Today
DoE Q or L
Unspecified
Polygraph
IT - Security
Oak Ridge, TN (On-Site/Office)
Requisition Id 15327
Level: TP01
Overview:
Oak Ridge National Laboratory seeks a Cyber Digital Investigator & National Security Liaison to join the Cyber Enhancements group to assist with digital investigations, forensics, incident response, and liaison to national security elements.
This position will support all aspects of Cyber Enhancements to include technical advice, design, and implementation of innovative projects, though primary duties will be to conduct digital investigations and forensics for incident response, threat hunting, authorized support of external entity investigations, and cyber engineering enhancements as required. The candidate will also work collaboratively with the counterintelligence office and other national security elements. The candidate will be expected to have experience conducting digital investigations and formal training or certifications in appropriate field. Experience in law enforcement investigative techniques will be adequately weighed.
Major Duties/Responsibilities:
Basic Qualifications:
This position requires the ability to obtain and maintain a Sensitive Compartmented Information (SCI) clearance from the Department of Energy. As such, this position is a Workplace Substance Abuse (WSAP) testing designated position. WSAP positions require passing a pre-placement drug test and participation in an ongoing random drug testing program. In addition, due the SCI, you may be also be subject to random polygraph testing.
Preferred Qualifications:
Special Requirements:
Security, Credentialing, and Eligibility Requirements:
For employment at Oak Ridge National Laboratory (ORNL), a Real ID compliant form of identification will be required. Additionally, ORNL is subject to Department of Energy (DOE) access restrictions. All employees must also be able to obtain and maintain a federal Personal Identity Verification (PIV) card as mandated by Homeland Security Presidential Directive 12 (HSPD-12) and Department of Energy (DOE) Order 473.1A, which requires a favorable post-employment background investigation.
To obtain this credential, new employees must successfully complete and pass a Federal Tier 1 background check investigation. This investigation includes a declaration of illegal drug activities, including use, supply, possession, or manufacture within the last year. This includes marijuana and cannabis derivatives, which are still considered illegal under federal law, regardless of state laws.
For foreign national candidates:
If you have not resided in the U.S. for three consecutive years, you are not eligible for the PIV credential and instead will need to obtain a favorable Local Site Specific Only (LSSO) risk determination to maintain employment. Once you meet the three-year residency requirement, you will be required to obtain a PIV credential to maintain employment.
Benefits at ORNL:
ORNL offers competitive pay and benefits programs to attract and retain talented people. The laboratory offers many employee benefits, including medical and retirement plans and flexible work hours, to help you and your family live happy and healthy. Employee amenities such as on-site fitness, banking, and cafeteria facilities are also provided for convenience.
Other benefits include the following: Prescription Drug Plan, Dental Plan, Vision Plan, 401(k) Retirement Plan, Contributory Pension Plan, Life Insurance, Disability Benefits, Generous Vacation and Holidays, Parental Leave, Legal Insurance with Identity Theft Protection, Employee Assistance Plan, Flexible Spending Accounts, Health Savings Accounts, Wellness Programs, Educational Assistance, Relocation Assistance, and Employee Discounts.
If you have difficulty using the online application system or need an accommodation to apply due to a disability, please email: ORNLRecruiting@ornl.gov.
This position will remain open for a minimum of 5 days after which it will close when a qualified candidate is identified and/or hired.
We accept Word (.doc, .docx), Adobe (unsecured .pdf), Rich Text Format (.rtf), and HTML (.htm, .html) up to 5MB in size. Resumes from third party vendors will not be accepted; these resumes will be deleted and the candidates submitted will not be considered for employment.
If you have trouble applying for a position, please email ORNLRecruiting@ornl.gov.
ORNL is an equal opportunity employer. All qualified applicants, including individuals with disabilities and protected veterans, are encouraged to apply. UT-Battelle is an E-Verify employer.
Level: TP01
Overview:
Oak Ridge National Laboratory seeks a Cyber Digital Investigator & National Security Liaison to join the Cyber Enhancements group to assist with digital investigations, forensics, incident response, and liaison to national security elements.
This position will support all aspects of Cyber Enhancements to include technical advice, design, and implementation of innovative projects, though primary duties will be to conduct digital investigations and forensics for incident response, threat hunting, authorized support of external entity investigations, and cyber engineering enhancements as required. The candidate will also work collaboratively with the counterintelligence office and other national security elements. The candidate will be expected to have experience conducting digital investigations and formal training or certifications in appropriate field. Experience in law enforcement investigative techniques will be adequately weighed.
Major Duties/Responsibilities:
- Conduct digital and forensics investigations, to include malware analysis, image capturing and analysis for incident response, and other investigations as necessary by request of authorized officials
- Help develop and modify tools to analyze forensic data and provide accurate information for activity review, to include remote access.
- Ability to create threat hunting hypotheses, then plan and scope Threat Hunting missions
- Participate in penetration testing activities and exercises
- Extract and correlate large data sets (Elastic)
- Serve as a liaison to the DOE Counterintelligence Office and other national security elements.
- Provides a communication pathway for classified and unclassified intelligence that information owners and network defenders need to protect DOE assets. Disseminates information to the USIC regarding foreign cyber activity against DOE.
- Uses data analysis techniques to identify insider threat and other malicious cyber activity based on cyber security information. Creates and modifies tools that access data in various formats and produces analytical reports or visualizations.
- Makes value-added contributions that affect the successful integration of DOE efforts with those of the USIC, especially in the USIC-wide cyber investigations.
- Provides consultation and advice on a broad range of cyber questions such as scope of problem to be investigated, issues involved, possible lines of attack, pertinent technology available, required liaison or joint projects with other organizations, objectives to be sought, and security considerations to be observed.
- Supports all cyber activities regarding intrusion incidents into classified and unclassified computer systems. In coordination with computer security officials and appropriate law enforcement entities, analyzes and evaluates available information to determine foreign intelligence organization involvement and determines protective actions to be taken.
- Deliver ORNL's mission by aligning behaviors, priorities, and interactions with our core values of Impact, Integrity, Teamwork, Safety, and Service.
Basic Qualifications:
- Bachelor's degree with a concentration in Computer Science, Cyber, or Forensics, with 5 years of experience in investigative techniques and experience in cyber or related field. Experience / certifications in digital forensics and investigations. A combination of education and experience may be considered for exceptional candidates with background in engineering, programming, and investigative techniques, and who possess an active security clearance.
- The duties require extensive knowledge of information technology and cyber security topics, including network traffic analysis, log processing, and cyber security visualization.
- Programming and data analysis skills are required. Familiarity with the following would be considered baseline skills: Perl, Python, or similar programming/scripting languages; relational and non-relational databases (MongoDB), SQL; system administration skills (Windows, Linux, VMs).
- Strong familiarity with DOE programs and locations and the nature of the foreign technical intelligence threat directed against them is required.
- Candidate must have significant experience performing work in the collection, investigation, analysis, evaluation, interpretation and dissemination of national security information.
- Demonstrated in-depth knowledge and understanding of CI operations, processes, missions and functions, in both the overseas and continental US environments.
- Incumbent must have the ability to determine courses of action: the approach, methods and application of such while encountering many unknowns and/or conflicting priorities.
- Incumbent must have the ability to grasp conceptual ideas and exercise original thought where there is little time for deliberation and consultations, to evaluate the importance of situations and problems, and to present well- considered and sound suggestions.
- Excellent written, interpersonal and communication skills are essential as well as the ability to articulately convey ideas and concepts.
- Must be familiar with USIC information security standards.
- Possess general understanding of the operations, processes, mission and functions of Cyber Division activities at DOE headquarters and Field/Laboratory facilities.
This position requires the ability to obtain and maintain a Sensitive Compartmented Information (SCI) clearance from the Department of Energy. As such, this position is a Workplace Substance Abuse (WSAP) testing designated position. WSAP positions require passing a pre-placement drug test and participation in an ongoing random drug testing program. In addition, due the SCI, you may be also be subject to random polygraph testing.
Preferred Qualifications:
- Master's Degree in Computer Science, Cyber, or Forensics
- 2 + years of experience in investigative techniques
- Penetration Testing experience or certifications
- Industry certifications such as GIAC (SANS) and COMPTIA certifications
- Active DOE Q or Top-Secret clearance
Special Requirements:
- Q clearance with SCI: This position requires the ability to obtain and maintain a Secret Compartmented Information (SCI) clearance from the Department of Energy. As such, this position is a Workplace Substance Abuse (WSAP) testing designated position. WSAP positions require passing a pre-placement drug test and participation in an ongoing random drug testing program. In addition, due the SCI, you may also be subject to random polygraph testing.
Security, Credentialing, and Eligibility Requirements:
For employment at Oak Ridge National Laboratory (ORNL), a Real ID compliant form of identification will be required. Additionally, ORNL is subject to Department of Energy (DOE) access restrictions. All employees must also be able to obtain and maintain a federal Personal Identity Verification (PIV) card as mandated by Homeland Security Presidential Directive 12 (HSPD-12) and Department of Energy (DOE) Order 473.1A, which requires a favorable post-employment background investigation.
To obtain this credential, new employees must successfully complete and pass a Federal Tier 1 background check investigation. This investigation includes a declaration of illegal drug activities, including use, supply, possession, or manufacture within the last year. This includes marijuana and cannabis derivatives, which are still considered illegal under federal law, regardless of state laws.
For foreign national candidates:
If you have not resided in the U.S. for three consecutive years, you are not eligible for the PIV credential and instead will need to obtain a favorable Local Site Specific Only (LSSO) risk determination to maintain employment. Once you meet the three-year residency requirement, you will be required to obtain a PIV credential to maintain employment.
Benefits at ORNL:
ORNL offers competitive pay and benefits programs to attract and retain talented people. The laboratory offers many employee benefits, including medical and retirement plans and flexible work hours, to help you and your family live happy and healthy. Employee amenities such as on-site fitness, banking, and cafeteria facilities are also provided for convenience.
Other benefits include the following: Prescription Drug Plan, Dental Plan, Vision Plan, 401(k) Retirement Plan, Contributory Pension Plan, Life Insurance, Disability Benefits, Generous Vacation and Holidays, Parental Leave, Legal Insurance with Identity Theft Protection, Employee Assistance Plan, Flexible Spending Accounts, Health Savings Accounts, Wellness Programs, Educational Assistance, Relocation Assistance, and Employee Discounts.
If you have difficulty using the online application system or need an accommodation to apply due to a disability, please email: ORNLRecruiting@ornl.gov.
This position will remain open for a minimum of 5 days after which it will close when a qualified candidate is identified and/or hired.
We accept Word (.doc, .docx), Adobe (unsecured .pdf), Rich Text Format (.rtf), and HTML (.htm, .html) up to 5MB in size. Resumes from third party vendors will not be accepted; these resumes will be deleted and the candidates submitted will not be considered for employment.
If you have trouble applying for a position, please email ORNLRecruiting@ornl.gov.
ORNL is an equal opportunity employer. All qualified applicants, including individuals with disabilities and protected veterans, are encouraged to apply. UT-Battelle is an E-Verify employer.
group id: 10486126
What does ORNL do?
