation of products or networks.

  • Familiarity with regulatory statutes and certification and accreditation standards (e.g., FISMA, PCI, DIACAP, HIPAA, SOX) which govern an enterprise.

 

Accountability: This position is accountable for the specification and execution of all any Vulnerability Analysis technical area work plans and a subset of the SEI operational plan.

Direction: The individual in this position is expected to act autonomously using CMU, SEI, and NSS, defined policies, practices, and procedures.  Additionally, this position will define those set for their technical area and influence those set for NSS.

Decisions: The individual in this position is expected to make strategic choices about the direction of the technical area that will be distilled into a technical agenda funded by a defined set of existing or new customers and implemented by a team hired to support the specifics tasking.

Supervisory Responsibilities: This position has ultimate supervisory responsibility over all staff in the technical areas to include hiring, performance reviews, salary adjustments, task assignment, and setting the tone and culture of the group.

 

Job Functions or Responsibilities:

30%        Manages group to effectively implement the SEI and task order work plans.  Sets goals and objectives and manages operational and functional business activities.   Develops, implements and tracks short and long term operational plans (financial, staffing, infrastructure, project)

30%        Provides guidance to and monitors the success of team leads in meeting strategic and operational goals. Assesses performance of direct reports and makes salary recommendations for all staff within areas of responsibility.  Provides oversight of team leads and their supervisory responsibilities of technical staff and conducting performance reviews. Responsible for recruitment, hiring, development and retention of all technical and support staff.

20%        Sets technical direction of technical area.  Leads planning process and contribute to the development the CERT strategic plan.  Ensures regular update of technical area’s plan; reviews feasibility of plan, identifies risks and defines risk mitigation strategy.  Articulates vision for internal and external audiences.

10%        Identifies opportunities for new technical projects and manages start-up of new, high-priority technical areas of work. Works with Technical Director of CERT/CC to develop and implement a funding and transition plan for new work areas.

10%        Directs organizational effectiveness and staff learning and development plans. Identifies operational success measures and process improvements.  Leads corrective action.

100% Total Effort

 

Organizational Chart: Division Director, CERT > CERT Coordination Center (CERT/CC) Technical Director >

CERT Vulnerability Analysis Technical Manager

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

05 May
2015
Program Development Manager, Government Program Development - 2000907
Pittsburgh, PA or Arlington, VA

Position SummaryResponsible to the Software Solutions Division (SSD) Director and Deputy Director for identifying, qualifying and developing opportunities for the Federal Government, and principally the Department of the Navy customer portfolio, including:  establish strategic business development goals and objectives focusing principally on the Department of the Navy, but also including customers from other elements of the DoD, the Intelligence Community and non-DoD Federal agencies; development and implementation of action plans to achieve business development goals and objectives; represent SEI products and services at relevant forums, seminars, technical programs and trade shows; participate in technical and professional associations; keep informed about developments in the government, military, and economic, scientific, political, and industrial fields as they apply to SEI products and services; and coordination of business development action plan implementation with program development teams across the SEI to ensure achievement of business development goals.

As a Government Business Manager for assigned DoD (principally Department of the Navy) , Intel and Civil Agency customers, responsible to the SSD Director and Deputy Director for: Management of all customer life-cycle activities for specifically assigned clients, including initial contact, customer qualification, proposal development, contract negotiations, work plan development, budget management, and deliverables; marketing and contractual issues  as the primary SEI point of contact for assigned customers, including understanding assigned customers, their organizations, culture, and their technical needs and funding status for the effective management and delivery of current work, development of additional work scope, and, when necessary, resolution of customer related problems; interfacing with the SEI technical programs to ensure their understanding of customer requirements, objectives, delivery time lines, and customer expectations; interfacing with the SEI financial and business operations to provide oversight, control and management of customer funding; and achieving established annual SSD/SEI funding objectives.  

 

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s Degree in Engineering, Science, Business or equivalent work experience.

Experience: Ten (10) years of progressively responsible experience in business development, acquisition and/or project management activities relating to technical products and services areas across the Federal Government. The successful candidate must have a proven and successful track record of creating and building business in a high-technology area, working with established business processes. The candidate must also understand the customer-related issues and know how to handle the typical challenges of Federal Government and contractor base organizations.

Skills/Abilities: Must have leadership and management skills and possess the ability to work with government programs and industrial organizations at the senior leadership level. Must have a broad-based understanding of Federal Government organizations and a deep understanding of the Department of the Navy and have current and extensive contacts including key decision makers and influencers; must possess the ability to work and influence at all levels within the management hierarchy.

The successful candidate must possess the ability to combine technical aptitude with a business perspective, be comfortable with understanding technical products and services and able to interact effectively with technical staff at the SEI and in customer organizations.

Must have strong written and oral communication skills as well as good interpersonal skills; ability to convey sense of purpose and mission that motivates others.

Essential that the candidate be a solid presenter and capable of communicating with and in front of internal and external customers including audiences from diverse military, Governmental and academic backgrounds.

Must respond quickly and effectively to changing priorities and possess the ability to work simultaneously on multiple projects.

Must possess excellent analytical, organizational, supervisory, reasoning and problem solving skills.

Physical/Mobility: Normally sedentary with some mobility.

Mental: Must thrive under pressure to meet business development goals and objectives. Must be flexible, have the ability to multitask and meet inflexible deadlines.

Other: U.S. Citizenship is required. Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information. Must be willing to undergo government directed polygraph to maintain clearance.

 

Preferred Qualifications and Requirements:

Education/Training:  Master’s Degree in Engineering, Science, Business or equivalent work experience.

           

Accountability: Responsible for the development of a balanced portfolio of customers to contribute proportionately to the annual Software Solutions Division total funding and ceiling objectives.

Direction: Expected to act in support of the SSD goals and objectives and to coordinate and communicate appropriately with cross-Directorate and Division Management, Team Leads, and other Business Managers and SEI Technical Staff.  Models, leads and is committed to the SEI mission to advance software engineering and cybersecurity and related disciplines to ensure the development and operation of systems with predictable and improved cost, schedules and quality.

Decisions: Customer qualification for technical work consistent with the SEI Mission and funding objectives with the ability to monitor multiple large scale engagements that bring needed SEI and customer resources to bear when there are exceptions to the project plan.

Customer negotiations for work scope, delivery schedule and cost estimates including working with the technical programs to develop new products and new business opportunities.

Supervisory Responsibilities: Interfaces with SEI Technical Programs, and Business and Financial Services.

 

Job Functions or Responsibilities:

70%      Strategic planning and business development:  Responsible for managing the life-cycle activities for assigned customers, including but not limited to customer qualifications, proposal development, contract negotiation, work plan development, budget management, on time commitments, and follow-up to ensure customer satisfaction.

20%      Contract Administration / Program Management:  Work with SEI staff, responsible for developing appropriate contracting mechanisms and management of contract requirements as well as tracking and monitoring funding.

10%      Administration/Travel:  Extensive travel required to customer sites and other venues to meet with current and prospective government clients and collaborators.  Travel may be domestic or international.

100% Total Effort

 

Organizational Chart:  SSD Director > SSD Deputy Director > Program Development Manager, Government Program Development

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

23 Apr
2015
Applied Statistician / Data Scientist - 2000855
Pittsburgh, PA or Arlington, VA

Position Summary: A small but growing team of data-centric researchers seeks an applied statistician / data scientist to work on established projects as well as develop new ones. Examples of current projects include developing metrics and experimental designs for large-scale cybersecurity research programs, researching human-in-the-loop machine learning, and performing both exploratory and automated analysis of large corpora of cybersecurity incident data. Though you may encounter big data problems in this position, we find that many of our most interesting challenges currently stem from data quality issues and limited sample sizes. You will have the opportunity to apply, learn, and develop new technical approaches.

You will be expected to work with teams of cybersecurity domain experts as well as other statisticians, and needn’t have previous cybersecurity experience of your own. Explicitly, you will be expected to co-author research proposals and execute applied research (i.e., design research studies and study materials, collect and analyze data, author publications, and present findings to DoD sponsors and academic conferences).

 

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s degree and an academic background in machine learning, statistics, or other related quantitative field with eight (8) years of experience; Master’s degree and an academic background in machine learning, statistics, or other related quantitative field with five (5) years of experience; PhD and an academic background in machine learning, statistics, or other related quantitative field with two (2) years of experience; or equivalent combination of training and experience. Candidates without a PhD should instead have experience demonstrating their knowledge of statistical theory and ability to perform research.

Experience: Two plus (2+) years of experience using statistical methods.

Skills/Abilities: An ideal candidate will have expertise in the following areas. Experience with specific tools and methods are less important to us than evidence that you can learn new tools and methods.

Statistics:

  • Design quantitative metrics with real-world utility and validity.
  • Apply a wide range of analysis techniques to diverse, potentially underspecified real problems.
  • Find, read about and evaluate theoretical results as needed.
  • Execute experimental design basics.
  • Advise on the feasibility, needs, and design of the data-centered component of new project proposals.
  • Design and evaluate data collection strategies aligned to project goals.

Hands-on data analysis:

  • Analyze data in R, Python or similar data analysis ecosystem.
  • Comfortably use tools for reproducible, documented data analysis.
  • Rapidly clean, refactor, explore, model, plot, and merge messy raw datasets.

Collaboration:

  • Work closely with subject-matter experts.
  • Communicate with people in other fields about technical statistical concepts.

Physical / Mobility:  Normal sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community.  May require some bending, stretching, pushing as well as lifting several reams of paper, etc.

Environmental Conditions:  Close contact with computer for extended periods of time.

Mental:  Ability to: meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; work in a team environment to achieve research objectives; deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training: PhD in machine learning statistics, or other related quantitative field.

Experience: Five plus (5+) years of experience in statistics or machine learning.

Skills/Abilities:

  • Strong software engineering skills
  • Cybersecurity experience
  • Experience supporting test and evaluation for large-scale government research programs.

 

Accountability:  The individual will work independently and within teams to achieve project goals.

Direction:  The individual is expected to act independently using CMU, SEI, and CERT defined policies, practices, and procedures – within the scope of assigned work.

Decisions:  The individual must be able to make decisions about the proper scope of assigned research.  This includes being able to discern applicable paper topics, making decisions regarding experimental design and methods, and exercising strong time management skills.  The individual must accurately represent the program in interactions with customers, sponsors, and the public.

Supervisory Responsibilities:  This position may involve the training and supervision of graduate students.

 

Job Functions or Responsibilities:

40%  Data analysis.

25%  Other types of research support including designing experiments and metrics.

15%  Participating in the research community, including attending and presenting at conferences, and reading and writing academic papers.

10%  Writing proposals and reports.                 

10%  Consulting and project planning with other groups in the SEI.

100% Total Effort

 

Organizational Chart:  CERT Program, Director > CERT Program, Technical Director for Cyber Security Foundations > Science of Cyber Security Research Manager > Applied Statistician / Data Scientist

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

23 Apr
2015
Cybersecurity Community Developer - 2000854
Arlington, VA

Position Summary: This position is with the CERT Coordination Center (CERT/CC) at the Software Engineering Institute (SEI) of Carnegie Mellon University. The CERT Coordination Center is world renowned for excellence in neutral, unbiased expert analysis and opinion on technical issues involving cyber security and has played a key role in internet security since 1988.

This position is a technical position which also requires extensive customer and community interaction.  It will involve working with several key government stakeholders to include the Department of Homeland Security (DHS) and Department of Defense (DoD).  It will also require working closely with private sector organizations, specifically critical infrastructure and key resources, to build effective shared analysis and collaboration capabilities to better their organizations and national security interests from cyber-attacks and threats.  

Role:

As a Cybersecurity Community Developer, you will work closely with the cyber security analysts in the public and private sectors to define and implement effective information and cyber analysis capabilities supporting incident analysis and response activities for organizations with national or economic security impact. You will often collaborate with these entities to develop processes and models for effective incident information analysis, technical mitigation development, and product development for dissemination to designated stakeholders.  You will also work with mature critical owner/operators and government stakeholders to develop models for sector-wide cybersecurity information sharing and analysis capabilities.

This position will be responsible the development and delivery of key strategic projects in support of the CERT/CC Incident Analysis team. The candidate selected for this role will also act as a liaison between the CERT/CC and its sponsors for strategic projects, ensuring complete understanding of sponsor requirements. As appropriate, you will work with CERT/CC Incident Analysis team leadership to identify and leverage internal and external resources to meet project timelines, and will perform technical work to contribute to the deliverables.

In addition, you will have an opportunity to explore new and innovative ways in which SEI's technical competencies and capabilities can be applied to current and future technical challenges faced by the constituency. This includes, but is not limited to areas such as malicious code, vulnerability, network traffic, and incident analysis.

Responsibilities:

  • Develop model for information sharing and analysis capabilities in support of the critical infrastructure sectors to include gathering requirements and developing models for capabilities to meet those requirements.

  • Provide CERT/CC and DHS leadership with situational awareness of team strategic projects, and respond appropriately to changing priorities or requirements.

  • Develop and maintain collaborative relationships with sponsors and partners and assisting them in strengthening their analysis and cyber defense capabilities, providing on-site support as necessary.

  • Foster collaboration and information sharing amongst entities within the community.

  • Explore new ways to leverage and apply SEI's expertise to protect the infrastructure of critical infrastructure and other national security interests.

  • Work to continually improve the tools, processes, and systems utilized within the community.

 

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science Information Science, Information Systems Management with eight (8) years applicable experience; or MS with five (5) years of experience.

Experience: Must have experience participating on cross-functional, high technology teams, should be able to operate effectively with all organizations within the cybersecurity community.  Must have understanding of the DoD, DHS and critical infrastructure cybersecurity communities.  Successful candidates should possess “hands-on” experience with computer/network security and IT system and network administration.  The individual must possess knowledge/experience in network design and troubleshooting and have deep knowledge of standard networking protocols.

Skills/Abilities:  Successful candidates will:

  • possess excellent analytical and problem-solving skills;

  • have a strong interest in and basic knowledge of network and computer operations and security issues;

  • be able to make decisions independently and in a self-directed manner in support of the goals of the team and organization;

  • be motivated to tackle challenging problems, and leverage subject matter expertise when available and appropriate;

  • have excellent organizational skills;

  • be able to work meticulously with careful attention to detail;

  • strong customer service skills;

  • ability to work in a team environment with other team members with variety of skills;

  • ability to work remotely or with minimal direct supervision and represent CERT/CC and SEI capabilities to the sponsor;

  • be able to communicate effectively within a team environment;

  • be able to effectively prioritize work;

  • be able to develop and explain technical decisions;

  • recognize and deal appropriately with confidential and sensitive information;

  • interact effectively with technical and non-technical audiences via both verbal and written communications;

  • be able to quickly learn new procedures, techniques, and approaches.

Physical Mobility: Primarily sedentary, long periods of sitting; ability to travel to various locations within the SEI and Carnegie Mellon community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions:  Normal office conditions; however close contact with computer for prolonged periods of time.

Mental: Ability to work under pressure and changing priorities; pay attention to detail; meet inflexible deadlines; deal with difficult individuals while maintaining composure.       

Other:    U.S. Citizenship is required. Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information. This position will work full-time in the Pittsburgh SEI CERT/CC location. Candidate will be required to travel on overnight assignments.

 

Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science Information Science, Information Systems Management with six years applicable experience.

Licenses: Current Information System Security Profession (CISSP) or similar certification, Project Management Professional (PMP).

Experience: Ideal candidates will have experience or substantial knowledge in many of the following additional areas:

  • three to five (3-5( of experience in security aspects of system and/or network administration in a U.S. government agency or contractor environment and/or 5 years of experience as a cyber (technical) analyst in an intelligence, counterintelligence or law enforcement role;

  • experience drafting and formatting technical threat intelligence reports and conduct correlating research using multiple formatted and unformatted data sources;

  • experience developing materials for senior leadership in government or industry;

  • experience developing and implementing information security policies and standard operating procedures;

  • advanced understanding of security vulnerabilities;

  • practical network security training (e.g. SANS GIAC Level 2 courses, CCNP, CCIE Security);

  • advanced forensic or digital media analysis experience.

Skills/Abilities:  Preferred candidates will have the ability to adjust quickly to shifting priorities and make quick decisions with limited information.

 

Accountability: Contributes to program objectives and plans development.  Maintains confidentiality of sensitive information such as security, vulnerability, and site information.

Direction:  Performs under minimal supervision, independent judgment is encouraged.  Most normal duties and responsibilities are handled independently with the use of established procedures and policies.  Difficult or unique situations are referred to the supervisor. Ability to work directly on-site at a customer location with minimal direct supervision from direct supervisor.

Decisions:  Must accurately analyze data from multiple sources, generate defensible results, and represent them in interactions with customers, sponsors, and the public. Participate in conferences and workshops where security-related issues are discussed as required.

Supervisory Responsibilities:  This position has no supervisory responsibilities.

 

Job Functions or Responsibilities:

80%      Develop model for information sharing and analysis capabilities to include gathering requirements and developing models for capabilities to meet those requirements. Manage projects, including production of standardized reports, metrics, project status, and other reports as required. Coordinate and collaborate with partner and counterpart organizations. Deliver reports, briefings, and assessments to leadership, facilitating understanding of cyber threat entities and environments. Support information assurance and cyber threat mitigation decision-making.

15%      Work to build collaborative relationships and foster information sharing among partner entities in the interest of improving cyber analysis and response capabilities.

5%       Developing knowledge and understanding of SEI capabilities; learning how SEI capabilities can be applied to customer problems.

100%      Total Effort

 

Organizational Chart: CERT Program Director > Cyber Threat and Vulnerability Analysis CERT/CC Tech Director > CERT/CC Incident Analysis Technical Manager > Cybersecurity Community Developer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

23 Apr
2015
Senior Cyber Security Engineer - 2000852
Pittsburgh, PA or Arlington, VA

Position Summary: The CERT Division is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Division engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems.

The individual in this position will work as a member of the Cyber Risk Management Team within the Cyber Security Solutions Directorate.  The CRM team develops solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow organizations to identify, analyze, and manage organizational, operational, and technical risks to mission-critical assets, processes, systems, and infrastructures.  The individual will conduct applied research and perform assessments, diagnostics, and analysis techniques to better understand and mitigate risks to cyber environments and the organizational processes that depend on them.  Activities will include close work with customers from a variety of organizations, including DoD, government agencies, and commercial organizations.

 

Minimum Qualifications and Requirements:

 

Education/Training: BS in computer science, software engineering, information systems, or a related scientific/technical field with ten (10) years’ experience, or equivalent combination of training and experience.

 

Experience: Professional experience as a system or network administrator, software engineer, information systems analyst, database administrator or similarly technical occupation. Experience with and applied knowledge in:

  • information technology and telecommunications systems;

  • cyber security, survivability, and resilience concepts and issues;

  • software and systems engineering;

  • building and maintaining DoD customer relationships;

  • data Analytics and quantitative measures;

  • strategic Planning and requirements definition;

  • process Improvement;

  • program planning, budgeting, and management.           

Skills/Abilities:  Must exhibit the following skills and abilities:

  • understanding of information technology and telecommunications systems;

  • working knowledge of network interoperability, cyber security, and survivability issues, including cyber security best practices and standards;

  • working knowledge of DHS critical infrastructure sectors and related security and resilience issues;

  • working knowledge of the DoD and Agency resilience needs and cyber security roadmaps;

  • development and delivery of information and infrastructure security risk and vulnerability evaluations;

  • ability to conduct analytical studies and investigations;

  • reasoning and problem-solving skills;

  • ability to work independently with limited supervision;

  • ability to interact effectively with diverse constituencies internally and externally;

  • ability to work well as a member of a cooperative team; ability to work in a matrix organizational structure;

  • ability to recognize and deal appropriately with confidential and sensitive information;

  • ability to implement project plans, monitor project budgets, and identify and mitigate project risks;

  • leadership and mentoring skills;

  • excellent written and oral communication skills; ability to contribute to technical research white papers and reports; ability to prepare papers and deliver presentations to technical and non-technical audiences; ability to contribute to customer technical exchanges and marketing presentations;

  • ability to work on customer sites with high-ranking members of the Federal Government and US Military to define customer requirements;

  • participation in professional society activities, particularly IEEE and ACM.

Physical/Mobility: Primarily sedentary in an office setting with some mobility.  Ability to travel frequently to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings.

Environmental Conditions: Close contact with computer for extended periods of time.

Mental: Strong interest in the human, managerial, and technical aspects of cyber security is critical for this position as are these abilities:

  • take or share leadership role in technical projects;

  • work meticulously with careful attention to detail;

  • meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities;

  • deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff;

  • ability to understand the big picture, direction, and goals of an effort; ability to develop and communicate innovative ideas; ability to demonstrate initiative and to quickly learn new procedures, techniques, approaches, etc.

Other:  Strong interest in cyber security and critical infrastructure protection analysis basis research, applied research, and development. U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements

Education/Training: MS in computer science, software engineering, information systems, or a related scientific/technical field with eight (8) years’ experience; PhD in computer science, software engineering, information systems, or a related scientific/technical field with five (5) years’ experience, or equivalent combination of training and experience.

Licenses: CISSP, CISM, GIAC, or similar; certifications from the audit discipline (such as CISA) are also acceptable.

Experience: In addition to the minimum experience above, preferred experience includes:

  • experience in both physical and cyber aspects of security; familiarity with resilience concepts;

  • familiarity with process improvement models such as CMMI or SixSigma, TQM, ISO9000, CERT-RMM;

  • familiarity with standards for measurement (including ISO 15939);

  • familiarity with NIST 800-series standards for information security;

  • familiarity with the DoD DIACAP standard for information assurance certification and accreditation;

  • familiarity with standards for security (ISO 27000), business continuity (BS 25999), and IT operations (ISO 20000);

  • working in a team environment on collaborative projects in critical infrastructure sectors involving network, system or data security.

Experience employing software engineering techniques in designing and developing distributed, secure software, and experience with / knowledge of any of the following:

  • system administration:

  • firewalls, intrusion detection systems, and other security technologies:

  • application development/programming:

  • relational databases.

Skills/Abilities: In addition to the minimum skills/abilities above, preferred skills/abilities include:

  • ability to lead work teams as needed;

  • consulting skills;

  • demonstrated ability to deliver coursework and training.

 

Accountability:  The individual will implement and participate in the planning and execution of projects leading to technical results. The individual will also contribute to project, department, or program objectives and planning document development.  The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction:  The individual is expected to act independently using CMU, SEI, and NSS defined policies, practices, and procedures – within the scope of assigned work.

Decisions:  The individual must make sound technical decisions with little supervision. The individual must accurately represent the program in interactions with customers, sponsors, and the public. The individual is expected to perform analysis on-site at customer locations and immediately assess potential vulnerabilities requiring further investigation. 

Supervisory Responsibilities:  This position could involve the training and oversight of the work of other staff members, graduate students, resident affiliates, visiting scientists, and independent contractors.   Depending on research project or customer work plan, position may involve task leadership.

 

Job Functions or Responsibilities:

30%        Participate in the examination, analysis, and documentation of assessments, diagnostics, and analysis techniques for information and infrastructure security; examine data on cyber security and technology risks to identify problem areas and propose mitigation alternatives.

25%        Participate in the delivery of existing NSS cyber security, resilience, and risk assessment and analysis approaches with customers and partners;  participate in research, analysis, and documentation of cyber security issues, concerns, and risks at customer locations.

20%        Participate in research into innovative and cutting-edge tools, techniques, and methods to improve cyber security and resilience; transition research into applied knowledge for customers.

10%        Deliver courses in operational resilience management, cyber security management, and information security risk management.

5%          Contribute to conferences and meetings; participate in marketing calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.

5%          Contribute to and review the literature in cyber security, resilience, and software engineering.

5%          Provide assistance and input to other teams and projects within the SEI.

100% TOTAL EFFORT

 

Organizational ChartDirector, CERT Division > Technical Director, Cyber Security Solutions Directorate > Deputy Director, Cyber Security Solutions Directorate > Technical Manager, Cyber Risk Management Team > Senior Cyber Security Engineer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

20 Apr
2015
Architecture Researcher - 2000853
Pittsburgh, PA

Position Summary: The Software Engineering Institute’s Architecture Practices initiative at Carnegie Mellon University seeks to create architecture-centric theories and practices to increase development efficiency and effectiveness on large-scale software and systems engineering projects.  The Architecture Researcher will join the Architecture Practices team to assist in expanding the established research program in order to create and extend architecture-centric theories and practices for the organization in order to produce systems to meet their business and mission goals. The Architecture Researcher will be responsible for:

  • Contributing to ongoing architecture research efforts, building on new research directions, and validating ideas in customer settings;
  • Defining and developing research strategies and projects, leading research teams, such as the customer efforts or transition project teams, and/or conducting planned research projects as necessary;
  • Directing support activities to enable technical work and the activities of work study or graduate students as appropriate;
  • Communicating the results of his/her research, through publication presentations in peer-reviewed venues;
  • Working with collaborators and customers to apply research outcomes to real world systems;
  • Determining and recommending architecture-centric technical solutions for practical system development programs; and
  • Participating in and leading technical activities in community settings (conferences, workshops, and working groups).

 

Minimum Qualifications and Requirements:

Education/Training: Ph.D. degree in Software Engineering, Computer Science, Information Systems, or a related field, or equivalent combination of training and experience.

Experience: Must have at least two (2) years of experience in architecture research and/or practice architecting systems, which shall include specific experience in:

  • Performing research in architectural modeling, analysis, and generation of safety critical embedded software systems;
  • Performing research in timing analysis and behavioral verification of safety critical systems;
  • Applying architecture-centric research technologies on customer systems in the aerospace domain
  • Publishing at least ten (10) papers in peer-reviewed computer-science venues.
  • Familiarity with avionics standards such as ARINC653, ARINC664, or SAE AS5506 AADL is a plus.

Skills/Abilities: Software development, including Java programming, extending the Eclipse platform (plug-in development). Strong written and verbal communication skills and the ability to present to small and large audiences.

Mobility: Normally sedentary position with some mobility; i.e., able to travel to other campus locations.

Environmental Conditions: Usual office setting, close contact with computer displays for long periods of time.

Mental: Ability to explore and solve complex, ill-defined problems; work meticulously with attention to detail; self-starter willing to take on tasks and develop new research ideas; deal collaboratively, diplomatically, and successfully with customers, co-workers; interact with world-class research community.

Other:  U.S. Citizenship is required. Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information. Candidate will be required to travel on overnight assignments.

 

Accountability: Ability to work on research with minimal supervision; meet deadlines while working on multiple tasks;.

Direction: Expected to act with limited supervision in accordance with SEI procedures, policies, such as those involving technical leadership, analysis, report production, and confidentiality. Requires close collaboration and teaming within and across initiatives and directorates.

Decisions: Suggests possible solutions to colleagues and users.

Supervisory Responsibilities:  This position does not supervise others.

 

Job Functions or Responsibilities:

50%        Research, prototyping, and demonstration of architecture-centric analysis and generation technologies.

30%        Application of architecture-centric technologies in customer settings.

20%        Publication of research results.

100% TOTAL EFFORT


Organizational Chart: SSD Director > AP Initiative Lead > Architecture Researcher

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

16 Apr
2015
Computer Security Information Analyst - 2000827
Pittsburgh, PA or Arlington, VA

Position Summary: This position is with the CERT Coordination Center (CERT/CC) at the Software Engineering Institute (SEI) of Carnegie Mellon University. The CERT/CC is world renowned for excellence in neutral, unbiased expert analysis and opinion on technical issues involving cyber security, and has played a key role in internet security since 1988. The location for the position will be at or near the SEI office in Arlington, Virginia. This position is highly technical, and will involve working with the Department of Homeland Security (DHS), Critical Infrastructure and Key Resources (CIKR) entities, and other security and governmental organizations to build effective information sharing and analysis capabilities to better protect national security interests from computer security threats.

Role: As a Computer Security Information Analyst, the successful candidate will work closely with cyber security analysts in the public and private sectors on a team supporting cyber information and analysis capability sharing to support risk management, incident analysis, and response activities. You will often collaborate with these entities to analyze incident and threat information, develop technical mitigations, and produce reporting to disseminate this information to designated stakeholders.

In addition, you will have an opportunity to explore new and innovative ways in which SEI's technical competencies and capabilities can be applied to current and future technical challenges faced by the constituency. This includes, but is not limited to areas such as malicious code, vulnerability, network traffic, and incident analysis.

Responsibilities:

  • Contribute to day-to-day operations of analysis team responsible for the creation of innovative analysis products based on information and capabilities available from the CERT/CC, government, and collaborators
  • Develop and lead execution of stakeholder analyst-to-analyst feedback processes to understand the needs of the constituency
  • Develop and maintain cooperative relationships with sponsors and collaborators, and assist them in strengthening their analysis and cyber defense capabilities, providing on-site support as necessary
  • Engage critical infrastructure stakeholders to identify their requirements for participation in cyber information sharing and collaboration programs with DHS and help the DHS leads to meet these requirements
  • Foster collaboration and information sharing amongst entities within the community
  • Develop and lead implementation of plan for the secure automated sharing of cybersecurity threat information with critical infrastructure stakeholders
  • Explore new ways to leverage and apply SEI's expertise to protect critical infrastructure and other national security interests
  • Work to continually improve the tools, processes, and systems utilized within the community

 

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science, Information Science, Information Systems Management, or a related field with eight (8) years applicable experience.

Experience: Candidate should have advanced computer security incident handling and analysis experience, be comfortable in Windows and Unix/Linux environments and be able to demonstrate knowledge in the following areas:

  • Understanding of commonly utilized communications protocols
  • Common attack and response methodologies
  • Identification and analysis of actionable computer security information
  • Basic system, network, and malware analysis
  • Basic understanding of security vulnerabilities and the impact that they can have on information systems
  • Administering, maintaining, and securing a small network
  • Theoretical underpinnings of computer security

As well as experience with:

  • Communicating complex technical issues to non-technical audiences
  • Understanding and managing risk in large enterprise infrastructures
  • Developing strategies to defend systems and networks from attacks

Skills/Abilities: Successful candidates will:

  • Possess excellent analytical and technical problem-solving skills
  • Possess strong customer service skills
  • Have a strong interest in and knowledge of network and computer security issues
  • Be able to make decisions independently and in a self-directed manner in support of the goals of the team and organization
  • Be motivated to tackle challenging problems
  • Have excellent organizational skills
  • Be able to work meticulously with careful attention to detail
  • Ability to contribute in a team environment with other team members with  varying skillsets and competencies
  • Ability to work remotely or with minimal direct supervision
  • Be able to communicate effectively within a team environment
  • Be able to effectively prioritize work
  • Be able to develop and explain technical decisions
  • Recognize and deal appropriately with confidential and sensitive information
  • Interact effectively with technical and non-technical audiences via both verbal and written communications
  • Be able to quickly learn new procedures, techniques, and approaches
  • Be able to identify the need for improvements, prototype solutions, and communicate requirements

Physical Mobility: Primarily sedentary, long periods of sitting; ability to travel to various locations within the SEI and Carnegie Mellon community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions:  Normal office conditions, close contact with computer for prolonged periods of time.

Mental: Ability to work under pressure and changing priorities; pay attention to detail; meet inflexible deadlines; deal with difficult individuals while maintaining composure.     

Other:    Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance. Candidate must be able to work full-time at a customer site in the Washington D.C. / Northern Virginia metro area. Candidate will be required to travel on overnight assignments.

 

Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science, Information Science, Information Systems Management with five years applicable experience

Licenses: Information systems security, incident response and analysis, and other similar certifications are desired

Experience: Ideal candidates will have experience or substantial knowledge in many of the following additional areas:

  • 3-5 of experience in security aspects of system and/or network administration in a U.S. government agency or contractor environment and/or experience as a cyber (technical) analyst in a computer network defense, intelligence, counterintelligence or law enforcement role
  • Experience drafting and formatting technical threat intelligence reports and conduct correlating analysis using multiple formatted and unformatted data sources and tool sets
  • Experience developing materials for senior leadership in government or industry
  • Experience developing and implementing information security policies and standard operating procedures
  • Advanced understanding of security vulnerabilities
  • Practical network security training (e.g. SANS GIAC Level 2 courses, CCNP, CCIE Security)
  • Advanced malware, forensic, or digital media analysis experience

 

Accountability:  Contributes to program objectives and plans development.  Maintains confidentiality of sensitive information such as security and vulnerability information.

Direction: Performs under minimal supervision, independent judgment is encouraged.  Most normal duties and responsibilities are handled independently with the use of established procedures and policies.  Difficult or unique situations are referred to the supervisor. Ability to work directly on-site at a customer location with minimal direct supervision from direct supervisor.

Decisions: Must accurately analyze data from multiple sources, generate defensible results, and represent them in reporting products and interactions with customers, sponsors, and the public. Participate in conferences and workshops where security-related issues are discussed as required.

Supervisory Responsibilities: This position has no supervisory responsibilities.

 

Job Functions or Responsibilities:

65% Perform duties as a technical cyber information and fusion analyst team member, incident analyst and technical liaison. Review, analyze and correlate threat data from various sources. Create innovative reporting products based on available information and capabilities. Mentor others in conducting effective analysis, and develop standardized processes for performing analysis. Produce standardized reports, metrics, threat, activity, and mitigation information products. Coordinate and collaborate on cyber threat tracking with partner and counterpart organizations. Deliver reports, briefings, and assessments to leadership, facilitating understanding of cyber threat entities and environments. Support information assurance and cyber threat mitigation decision-making.

15% Work to build collaborative relationships and foster information sharing among partner entities in the interest of improving cyber situational awareness and response capabilities.

15% Work directly with SEI staff supporting the community with incident, vulnerability, network, or malicious code analysis work.

5% Develop knowledge and understanding of SEI capabilities; learning how SEI capabilities can be applied to customer problems.

100%      Total Effort

 

Organizational Chart: CERT Program Director > CERT/CC Technical Director > CSIRT Operations Technical Manager >Team Lead > Computer Security Information Analyst

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

16 Apr
2015
IT Site Administrator - DC - 2000830
Arlington, VA

Position SummaryThe IT Site Administrator is a cross-functional role within the Information Technology and Security (ITS) function of the Software Engineering Institute (SEI) in our office located in Arlington, VA supporting the local IT operations as well as certain Security / Information Assurance functions in concert with ITS staff at the main office in Pittsburgh, PA. This is an opportunity to deal not only with IT server and user issues, but also to assist with routine activities of a Facility and Information Systems Security Officer (FSO and ISSO) as well as Contractor Special Security Officer (CSSO).

 

Minimum Qualifications and Requirements:

Education/Training:     Bachelor’s degree in Computer Science, Information Technology, or related field, or equivalent combination of training and experience. 

Experience: Three or more (3+) years of end-user support, problem identification, problem resolution, and consulting experience. Up to three years of systems administration experience.  One or more years of experience in the maintenance and repair of computer systems and associated peripherals.  Experience working independently on projects with limited supervision. 

Skills/Abilities: Problem solving skills. Able to participate on technical teams; contribute to the improvement of products and services; advanced technical knowledge of desktop operating systems, systems administration, office productivity software, and web browsers; general understanding of technical environments such as networking, enterprise applications infrastructure services, and other technical areas.

Physical Mobility: Some infrequent business travel required. Periodic travel to Pittsburgh office, at least quarterly. Computer hardware installation and configuration required on a regular basis, sometimes involving transport of heavy objects (typically under 100 lbs.) short distances, use of hand tools, et cetera. Carrying of light objects (< 20 lbs.) between buildings may also be required.

Environmental Conditions: Ability to use a computer keyboard and display for extended periods of time; periodic work in a computer machine room or wiring closet environment.

Mental: Able to work under pressure; meet inflexible deadlines; deal with difficult individuals while maintaining composure.  Must have strong customer service orientation. Able to identify, isolate, and resolve systems problems. Must be able to learn from procedural documents and training and then integrate that knowledge into workplace activities.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information and maintain that clearance as a condition of employment. Additional work hours (weekend and evening hours) may be required on an infrequent basis. May be required to stay at or return to work during incidents and/or emergencies to perform duties as requested including possible alarm response incidents.

 

Preferred Qualifications and Requirements:

Licenses:  Microsoft Certifies System Administrator (MCSA),  Microsoft Certifies System Engineer (MCSE), CompTIA A+, CompTIA Network +, CompTIA Security +, Dell Certified Technician; Defense Security Service (DSS) Facility Security Officer (FSO) and/or Information Systems Security Officer (ISSO) certification.           

Experience:  Experience in implementing new services and products; leading technical projects; performing advanced technical support; creating new operational and technical processes and procedures. Experience working in compliance with governmental accreditation requirements for operating IT environments and networks, such as NISPOM, DCID and STIG. Prior experience as a FSO or ISSO.

Other:   Applicant selected will be subject to a security investigation and must meet eligibilityrequirements for access to classified information.

 

Accountability:  Responsible for insuring technical problems for the DC office are resolved to satisfaction of users, providing audio and video support, maintaining and supporting VTC, and administering the telephone systems. Expected to gather information on requirements of users and train users as needed. Acts as a contact person to coordinate with other IT groups on problem resolution and software releases impacting the DC office. This position will report computing needs and trends of the DC office to the IT managers and will ensure that DoD Industrial Security Practices and SEI security practices are followed with respect to access of restricted areas and handling of classified documents

Direction:  Employee will be expected to work under minimum supervision within the defined scope of authority and in accordance with SEI ITS operating guidelines. Primary tasking and performance management will come from the USHS manager. Guidance and oversight for IA and Security matters will come from a security expert  (e.g., ISSM, FSO) or the manager of Security as appropriate.

Decisions:  Must be able to identify user and IT systems issues and resolve issues independently. Information Security issues and complex operational problems are handled in concert with the IAO and IT engineering groups. Makes routine decisions based upon knowledge and understanding of the policies, practices and procedures of IT and Security; novel / complex matters are referred to the appropriate manager or subject matter expert. May make recommendations to improve procedures or work flow in the department.

Supervisory Responsibilities:  This position does not supervise others. 

 

Job Functions or Responsibilities:

30%      Provide advanced technical consulting to assist in resolving difficult software and hardware problems.  Assist users in installing and applications and ensuring that these applications meet IT security and infrastructure requirements. Ensure compliance with SEI IT Practices and Procedures and in some cases will be expected to identify and create procedures to comply.

20%      Install equipment, set up computers, mobile devices, and phones for new users.  Make repairs to computer hardware, and replace hardware. Provide audio and video support. Maintain and support VTC.   Assist in developing user documentation pertaining to the Arlington office. Works with other members of the ITS staff on projects involving the IT infrastructure or as Programs need ITS assistance in the Arlington offices.

20%      Maintain compliance with the NISPOM and other regulatory requirements conducting self-inspections and assisting the FSO/CSSO from Pittsburgh to prepare for annual inspections of the security program at the Arlington Office.  Acts as a liaison for the Information Assurance office in Pittsburgh to facilitate the resolution of IA matters.

10%      Handles building access, assists with obtaining necessary information /paperwork for security clearance requirements, closed areas, and other secure areas.

5%       Monitors security status of facilities and systems and responds to security incidents. Prepares incident reports and follows through with the Security office in Pittsburgh to ensure all incidents are resolved.

5%       Interact with DoD and USG authorities to coordinate activities related to certifications and accreditations under the guidance and direction of IA staff in Pittsburgh.

5%       Assist the Pittsburgh-based asset management team in certain duties (e.g., inventory, tagging).

5%       Training and professional development to keep current with new technologies and government regulations. May involve periodic travel to the SEI office in Pittsburgh, PA.

100% Total Effort

 

Organizational ChartSEI > Chief Information Officer (CIO) > User Services & Hardware Support (USHS) Manager  > DC Site Administrator

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

10 Apr
2015
CERT/CC CSIRT Operations Technical Manager - 2000766
Pittsburgh, PA or Arlington, VA

Position Summary:  The CSIRT Operations technical area of the CERT Coordination Center (CERT/CC) supports USG Cyber Centers, SOCs, national coordination initiatives and the international response community through directed analysis, applied research and development and capacity building activities.  This approximately 20-person group works from the SEI’s Pittsburgh and Arlington offices, and is embedded at USG facilities in the Washington DC-Baltimore area.  The position of technical manager is responsible for all aspects of developing and executing the body of work to include setting the technical direction; managing financials; business development; and personnel issues.

Minimum Qualifications and Requirements:

Education/Training:  BS in a Computer Science or related scientific/technical field with ten (10) years’ experience, or equivalent combination of training and experience.

 

Experience:  Experience listed above should include:

  • Work in cyber security or intelligence operations;
  • Prior responsibility managing a team comprising a total of at least 5 individuals with commensurate personnel and financial authority. 
  • These individuals should have had cyber operations roles.

Skills/Abilities: Working knowledge of:

  • Current security challenges and threats faced by a subset of the following audiences: USG intelligence, defense, law enforcement, civilian departments, and critical infrastructure;
  • USG missions areas/owners in cyber security;
  • Community best practices in cyber operations and associated tools/techniques
  • Internet protocols, operations, and governance.

Ability to:

  • Set and implement a strategic direction for a technical group;
  • Codify operational experience into best practices;
  • Conduct technical project management;
  • Brief strategic and technical topics to senior management and non-technical audiences;
  • Sustain a team with business development activity;
  • Foster professional growth and develop technical/professional leadership capabilities in technical staff.

Physical Mobility:  Primarily sedentary in an office setting with some mobility.  Requires travel to various domestic locations within the SEI and CMU community to include the SEI Arlington/Pittsburgh office; sponsor sites; conferences; and offsite meetings with routine frequency (up to one 2 day trip every week).

Environmental Conditions:  Normal office conditions; close contact with computer display for extended periods of time.

Mental:  The ability to: work meticulously with careful attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort; develop and communicate innovative ideas; and excellent oral and written communication skills.

Other: U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training: MS in a related technical field with ten (10) years of experience.

Experience:  Experience listed above should include:

  • Working for or supporting the USG;
  • Supporting multiple sponsors/customers;
  • Supporting customers in an operational security environment such as incident response, intelligence, or a security operations center;
  • Supporting elements of the critical infrastructure sectors or international NCSIRTs;
  • Leading community building activities in the critical infrastructure, NCSIRT, or USG space
  • Establishing and defining processes for operational security organizations, and codifying best practices from community and operational experience;
  • Leading workforce/capacity building projects;
  • Prior responsibility in managing a team of 15-20 individuals with commensurate personnel and financial authority;
  • Participation in public and closed community security forums through activities such as publication, presentation, collaborative security operations, and collaborative research.

Skills/Abilities: 

  • Practical experience leading, defining, or applying TTPs for cyber operations;
  • Working knowledge of secure systems and network architecture practices. 

  

Accountability:  This position is accountable for the specification and execution of all any Incident Analysis technical area work plans and a subset of the SEI operational plan.

Direction:  The individual in this position is expected to act autonomously using CMU, SEI, and NSS, defined policies, practices, and procedures.  Additionally, this position will define those set for their technical area and influence those set for CERT.

Decisions:  The individual in this position is expected to make strategic choices about the direction of the technical area that will be distilled into a technical agenda funded by a defined set of existing or new customers and implemented by a team hired to support the specifics tasking.

Supervisory Responsibilities:  This position has ultimate supervisory responsibility over all staff in the technical areas to include hiring, performance reviews, salary adjustments, task assignment, and setting the tone and culture of the group.

 

Job Functions or Responsibilities:

30%                  Manages group to effectively implement the SEI and task order work plans.  Sets goals and objectives and manages operational and functional business activities.   Develops, implements and tracks short and long term operational plans (financial, staffing, infrastructure, project).

30%                  Provides guidance to and monitors the success of team leads in meeting strategic and operational goals. Assesses performance of direct reports and makes salary recommendations for all staff within areas of responsibility.  Provides oversight of team leads and their supervisory responsibilities of technical staff and conducting performance reviews. Responsible for recruitment, hiring, development and retention of all technical and support staff.

20%                  Sets technical direction of technical area.  Leads planning process and contribute to the development the CERT strategic plan.  Ensures regular update of technical area’s plan; reviews feasibility of plan, identifies risks and defines risk mitigation strategy.  Articulates vision for internal and external audiences.

10%                  Identifies opportunities for new technical projects and manages start-up of new, high-priority technical areas of work. Works with Technical Director of CERT/CC to develop and implement a funding and transition plan for new work areas.

10%                  Directs organizational effectiveness and staff learning and development plans. Identifies operational success measures and process improvements.  Leads corrective action.

100% Total Effort

 

Organizational Chart: Division Director, CERT < CERT/CC Technical Director < CERT CSIRT Operations Technical Manager

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

06 Apr
2015
Senior Software Developer - 2000768
Pittsburgh, PA or Arlington, VA

What we do:  The SEI Emerging Technology Center helps the government stay on the edge of technology.  The world is innovating software and information technologies rapidly, and the Center identifies, demonstrates, and applies emerging software technologies to meet critical mission needs.  We focus on promoting government awareness and knowledge of emerging technologies and their application, and shaping and leveraging academic and industrial research. 

Position Summary:  The SEI Emerging Technology Center is a focused on matching state-of-the-art software research with critical U.S. Government (USG) needs.  This position will support the Center’s mission by developing, applying, demonstrating, evaluating, and transitioning software capabilities that operationalize research concepts of significant value to the USG.  Software developers in the Center work on leading edge technologies and apply them to important and challenging problems. It is a dynamic and flexible development environment with constant opportunities to develop new skills, to learn new programming methods and techniques, to work on emerging architectures and systems, and to make a difference.

Duties include:  Take hands-on lead role on team of Software Developers; develop and code software solutions that provide needed capabilities to the USG building on state-of-the-art research in analytics, data architectures, software assurance, security, and human information interaction; conduct rapid software prototyping to demonstrate and evaluate technologies in relevant environments; conduct performance, security, and other aspects of evaluating software systems; test software capabilities using novel testing and analysis techniques; document software with an emphasis on architectures, user stories, and interface definitions; practice agile software development methods and actively participate on teams of software developers, researchers, designers, and technical leads; support software development infrastructure and assist in building and configuring computing systems and resources; interface with the research community and the USG to understand challenges, needs, and possible solutions; contribute to improving the overall technical capabilities of the Center by mentoring and teaching others, participating in design (software and otherwise) sessions, and sharing insights and wisdom across the SEI Emerging Technology Center team.

 

Minimum Qualifications and Requirements:

Education/Training:  Bachelors of Science in Computer Science, Information Systems, or related field with ten (10) years’ experience in hands on software development, or equivalent; Masters of Science in Computer Science, Information Systems, or related field with eight (8) years’ experience in hands on software development, or equivalent; Ph.D. with five (5) years’ experience is a plus.

Experience:  Professional experience listed above to include the following areas:  eight (8) years of production or intensive research software development experience in modern languages such as C/C++ or Java; knowledge of other commonly used language such as Perl, Python, Ruby, JavaScript, etc.; working knowledge of some modern computing paradigms and environments such as NoSQL systems (Hadoop, CouchDB, MapReduce), cloud computing and virtualization, parallel programming, HPC development, network programming, mobile development, and interface development; familiarity with end-to-end software development activities in Linux/Windows/Unix/Web environments; familiarity with software development tools including IDEs (Eclipse, IntelliJ, emacs etc.), version control systems (git, svn, p4 etc.) and bug tracking systems (e.g., bugzilla); working knowledge and experience in participating in agile software development practices and team design sessions; experience as team lead or supervisor; demonstrated problem solving ability with the ability to explore and evaluate many possible solutions to problems; proven contribution to open source development projects is a plus.

Skills/Abilities:  Knowledge of:  Software development in Python, C/C++, Java, and other modern languages; modern computing, data, and storage solutions including advanced web development (HTML5, Adobe Flex, PHP), data processing architectures (MapReduce, Hadoop, BigTable) including cloud computing and virtualization concepts; virtualization, hypervisors, cloud controllers, and other cloud provisioning concepts; algorithm design and analysis including analysis of algorithm complexity; familiarity with of core Internet protocols (e.g., TCP/IP, BGP, UDP, ICMP, DNS, SMTP, HTTP, etc.); software / systems development lifecycle, QA testing, revision control, and change management practices.

Physical Mobility: Primarily sedentary in an office setting with some mobility. Flexible to travel to various locations within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion. Travel outside of Pittsburgh limited to no more than 5 working days a month.

Environmental Conditions: Normal office conditions; close contact with computer screen for extended periods of time.

Mental: The ability to:  explore and solve complex, ill-defined problems; work meticulously with attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; self-starter willing to take on tasks and initiate constructive activity with little guidance; deal collaboratively, diplomatically, and successfully with customers, co-workers, and other professional colleagues, managers, and staff; grasp the big picture, direction, and goals of an effort; interface with world-class research community; develop and communicate innovative ideas; quickly learn new procedures, techniques, and approaches.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training:  Ph.D. in Computer Science, Mathematics, Information Systems, or related discipline with five (5) years’ experience.

 

Accountability:  This position will be responsible for exploring, defining, developing, demonstrating, and, in some cases, transitioning software capabilities.  This includes working with a team of developers, researchers, designers, and other technical personnel to create solutions.

Direction:  This position is expected to act with minimal supervision in accordance with SEI procedures and policies, such as those involving product development, team interaction, and confidentiality.

Decisions:  This position will explore, develop, and demonstrate software capabilities and make implementation choices for a wide-range of software-intensive problems.

Supervisory Responsibilities:  This position will eventually supervise a team of approximately 2 to 6 developers, and will act in the capacity of a mentor to solutions architects, software developers, and designers.

 

Job Functions or Responsibilities:

30% Design, develop, test, document, and demonstrate software.

20% Lead, direct, and oversee the activities of a team of developers working on diverse set problems and projects; development and management the development infrastructure and support the development team.

20% Interface with the research community to understand the state of research ideas and the practicality of applying those ideas to real USG problems and challenges.  Interface with USG customers to understand their needs and capabilities and identify possible solutions.

20%  Actively participate in agile team software development activities and team brainstorming, innovations, and design sessions.

10%  Participate in the broader SEI software research community through collaboration, papers, and presentations.


100% Total Effort

 

Organizational Chart:  SEI Emerging Technology Center Director < SEI Emerging Technology Center Technical Director < Senior Software Developer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

24 Mar
2015
Cyber Security Engineer - Exercise Developer - 2000687
Arlington, VA

This is located in Arlington, VA

Position Summary:  As a member of CERT's Workforce Development program, the candidate will work with other team members in developing cyber-security training exercises and simulations, primarily for US military/government customers. This involves interacting directly with customers, gathering training requirements and objectives, producing and facilitating creative and engaging exercise scenarios, and building supporting physical and virtualized systems and network topologies. As such, the candidate will work regularly with a wide range of software and hardware technologies within CERT labs. The candidate may also assist in developing and teaching cyber security training content to external customers. The candidate will also be involved software and hardware prototype development.  Additionally, the position requires the candidate to have demonstrated and effective leadership/management abilities as he/she may supervise and evaluate full time direct reports as well as the activities of graduate student assistants. The successful candidate must be self-directed, have an interdisciplinary approach to problem solving, and work well communicating technical information to technical and non-technical users. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner.

Minimum Qualifications and Requirements:

Education/Training:  Bachelor’s degree in Computer Science, Information Science, or related discipline with eight (8) years applicable working experience in information technology, Master’s degree in Computer Science, Information Science, or related discipline with five (5) years applicable working experience in information technology, PhD Computer Science, Information Science, or related discipline with two (2) years applicable working experience in information technology, or equivalent combination of training or experience.

Experience: Successful candidates must possess "hands-on" experience with Computer/Network Security and I.T. system and network administration. Additionally, he/she must have practical experience with Windows server and desktop platforms and Linux/Unix operating systems. The candidate must have experience in network design and troubleshooting and implementing standard networking protocols. Additionally, demonstrated practical experience working with common commercial and open-source cyber security tools is required. The candidate should have some experience teaching technical content to students, peers, and non-technical individuals and must enjoy doing so.

Skills/Abilities: Candidate must be able to prioritize workload and complete deliverables on time, have good technical problem-solving skills, strong analytical and information organization skills, excellent oral and written communication skills, and strong technical teaching skills. Candidate must be able to multitask and work effectively with multiple project teams and sponsors/customers. Experience with virtualization technologies, particularly VMWare ESX server is highly desired. Programming experience in C, C++, C#, Python, and Java is also highly desirable.

Physical Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites.

Environmental Conditions: Close contact with computer for long periods of time.

Mental: Ability to pay close attention to detail, meet deadlines, work under pressure, and communicate effectively.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training: BS and MS in Computer Science; training in enterprise security tools (i.e. McAfee ePO/HIPS, ArcSight, etc.)

Licenses: CISSP, Network+, Security+ and/or other industry standard certifications

Experience: US military service in a series of positions involving information technology, cyber security, and management of large scale government networks.

Skills/Abilities: Strong presentation/platform skills and excellent writing skills.

 

Accountability:  The incumbent is accountable for the definition, creation, and maintenance of final deliverables and products and may manage unclassified/classified DoD projects in excess of $3M annually.

Direction:  The incumbent is expected to act independently using CMU and SEI defined policies, practices, and procedures.

Decisions: The incumbent must use good judgment to solve customer and personnel problems and is required to envision, design, develop, pilot, and deliver new capabilities, products, and services.  Candidate will also be required to accurately represent SEI/CERT and its technical work in interactions with customers, sponsors, and the public.

Supervisory Responsibilities:  The incumbent may have at least 2 direct reports as well as up to 15 secondary reports and will be required to provide performance management, career guidance, and take personnel corrective actions as required.

 

Job Functions or Responsibilities:

10%      Design and develop technical documents and instructional materials.

10%      Research, evaluate, develop, install/configure hardware and software including promising new technologies that require examination for cyber security research and development.

10%      Deliver technical and management training to customers.

55%      Mentor, guide and interact with team and other staff.

15%      Contribute to transition planning and strategy.

100% TOTAL EFFORT

 

Organizational Chart: Director, CERT Division < Technical Director, Cyber Security Solutions Directorate < Technical Manager, Cyber Workforce Development Initiative < Cyber Workforce Development Team Lead < Cyber Security Engineer - Exercise Developer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

18 Mar
2015
Associate Cyber Security Researcher - 2000670
Pittsburgh, PA

Position Summary: The CMU/SEI Forensic Operations and Investigations team is a leading edge analytical resource focusing on critical U.S. Government (USG) needs.  For the past 10 years, CERT has provided analytical and operational support to high-profile investigations including numerous activities of national or international significance. Through this work the FOI can see the current limitations of digital analysis and incident response in the field first hand. Combining applied research with the unique talents, operational experience, research capabilities, and the vast knowledge base of Carnegie Mellon University, FOI is unmatched in its ability to develop new tools and methods to address cyber security limitations and critical gap areas.

This individual will serve in a multi-disciplinary role providing ongoing support to federal law enforcement, defense agencies, and the national intelligence community. As a member of the FOI team this candidate will provide support to on-going operations in the areas of incident response and investigation, full-spectrum digital forensics and applied research in emerging areas of cybercrime. At times, this position will require the team member to develop and deliver training modules related the aforementioned domains.

The successful candidate must have proven computer forensics experience in multi-jurisdiction criminal investigations, be self-directed, have a track record of creating interdisciplinary approaches to problem solving, and demonstrate exceptionally strong presentation and instructional skills. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner.

 

Minimum Qualifications and Requirements:

Education/Training: BS Computer Science, Information Security or other related discipline and a minimum of three (3) years of related experience, or equivalent combination of traning and experience.

Licenses: Certified Encase Examiner, ACE. CISSP, GIAC, SSCP, OSCP or other related/relevant certifications preferred.

Experience:  At least four or more (4+) year’s relevant experience in computer forensics, to include field and laboratory collection/imaging, analysis, with prior court room testimony preferred.  Technical experience required with host and network based forensics investigations and tools, analysis of Microsoft Windows, Unix/Linux and Mac OS operating systems, and removable media data recovery.

Skills/Abilities: Candidate must be able to prioritize workload and complete deliverables on time, have good technical problem-solving skills, have strong analytical and information organization skills, have excellent oral and written communication skills, and strong technical teaching skills.  Candidate must be skilled in instructional design, course development, and evaluation techniques.  Candidate must be able to multi-task and work effectively with multiple project teams and sponsors/customers. Technical proficiency with operating systems and detailed knowledge of network protocols are required.

Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites.

Environmental Conditions: Close contact with CRT for long periods of time.

Mental:  Ability to pay close attention to detail, meet deadlines, work under pressure, and communicate effectively.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements

Education/Training: BS in Computer Science, Information Security or other related discipline with a minimum of three (3) years of applicable experience; MS in Computer Science, Information Security or other related discipline with a minimum of one (1) year of applicable experience; or equivalent combination of training and experience.

Experience: Experience with state or federal law enforcement organization; operational knowledge of recently enacted state and federal laws and procedures relating to computer forensics investigations; coordination with criminal investigators, including courtroom testimony. 

Skills/Abilities:

  • Penetration Testing

  • Information and network security including experience with IDS/IPS

  • Knowledge of common vulnerabilities, exploits and mitigations

  • Digital Forensics (host, network and mobile devices)

  • Incident Response

  • Ability to research and characterize security threats including defining appropriate countermeasures

  • Hardware or software reverse engineering for either vulnerability discovery/assessment or malware analysis

  • Virtual infrastructure and hypervisors

  • Experience with common security controls including firewalls, proxies, IDS/IPS, Web Application Firewalls

  • Technical knowledge of fundamental Internet protocols, services, and technologies to include HTTP, TLS, DNS, SMTP, TCP/IP, ICMP, AJAX, JSON, REST

  • 2+ years with a scripting language including SQL, Python, Ruby, JavaScript, Perl, PHP and/or shell scripting

 

Accountability:  The incumbent is accountable for the definition, creation, and maintenance of final deliverables and products.

Direction: The incumbent is expected to act independently using CMU and SEI defined policies, practices, and procedures.

Decisions:  Required to design, develop, pilot and deliver products.  Required to accurately represent NSS and its technical work in interactions with customers, sponsors, and the public.

Supervision:  Contributes to hiring decisions of program staff; mentors junior staff; supervises student interns.  The experienced candidate may perform project management responsibilities.

 

Job Functions or Responsibilities:

55%     Operational support for SEI customers.

20%     Perform applied research in emerging areas of digital forensics.

15%     Deliver technical and management training to customers.

5%       Mentor, guide and interact with team and other staff.

5%       Contribute to the research and technical agendas of the FOI.                   

100%      Total Effort

 

Organizational Chart:  Director, CERT Program < Technical Manager, FOI < Cyber Security Researcher

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

18 Mar
2015
Cyber Security Researcher - 2000672
Pittsburgh, PA or Arlington, VA

Position Summary: The CMU/SEI Forensic Operations and Investigations team is a leading edge analytical resource focusing on critical U.S. Government (USG) needs.  For the past 10 years, CERT has provided analytical and operational support to high-profile investigations including numerous activities of national or international significance. Through this work the FOI can see the current limitations of digital analysis and incident response in the field first hand. Combining applied research with the unique talents, operational experience, research capabilities, and the vast knowledge base of Carnegie Mellon University, FOI is unmatched in its ability to develop new tools and methods to address cyber security limitations and critical gap areas.

This individual will serve in a multi-disciplinary role providing ongoing support to federal law enforcement, defense agencies, and the national intelligence community. As a member of the FOI team this candidate will provide support to on-going operations in the areas of incident response and investigation, full-spectrum digital forensics and applied research in emerging areas of cybercrime. At times, this position will require the team member to develop and deliver training modules related the aforementioned domains.

The successful candidate must have proven computer forensics experience in multi-jurisdiction criminal investigations, be self-directed, have a track record of creating interdisciplinary approaches to problem solving, and demonstrate exceptionally strong presentation and instructional skills. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner.

 

Minimum Qualifications and Requirements:

Education/Training: BS Computer Science, Information Security or other related discipline and a minimum of eight (8) years of related experience; or equivalent combination of training and experience.

Licenses: Certified Encase Examiner, ACE. CISSP, GIAC, SSCP, OSCP or other related/relevant certifications preferred.

Experience:  At least four or more (4+) year’s relevant experience in computer forensics, to include field and laboratory collection/imaging, analysis, with prior court room testimony preferred.  Technical experience required with host and network based forensics investigations and tools, analysis of Microsoft Windows, Unix/Linux and Mac OS operating systems, and removable media data recovery.

Skills/Abilities: Candidate must be able to prioritize workload and complete deliverables on time, have good technical problem-solving skills, have strong analytical and information organization skills, have excellent oral and written communication skills, and strong technical teaching skills.  Candidate must be skilled in instructional design, course development, and evaluation techniques.  Candidate must be able to multi-task and work effectively with multiple project teams and sponsors/customers. Technical proficiency with operating systems and detailed knowledge of network protocols are required.

Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites.

Environmental Conditions: Close contact with CRT for long periods of time.

Mental:  Ability to pay close attention to detail, meet deadlines, work under pressure, and communicate effectively.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements

Education/Training: BS in Computer Science, Information Security or other related discipline with a minimum of eight (8) years of applicable experience; MS in Computer Science, Information Security or other related discipline with a minimum of five  (5) years of applicable experience; PhD in Computer Science, Information Security or other related discipline with a minimum of two (2) years of applicable experience; or equivalent combination of training and experience.

Experience: Experience with state or federal law enforcement organization; operational knowledge of recently enacted state and federal laws and procedures relating to computer forensics investigations; coordination with criminal investigators, including courtroom testimony. 

Skills/Abilities:

  • Penetration Testing

  • Information and network security including experience with IDS/IPS

  • Knowledge of common vulnerabilities, exploits and mitigations

  • Digital Forensics (host, network and mobile devices)

  • Incident Response

  • Ability to research and characterize security threats including defining appropriate countermeasures

  • Hardware or software reverse engineering for either vulnerability discovery/assessment or malware analysis

  • Virtual infrastructure and hypervisors

  • Experience with common security controls including firewalls, proxies, IDS/IPS, Web Application Firewalls

  • Technical knowledge of fundamental Internet protocols, services, and technologies to include HTTP, TLS, DNS, SMTP, TCP/IP, ICMP, AJAX, JSON, REST

  • 2+ years with a scripting language including SQL, Python, Ruby, JavaScript, Perl, PHP and/or shell scripting

 

Accountability:  The incumbent is accountable for the definition, creation, and maintenance of final deliverables and products.

Direction: The incumbent is expected to act independently using CMU and SEI defined policies, practices, and procedures.

Decisions:  Required to design, develop, pilot and deliver products.  Required to accurately represent NSS and its technical work in interactions with customers, sponsors, and the public.

Supervision:  Contributes to hiring decisions of program staff; mentors junior staff; supervises student interns.  The experienced candidate may perform project management responsibilities.

 

Job Functions or Responsibilities:

55%     Operational support for SEI customers.

20%     Perform applied research in emerging areas of digital forensics.

15%     Deliver technical and management training to customers.

5%       Mentor, guide and interact with team and other staff.

5%       Contribute to the research and technical agendas of the FOI.       

Organizational Chart:  CERT Division Director, Technical Director, Cyber Security Solutions > Deputy Director, Cyber Security Solutions > Technical Manager, Forensic Operations and Investigations > Cyber Security Researcher

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

20 Feb
2015
Cyber Security Engineer - Penetration Tester - 2000574
Pittsburgh, PA or Arlington, VA

This position can be located in Pittsburgh, PA or Arlington, VA.

Position Summary:  The CERT Division is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Division engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems.

The individual in this position will work as a member of the Cybersecurity Assurance (CA) Team within the Networked Systems Survivability Program. The CA team develops solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow organizations to assess, analyze, and manage organizational, operational, and technical risks to mission-critical assets, processes, systems, and infrastructures.

 

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science (or other technical field) with three (3) years’ experience, or equivalent combination of training and experience.

Certifications:  Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), and/or Certified Ethical Hacker (CEH)

Experience: Professional experience as a penetration tester, system or network administrator, information systems auditor, software engineer, information systems analyst, or similarly technical occupation.

Experience with and applied knowledge in:

  • Common penetration testing methodologies and tactics (PTES, OWASP testing guide, etc.)

  • Popular penetration testing toolsets (Metasploit framework, vulnerability scanners, web application scanners, Nmap)

  • Knowledge of common networking protocols and services

  • Basic knowledge of exploit development and application fuzzing

  • Windows and Linux Operating System environments, networking devices, and common database platforms

  • Cyber security, survivability, and resilience concepts and issues

  • Software and systems engineering

  • Building and maintaining customer relationships

  • Data analytics and quantitative measures

  • Strategic Planning and requirements definition

  • Process improvement

  • Program planning, budgeting, and management

Skills/Abilities: Must exhibit the following skills and abilities:

  • Understanding of information technology, penetration testing, and telecommunications systems

  • Working knowledge of network interoperability, cyber security, and survivability issues, including cyber security best practices and standards

  • Working knowledge of DHS critical infrastructure sectors and related security and resilience issues

  • Working knowledge of the DoD and Agency resilience needs and cyber security roadmaps

  • Development and delivery of information and infrastructure security risk and vulnerability evaluations

  • Ability to conduct analytical studies and investigations

  • Reasoning and problem-solving skills

  • Ability to work independently with limited supervision

  • Ability to interact effectively with diverse constituencies internally and externally

  • Ability to work well as a member of a cooperative team; ability to work in a matrix organizational structure

  • Ability to recognize and deal appropriately with confidential and sensitive information

  • Ability to implement project plans, monitor project budgets, and identify and mitigate project risks

  • Leadership and mentoring skills

  • Excellent written and oral communication skills; ability to contribute to technical research white papers and reports; ability to prepare papers and deliver presentations to technical and non-technical audiences; ability to contribute to customer technical exchanges and marketing presentations

  • Ability to work on customer sites with high-ranking members of the Federal Government and US

  • Participation in professional society activities, particularly IEEE and ACM 

Physical/Mobility: Primarily sedentary in an office setting with some mobility. Ability to travel frequently to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings.

Environmental Conditions: Close contact with computer for extended periods of time.

Mental: Strong interest in the human, managerial, and technical aspects of cyber security is critical for this position as are these abilities:

  • Take or share leadership role in technical projects

  • Work meticulously with careful attention to detail

  • Meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities

  • Deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff

  • Ability to understand the direction, and goals of an effort; ability to develop and communicate innovative ideas; ability to demonstrate initiative and to quickly learn new procedures, techniques, approaches, etc.

Other: Strong interest in cyber security and critical infrastructure protection analysis basis research, applied research, and development. U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science (or related technical field) with five (5) years’ experience or equivalent experience.

Certifications:  Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), and Certified Information Systems Auditor (CISA),

Experience: 

  • Expert proficiency with a variety of technical vulnerability analysis tools
  • Advanced penetration testing experience
  • Software development experience and advanced exploit development

Skills/Abilities: Strong presentation/platform skills and excellent writing skills.

 

Accountability: The individual will implement and participate in the planning and execution of projects leading to technical results. The individual will also contribute to project, department, or program objectives and planning document development. The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction: The individual is expected to act independently using CMU, SEI, and NSS defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual must make sound technical decisions with little supervision. The individual must accurately represent the program in interactions with customers, sponsors, and the public. The individual is expected to perform analysis on-site at customer locations and immediately assess potential vulnerabilities requiring further investigation. 

Supervisory Responsibilities: This position could involve the training and oversight of the work of other staff members, graduate students, resident affiliates, visiting scientists, and independent contractors. Depending on research project or customer work plan, position may involve task leadership.

 

Job Functions or Responsibilities:

60% Participate in risk and vulnerability assessments operating in a technical leadership role; analyze assessment data to identify risk areas and propose mitigation alternatives.

15% Participate in research into innovative and cutting-edge tools, techniques, and methods to improve cyber security and penetration testing; transition research into applied knowledge for customers.

10% Deliver courses on offensive security tools and tactics and penetration testing management.

5% Contribute to conferences and meetings; participate in marketing calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.

5% Contribute to and review the literature in cyber security, resilience, and software engineering.

5% Provide assistance and input to other teams and projects within the SEI.                     

100% Total Effort

 

Organizational Chart:  Director, CERT Division < Technical Director, Cyber Security Solutions Directorate < Deputy Director, Cyber Security Solutions Directorate < Technical Manager, Cybersecurity Assurance Team < Cyber Security Engineer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

09 Feb
2015
Infrastructure Engineer - 2000529
Pittsburgh, PA

Position Summary: The SEI Emerging Technology Center is a focused on matching state-of-the-art software research and emerging technologies with critical U.S. Government (USG) needs.  This position will support the Center's mission by building and maintaining our technological infrastructure including our one teraflop cluster. Technical Staff in the Center work on leading edge software and hardware technologies and apply them to important and challenging problems.    It is a dynamic, flexible and collaborative development environment with constant opportunities to develop new skills, learn new programming methods and techniques, work on emerging architectures and systems, and make a difference.  This position provides an opportunity for highly motivated individuals to contribute to cutting edge technological development.  The person in this position is responsible for defining conventions, implementing standards, and communicating best practices for staff that access the Center's Hardware.


Duties include:  Take hands-on role on team of Software Developers, Technical Analysts and Intelligence Analysts to design, build and maintain infrastructure solutions that support providing needed capabilities to the USG building on state-of-the-art research in analytics, data architectures, software assurance, security, and human information interaction; Daily collaboration with the team to understand, plan and implement infrastructure practices and changes.  Manage and evolve the HHPC cluster.  Contribute technical knowledge and experience as available to projects including big data, data intensive scalable computing, and high performance computing.

Minimum Qualifications and Requirements:

Education/Training:  BS in Information Technology field or a related quantitative field of study with three (3) years of applicable experience.

Experience:  Strong Linux System Administration Experience.  RHEL preferred.  Experience as a network/system administrator for a networked Linux infrastructure in a professional environment required. Experience maintaining and evolving an enterprise or research-oriented computer network.  Hands on experiences on switches, firewalls routers, network storage and virtualized environments.  Experience with high-performance computing technologies a plus.

Skills/Abilities:  Ability to deal with software and network systems integration at various levels. Strong hands-on knowledge in the configuration, securing, and troubleshooting of network devices, LAN switching technologies, firewalls, VPNs, routing protocols, Linux/UNIX based network services, network storage and monitoring/maintaining all of these to ensure their continued secure operation is required. Abilities to build software from source, and create packages.  Familiar with principles software configuration management (SCM). Excellent written and verbal communication skills.  Ability to work effectively without close supervision. Able to support a dynamic and changing research environment.  Able to interface with corporate IT.

Mobility: Primarily sedentary in an office setting with some mobility. Flexible to travel to various locations within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion. Travel outside of Pittsburgh limited to no more than 5 working days a month.

Environmental Conditions: Normal office conditions; close contact with computer screen for extended periods of time.

Mental: Ability to work meticulously with careful attention to detail; ability to meet deadlines while working on multiple tasks - sometimes under pressure and with shifting priorities; ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort; ability to quickly learn new procedures, techniques, approaches, etc.
 
Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Job Functions or Responsibilities
60%     Build, document and maintain the SEI Emerging Technology Center technological infrastructure.
15%     Interface with the SEI IT community, the CMU campus community and the broader High Performance Computing community to bring best practices into the SEI Emerging Technology Center.
15%     Actively participate in agile team software development activities and team brainstorming, innovations, and design sessions.
10%     Participate in the broader SEI software research community through collaboration, papers, and presentations.
100% Total Effort
 
Organizational Chart:  SEI Emerging Technology Center Director < SEI Emerging Technology Center Technical Director < Infrastructure Engineer

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

22 Jan
2015
Senior Analyst - 2000395
Pittsburgh, PA

Position Summary:  The CERT Program is a division of the Software Engineering Institute, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania.  The Situational Awareness branch within the CERT Coordination Center supports government customers by developing cutting-edge network sensing and analysis tools for operational use in high-impact environments.

The successful candidate will provide technical leadership for a significant portion of cutting-edge applied research and development in computer security.  Challenge problems include strategic large-scale network analysis, quantitative measurements of large-scale US Government networks, development of situational awareness metrics for decision support, deployment and calibration of global sensor grids, and the effective transition of analytic solutions. 

As a senior member of the staff, the individual will be expected to serve as technical lead for the overall design, execution, and documentation of one or more tasks, as well as to serve as a liaison with customers, potential customers, vendors, and the Internet community as a whole.

 

Minimum Qualifications and Requirements:

Education/Training: Master’s Degree in Computer Science or scientific/technical field with eight (8) years’ experience.

Experience

  • Five or more years of professional experience in a technical leadership role which involves network or computer related problem solving

  • A thorough hands-on understanding of current computing platforms and networking protocols

  • In-depth familiarity with current trends in both network security operations and network security research

  • Extensive experience in at least one security or network engineering discipline such as incident handling, network traffic analysis, statistical network analysis, forensics, vulnerability assessment, network auditing, capacity planning or network architecture design

Skills/Abilities:

  • Proven experience applying the principles of discrete mathematics to solve operational problems

  • Theoretical and practical knowledge of network protocols

  • Familiarity with Internet governance and large scale network operations

  • An understanding of the current state of the practice for network analysis techniques, toolsets, and challenge areas

  • Knowledge of modern operating systems

  • The ability to write computational scripts in one or more programming languages such as Python, Perl or Java

  • Strong problem solving skills

  • Technical project management skills

  • Technical writing and reviewing skills

  • Ability to brief technical topics to non-technical senior managers and decision makers

Physical Mobility: Primarily sedentary in an office setting with some mobility.  Flexibility to travel to various locations within the SEI and CMU community, including sponsor sites, conferences, and meetings.                                   

Environmental Conditions:  Normal office conditions; loose contact with computer display for extended periods of time.

Mental:  The ability to:

  • envision operational application of fundamental and applied research ideas

  • work meticulously with careful attention to detail

  • meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities

  • deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff

  • grasp the big picture, direction, and goals of an effort

  • develop and communicate innovative ideas

Other: U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training:  Ph.D. in Mathematics, Computer Science or a related scientific or technical field with five (5) years’ experience.

Experience

  • In-depth experience contributing to the public body of knowledge for any of the following related disciplines:

  • Operational research

  • Network flow

  • Telecommunications planning

  • Statistical analysis of computer behaviors

  • Modelling, simulation and emulation

  • Technical writing skills

  • Knowledge of US Government networks

 

Accountability: The individual is accountable for

  • Active participation in the overall CERT/CC R&D effort

  • Producing original publications in network security analysis

  • Mentoring junior analysts and researchers and/or sustaining the vision for research in a specific problem domain

  • Participating in public speaking engagements, including at remote locations

Direction: The individual in this position is expected to act autonomously using CMU, SEI, and CERT, defined policies, practices, and procedures.

Decisions: The individual in this position is expected to participate in the decision-making and problem solving process of designing, building and operating systems for network security; suggesting and implementing policies and procedures to support these activities; and creating prototyping implementations of tools and approaches for situational awareness.  Further, this position will contribute to key design making for the prioritization of efforts for a specific customer.

Supervisory Responsibilities:  This position does not formally supervise others.  However, the individual will act in a technical leadership or mentoring (non-supervisory) role in regard to a specific body of work.

 

Job Functions or Responsibilities:

60%      Lead, perform and publish original work in network security analysis, including work leading to publications.

10%      Contribute to overall strategic direction for a diverse security R&D team.

20%      Mentor and guide junior network security analysts.

10%      Participate in and/or lead presentations to customers, colleague training sessions, conference presentations or public speaking engagements.

100% Total Effort

 

Organizational Chart: Technical Director, CERT Coordination Center > Technical Manager, Situational Awareness > Security Analyst

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

22 Jan
2015
Senior Engineer - 2000388
Arlington, VA

Position Summary: The Senior Member of the Technical Staff, SSD Washington Operations will function in two roles: (1) providing advice and assistance to the SSD Director and the Associate Director – Washington Operations to better align SEI capabilities, research, and offerings to address DoD priorities at all levels and (2) leading teams and participate as a team member in delivering technical solutions to SEI customers across the DoD, Intelligence Community, federal agencies, states, and industry. Key activities include engagement with and representation of SEI with senior acquisition technical and program leaders and managers OSD organizations and leaders; assessing evolving acquisition/engineering policies, guidance, and key DoD challenges to enable SEI strategy, program, and business development; enhancing SEI’s ability to achieve better integration of software practices with DoD’s systems engineering framework; leading and working on teams to deliver a range of technical assistance to identify and solve large-scale systems development problems; applying, adapting, integrating, and transitioning the SEI body of knowledge and other bodies of knowledge to maximize impact; creating and institutionalizing new SEI approaches to support customer needs and advance the software engineering state of the practice. The candidate will work closely with the SSD Director and the Associate Director of SSD, Washington Operations and other SSD and SEI organizations and programs.  The scope of this interaction includes senior leadership, the Director of SEI Strategic Initiatives, and other SEI division directors.  The technical staff member will be able to lead and participate in multi-disciplinary teams in support of the SEI and SSD vision and mission.

Minimum Qualifications and Requirements

Education/Training:  Master’s degree in engineering (computer science, information systems, systems engineering, software engineering, other engineering disciplines with eight (8) years of experience; or equivalent combination of training and experience.

Experience: The candidate must have at least ten (10) years’ experience as a program manager and chief engineer (or equivalent) in a major DoD acquisition program. Must be knowledgeable of DoD engineering policy, guidance, and practice, and organizations as well as understand the acquisition and engineering organizations and processes in DoD at a minimum with understanding of the Intelligence Community or federal agency acquisition processes. The candidate should have experience building, leading, managing and participating on cross-functional, technical teams; should be able to operate effectively from the executive to the technical staff level in organizations; and have the demonstrated interpersonal, communication, and representational to deal with customers and OSAD level sponsors.   

Skills/Abilities:  Detailed knowledge of planning, organizing, and managing engineering organizations and functions within a government acquisition program and oversight of contractor engineering efforts for a range of defense systems. 

Experience in five or more of the following:  Civilian Agency or DoD software-intensive systems acquisition or development on large-scale systems.  Solid technical breadth and understanding of all aspects of the end-to-end engineering lifecycle (e.g. requirements, design, implementation, testing etc.). and to effectively leverage architecture concepts such as Enterprise Architecture (e.g. Federal Enterprise Architecture Framework [FEAF], the DoD Architecture Framework [DoDAF]), and Software architecture development and evaluation including quality attributes;  Systems engineering of software-intensive systems and systems of systems; Requirements development and management; Software integration and test and software/hardware integration; COTS product integration;  IT architectures;  Deployment and sustainment of software-reliant systems, including legacy system migration;  knowledge of modern software development languages and platforms.

Strong written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization.  Program and project management skills including Interfacing with clients, developing proposals, and establishing relationships with new DoD and/or government clients and programmatic skills (e.g., ability to develop project plans, scope and track deliverables, manage risks, perform financial management).  Ability to lead and participate in multidisciplinary teams.    

Mobility:  Will be required to travel on overnight assignments.

Environmental Conditions: Usual office setting with extended use of CRT.

Other:   U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements 

Education/Training:  Master's degree in engineering (Computer Science, Information Systems, systems engineering, software engineering, or other discipline with 10 years of experience in DoD Major defense acquisition management.

Licenses/Certifications: DoD Certified Level 3 Program Manager, DoD Certified Level 3 Systems Engineer

Skills/Abilities:  Experience in organizational change management.  Completion of DoD acquisition accreditation levels (Program Management, Systems Engineering, and/or Test).

 

Accountability:  The member will be directly accountable for understanding DoD acquisition needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction: As a technical staff member, he/she will be expected operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions: Will be required to work with government organizations to identify strengths and weaknesses within the acquisition/sustainment program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  May supervise others.

 

Job Functions or Responsibilities:

60%              Participate as a leader or member of technical teams in support of government acquisition program offices or participate as a member of a technical team performing research.  Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

40%              Duties as assigned by the Director, Software Solutions Division (SSD) and/or the Associate Director SSD, principally business development and relationship development and maintenance.

 

Organizational Chart: SSD Director > Associate Director Washington Ops > Senior Engineer
 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran
 

 

14 Jan
2015
Software Architect - 2000182
Pittsburgh, PA or Arlington, VA

Position Summary:  The mission of the SEI is to improve the practice of software engineering worldwide. One of the areas that the Software Solutions Division (SSD) focuses on is creating and applying practices that support the cost-effective use of architecture to develop and evolve systems at all scales.

The successful candidate will be a member of the Architecture Practices (AP) team in the Software Engineering and Acquisition Practices Directorate and will contribute to the development of software, system, and system of system architecture practices, their application in real-world settings, and general software engineering knowledge.  Individual responsibilities include: working in teams to advise customers in the use of architecture practices to identify and solve large-scale development problems; analyzing customer needs throughout the development lifecycle and recommending courses of action; contributing to the development and improvement of architecture practices and software engineering practice; using customer experiences to inform and advance an architectural research agenda; and contributing to the technical community through publications and presentations.

The successful candidate will analyze DoD and commercial needs to formulate and prosecute a technical agenda that addresses these needs and will interact extensively with DoD and commercial stakeholders. He or she will have the opportunity to have a seminal and lasting influence on an emerging body of technical research and practice.

 

Minimum Qualifications and Requirements:

Education/Training: MS degree in software engineering, computer science, or information systems or an equivalent combination of training and experience.

Experience: Five (5) years of experience in software and systems development of substantial DoD, government, or industrial systems.

Skills/Abilities: Experience architecting software-intensive systems that includes managing quality attribute concerns (e.g., performance, modifiability, and scalability). Ability to assist with activities across the development lifecycle (including requirements, design, integration, and testing activities) and to effectively leverage architecture concepts in these activities. Ability to analyze customer problems, determine needs, and recommend a course of action. Ability to quickly learn and adapt to new technologies, platforms, and environments. Knowledge of modern software development languages, platforms, development methods, practices, and their application to practice. Ability to work effectively with team members, customers, and collaborators. Effective written and oral communication skills.

Physical Mobility: The ability and willingness to travel is required.

Environmental Conditions: Usual office setting, including extended work at a computer screen.

Mental: Ability to meet deadlines and function productively as a team member.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training: PhD degree in software engineering, computer science, or information systems or an equivalent combination of training and experience.

Experience: Experience as listed above, plus: knowledge of SEI architecture work such as the Architecture Trade-off Analysis Method, Quality Attribute Workshop, and documentation with the Views and Beyond Approach; experience with the design and development of software-intensive systems, systems of systems, or mission-critical systems; and experience working with industry and DoD stakeholders.

 

Accountability:  Estimation and tracking of time for technical tasks. 

Direction:  Expected to act independently, with little day-to-day guidance. Expected to also work collaboratively in teams with minimal needed outside facilitation. 

Decisions:  Determine architecture-centric solution techniques for practical system development problems.  Determine and recommend appropriate technology to use at a customer site in order to solve specific problems. Determine appropriate technical content for published report.

Supervisory:  Direct support activities to enable technical work. May direct the activities of work study or graduate student. Lead or co-lead customer efforts or transition project teams.

 

Job Functions or Responsibilities:

70%  Participate on teams for customer specific efforts in architecture-centric life cycle practices.

15%  Contribute to development of architecture practices.                                            

10%  Author publication-quality technical reports and deliver presentations as part of the defined technical work plan.

5%    As a member of the AP group, provide input to its goals, strategies, and technical direction.

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

14 Jan
2015
Software Architect - 2000183
Pittsburgh, PA or Arlington, VA

Position SummaryThe mission of the SEI is to improve the practice of software engineering worldwide. One of the areas that the Software Solutions Division (SSD) focuses on is creating and applying practices that support the cost-effective use of architecture to develop and evolve systems at all scales.

The successful candidate will be a member of the Architecture Practices (AP) team in the Software Engineering and Acquisition Practices Directorate and will contribute to the development of software, system, and system of system architecture practices, their application in real-world settings, and general software engineering knowledge.  Individual responsibilities include: working in teams to advise customers in the use of architecture practices to identify and solve large-scale development problems; analyzing customer needs throughout the development lifecycle and recommending courses of action; contributing to the development and improvement of architecture practices and software engineering practice; using customer experiences to inform and advance an architectural research agenda; developing proposals and work plans; and contributing to the technical community through publications and presentations.

The successful candidate will analyze DoD and commercial needs to formulate and prosecute a technical agenda that addresses these needs and will interact extensively with DoD and commercial stakeholders. He or she will have the opportunity to have a seminal and lasting influence on an emerging body of technical research and practice.

 

Minimum Qualifications and Requirements:

Education/Training: MS degree in software engineering, computer science, or information systems or an equivalent combination of training and experience.

Experience: Eight (8) years of experience in software and systems development of substantial DoD, government, or industrial systems.

Skills/Abilities: At least three years of experience architecting software-intensive systems that includes managing quality attribute concerns (e.g., performance, modifiability, and scalability). Ability to assist with activities across the development lifecycle (including requirements, design, integration, and testing activities) and to effectively leverage architecture concepts in these activities. Knowledge of (preferably experience using) SEI architecture work such as the Architecture Trade-off Analysis Method, Quality Attribute Workshop, and documentation with the Views and Beyond Approach. Experience with the design and development of software-intensive systems, systems of systems, or mission-critical systems. Ability to analyze customer problems, determine needs, and recommend a course of action. Ability to quickly learn and adapt to new technologies, platforms, and environments. Knowledge of modern software development languages, platforms, development methods, practices, and their application to practice. Ability to work effectively with team members, customers, and collaborators. Effective written and oral communication skills.

Physical Mobility: The ability and willingness to travel is required.

Environmental Conditions: Usual office setting, including extended work at a computer screen.

Mental: Ability to meet deadlines and function productively as a team member.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Education/Training: PhD degree in software engineering, computer science, or information systems or an equivalent combination of training and experience.

Experience: Experience as listed above, plus experience working with industry and DoD stakeholders.

 

Accountability:  Estimation and tracking of time for technical tasks.

Direction: Expected to act independently, with little day-to-day guidance. Expected to also work collaboratively in teams with minimal needed outside facilitation.

Decisions:  Determine architecture-centric solution techniques for practical system development problems.  Determine and recommend appropriate technology to use at a customer site in order to solve specific problems. Determine appropriate technical content for published report.

Supervisory Responsibilities:  Direct support activities to enable technical work. May direct the activities of work study or graduate student. Lead or co-lead customer efforts or transition project teams.

 

Job Functions or Responsibilities:

65%  Participate on teams for customer specific efforts in architecture-centric life cycle practices.

15%  Contribute to development of architecture practices.

10%  Author publication-quality technical reports and deliver presentations as part of the defined technical work plan.

5%    Participate in and lead technical activities in community settings (conferences, workshops, working groups).

5%    As a member of the AP group, provide input to its goals, strategies, and technical direction.

100% Total Effort

 

Organizational ChartSSD Director > AP manager > Software Architect

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

03 Sep
2014
Information Security Researcher - 101049
Pittsburgh, PA

Position SummaryThe CERT Division is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Division engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems.

The individual in this position will work as a member of the Cybersecurity Assurance (CA) Team within the Networked Systems Survivability Program. The CA team develops solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow organizations to assess analyze, and manage organizational, operational, and technical risks to mission-critical assets, processes, systems, and infrastructures. The individual will conduct applied research and perform assessments, diagnostics, and analysis techniques to better understand and mitigate risks to cyber environments and the organizational processes that depend on them. Activities will include close work with customers from a variety of organizations, including DoD, government agencies, and commercial organizations.

 

Minimum Qualifications and Requirements:

Education/Training:  PhD in computer science, software engineering, information systems, or a related scientific/technical field with five (5) years’ experience, or equivalent combination of training and experience.

Licenses:  CISSP, CISM or CISA.

Experience:  Experience with and applied knowledge in:  information technology and telecommunications systems; cyber security, survivability, and resilience concepts and issues; software and systems engineering; work with Federal Government.  Experience as a principal investigator or technical lead for research, development, or transition projects.  Published academic quality research or other broadly disseminated technical artifacts (books, software, etc.)

Skills/Abilities: Must exhibit the following skills and abilities:  understanding of information technology and telecommunications systems; working knowledge of network interoperability, cyber security, and survivability issues, including cyber security best practices and standards; development and delivery of information and infrastructure security risk and vulnerability evaluations; ability to conduct analytical studies and investigations; reasoning and problem-solving skills; ability to work independently with limited supervision; ability to interact effectively with customer and to represent the SEI and its capabilities; ability to work well as a member of a cooperative team; ability to work in a matrix organizational structure; ability to recognize and deal appropriately with confidential and sensitive information; ability to implement project plans, monitor project budgets, and identify and mitigate project risks; leadership and mentoring skills;  excellent written and oral communication skills; ability to contribute to technical research white papers and reports; ability to prepare papers and deliver presentations to technical and non-technical audiences; ability to contribute to customer technical exchanges and marketing presentations; participation in professional society activities, particularly IEEE and ACM; strong interest in cyber security and critical infrastructure protection analysis basis research, applied research, and development.

Physical/Mobility: Primarily sedentary in an office setting with some mobility.  Ability to travel frequently to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings.

Environmental Conditions: Close contact with computer for extended periods of time.

Mental: Strong interest in the human, managerial, and technical aspects of cyber security is critical for this position as are these abilities:  take or share leadership role in technical projects; work meticulously with careful attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to understand the big picture, direction, and goals of an effort; ability to develop and communicate innovative ideas; ability to demonstrate initiative and to quickly learn new procedures, techniques, approaches, etc.

Other: U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Preferred Qualifications and Requirements:

Licenses:  CISSP, CISM, GIAC, CISSP, OSCP or similar.

Experience:  Principal investigator for government funded research.

Skills/Abilities:  Ability to lead work teams as needed, consulting skills, ability to deliver coursework and training, ability to develop and foster external research collaborations.

 

Accountability: The individual will implement and participate in the planning and execution of projects leading to technical results. The individual will also contribute to project, department, or program objectives and planning document development. The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction: The individual is expected to act independently using CMU, SEI, and CERT defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual must make sound technical decisions with little supervision.  The individual must accurately represent the program in interactions with customers, sponsors, and the public.  The individual is expected to perform analysis on-site at customer locations and immediately assess potential vulnerabilities requiring further investigation.

Supervisory Responsibilities: This position could involve the training and oversight of the work of other staff members, graduate students, resident affiliates, visiting scientists, and independent contractors. Depending on research project or customer work plan, position may involve task leadership.

 

Job Functions or Responsibilities:

30%      Participate in the delivery of existing CERT cyber security, resilience, and risk assessment and analysis approaches with customers and partners; participate in research, analysis, and documentation of cyber security issues, concerns, and risks at customer locations.

25%      Participate in research into innovative and cutting-edge tools, techniques, and methods to improve cyber security and resilience; transition research into applied knowledge for customers.

10%      Contribute to conferences and meetings; participate in business development calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.

10%      Contribute to, publish technical notes and reports, and review the literature in cyber security, technical assessment, resilience, and software engineering.

10%       Provide assistance and input to other teams and projects within the SEI.

SECONDARY FUNCTIONS

5%       Contribute to conferences and meetings; participate in marketing calls and technical exchanges with clients; give talks and lectures as appropriate; participate on working groups for subjects of interest.

5%       Contribute to and review the literature in cyber security, resilience, and software engineering.

5%       Provide assistance and input to other teams and projects within the SEI.

100% TOTAL EFFORT

 

Organizational ChartDirector, CERT Division < Technical Director, Cyber Security Solutions Directorate < Deputy Director, Cyber Security Solutions Directorate < Technical Manager, Cyber Security Assurance Team < Information Security Researcher

 

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

13 Aug
2014
Software Engineer - Client Technical Solutions Division- 101002
Pittsburgh, PA or Arlington, VA

This position can be located in Pittsburgh, PA or Arlington, VA.

 

Position Summary: The Technical Staff Member of the Engineering Technical Staff of the Software Solutions Division will be responsible for leading teams that enable the organizations within the Department of Defense to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems. Key activities include understanding customer requirements and key challenge problems and addressing them with tailored solutions; applying, adapting, integrating, verifying and transitioning the SEI body of knowledge and other bodies of knowledge to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software engineering state of the practice; and maintaining situational awareness in technical and DoD domains. The candidate will coordinate closely with technical staff in CTSD, SSD and other SEI programs to deliver software engineering technical expertise to customers throughout the life-cycle. The engineering technical staff member will be able to lead and participate in multidisciplinary teams in support of the vision and mission.


Minimum Qualifications and Requirements:
 
Education/Training: BS or equivalent degree in relevant discipline with eight (8) years applicable experience; MS or equivalent degree in relevant discipline with five (5) years applicable experience; PhD or equivalent degree in relevant discipline with two (2) years applicable experience.

Experience: The candidate must have experience in software engineering, development or managemen,t and/or systems engineering. Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD, Intelligence Community, or Civilian Agency acquisition processes. The candidate should have experience building, leading, managing, and participating on cross-functional, high technology teams.  The candidate should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors.  Experience in five or more of the following: DoD or Civilian Agency software systems acquisition on major programs (For the purposes of this announcement, our definition of major is at least 100K SLOC of custom developed code, and/or significant integration of COTS/GOTS products); solid technical breadth and understanding of all aspects of the end-to-end software lifecycle (e.g., requirements, design, implementation, testing, etc.); alternative life cycles (e.g. waterfall, agile); major DoD, Intelligence Community, or Civilian Agency software acquisition policies and directives; enterprise architecture; software architecture development and evaluation, software architecture patterns (e.g. SOA) and concepts (e.g. Cloud computing); information Assurance/survivability; systems engineering on software intensive systems; COTS product integration; performance measurement including definition and application of goals, measurements and metric; system of systems engineering; requirements development and management; software integration and test and software/hardware integration; deployment of software intensive systems, especially including transition from legacy systems; cost estimation.

Skills/Abilities: Detailed knowledge of software engineering; detailed knowledge of at least one core competency: requirements, architecture and design, program and acquisition management, performance improvement, assurance, or security and depth in at least one SEI body of work.  Strong written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization.  Proven program and project management skills including: interfacing with clients, developing proposals, and establishing relationships with new DoD and/or government clients and programmatic and project management skills (e.g., ability to develop project plans, track deliverables, manage risks, perform staff planning, provide budget oversight).  Ability to lead and participate in multidisciplinary teams.

Mobility: Will be required to travel on overnight assignments.

Environmental Conditions: Usual office setting with extended use of CRT.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.


Preferred Qualifications and Requirements: 

Education/Training: Master's degree in Computer Science, Information Systems, systems engineering, software engineering, or acquisition management.

Licenses: Certified DoD Acquisition Professional. Certified PMP.


Accountability:  The member will be directly accountable for understanding DoD acquisition needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction:  As a technical staff member, he/she will be expected to operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions:  Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  Must be able to lead and supervise others.


JOB FUNCTIONS OR RESPONSIBILITIES:

85%  Participate as a leader or member of technical teams in support of government acquisition program offices or participate as a member of a technical team performing research. Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

10%  Other duties as assigned by the Client Technical Solutions Directorate Executive Director, Deputy Director, Associate Director or Chief Engineer.

5%  Serve in an advisory capacity to other SEI technical programs on acquisition or technical issues.


100% TOTAL EFFORT

 


Organizational ChartSEI Director’s Office < Director, Software Solutions Division < Technical Director, Client Technical Solutions Directorate < Sector Lead, CTSD Sector Team

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

 

30 Jul
2014
Senior Cyber Security Engineer - 100973
Pittsburgh, PA

Position Summary:  The CMU/SEI Cyber Security Solutions (CS2) directorate is a leading edge analytical resource focusing on critical U.S. Government (USG) needs.  For the past 8 years, the CS2 Forensic Operations and Investigations group has provided analytical and operational support to high-profile investigations including numerous activities of national or international significance. Through this work the CS2/FOI can see the current limitations of digital analysis and incident response in the field first hand. Combining applied research with the unique talents, operational experience, research capabilities, and the vast knowledge base of Carnegie Mellon University, DIID is unmatched in its ability to develop new tools and methods to address cyber security limitations and critical gap areas.

The individual in this position will work as a member of the CERT Program’s Cyber Security Solutions (CS2) directorate as a member of the Forensic Operations and Investigations (FOI) group. The candidate will be expected to perform a variety of roles. Primary to this position is the management of an existing portfolio of operational clientele as well as the expansion of the FOI portfolio of work within the Defense and Intelligence communities. To achieve this, the candidate will be expected to understand the unique needs of these communities in order to develop a strategic program of research, development and analysis to support current and future gaps in key areas of need. This position will be directly responsible for developing new and maintaining existing customer relationships through ongoing interaction with customers.

Minimum Qualifications and Requirements:

Education/Training:  Bachelors of Science in Computer Science, Intelligence or Intelligence Analysis, Network Security, or related field with more than ten (10) years’ experience, Masters of Science in same fields with more than eight (8) years’ experience, Doctorate in same fields with more than five (5) years’ experience or equivalent.

Experience:  Professional experience listed above to include the following areas: Cyber and Intelligence analysis, preferably within company security teams, network operations centers, counter terrorism centers, or within the government in counter cyber threat environments; intelligence community knowledge and experience; awareness of sourcing, intelligence analysis methodologies, intelligence needs, cyber capabilities, and intelligence tools; leader of teams of analysts, operators, and technologist, preferably in the areas of security or intelligence; experience with and oversight of intelligence analysis and reporting operations; experience using and awareness of data analytics.

Skills/Abilities: Knowledge of and experience in: Familiarity with mission needs and challenges in “cyber”; awareness of intelligence capabilities in support of US Government (Department of Defense and the Intelligence Community) cyber missions, including gaps and capability needs; experience and knowledge of cyber threats and cyber threat analytics; intimate knowledge of key government stakeholders in cyber and knowledge of relevant industry organizations and activities related to cyber; information assurance/survivability; data analytics; effective leadership skills to create informal but effective teams in partnerships across the U.S.; team leadership; leadership of skill-diverse, multidisciplinary teams; strong written and verbal communications skills and the ability to present to small and large audiences; intelligence community and service cyber commands domain knowledge a plus.

Physical Mobility: Primarily sedentary in an office setting with some mobility. Flexible to travel to various locations within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion. Travel outside of Pittsburgh limited to one-two weeks a month.

Environmental Conditions: Normal office conditions; close contact with computer screen for extended periods of time.

Mental: The ability to: Oversee and direct the design and development of detailed analysis methodologies and processes based on requirements elicitation from internal and external stakeholders; lead the interaction and clearly communicate with cyber intelligence and security staff across government and industry, software developers, IT infrastructure owners and architects, analyst, and non-technical experts; work meticulously with attention to detail; lead multiple projects and project teams at once; delegation; lead and manage under uncertainty; gradual structure projects and programs based on dynamic requirements and incremental input and evaluation; flexibility; drive teams to effectively meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; deal collaboratively, diplomatically, and successfully with customers, co-workers, and other professional colleagues, managers, and staff; grasp and shape the big picture, direction, and goals of an effort while focusing on the meaning of details and how they are to be achieved; interface with world-class researchers across government, industry, and academia; develop and communicate innovative ideas; quickly learn and develop new procedures, techniques, and approaches.

Other:  U.S. Citizenship is required.  Applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information.

 

Accountability:  This position will be responsible for leading technical teams, developing approaches and solutions to digital intelligence problems for and with government, industry, and academic partners.

Direction: This position is expected to act with limited supervision in accordance with SEI procedures and policies, such as those involving technical leadership, analysis, report production, and confidentiality. This position requires close collaboration and teaming with the CS2/FOI Technical Management teams and program staff.

Decisions:  This position will be in a decision-making capacity for technical aspects of FOI projects and programs. Close coordination with the FOI technical manager will be required.

Supervisory Responsibilities:  This position will likely hold supervisory responsibilities for small (2) to medium (10) sized teams.

 

Job Functions or Responsibilities:

55%     Serve as a technical leader for CS2/FOI projects and programs, including the development of capabilities. Lead technology demonstration and intelligence activities across the Forensic Operations and Investigations (FOI) portfolio. Oversee and direct the aggregation and analysis of industry and contextual data to understand, capture, and report on events related to global, national, and local threat intelligence and network intelligence. Collaborate with, direct, and mentor other SEI staff, including analysts, technologist, researchers, and others.

25%     Explore, design, identify, document, guide the development of, and evaluate solutions to critical government and industry cyber intelligence issues.  Interface and collaborate with government and industry experts, the research community, and academics to identify needs, capabilities, objectives, and possible solutions to key digital intelligence challenges.

15%     Work with and advise the CS2/FOI management, and other senior leaders at the SEI on strategy, business development, direction, planning, and execution.

5%    Participate in the broader SEI software research community through collaboration, papers, and presentations.

100% Total Effort

 

Organizational Chart:  CERT Director > CS2 Technical Director > CS2 Deputy Director > Forensic Operations and Intelligence Technical Manager > Senior Engineer – Defense and Intelligence

 

Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran

We're Hiring

Accessibility Needs for Applicants, Students and Visitors

Carnegie Mellon University makes every effort to provide physical and programmatic access individuals with disabilities. If you require an accommodation to participate in any part of the employment process, please contact Disability Resources by emailing access@andrew.cmu.edu or calling 412-268-3930.

Carnegie Mellon University considers applicants for employment without regard to, and does not discriminate on the basis of, gender, race, protected veteran status, disability, or any other legally protected status.