Posted today
DoE Q or L
Mid Level Career (5+ yrs experience)
$97,800 - $176,000
25%
IT - Security
Golden, CO (On-Site/Office)
Working at NREL
NREL, located at the foothills of the Rocky Mountains in Golden, Colorado is the nation's primary laboratory for energy systems research and development.
Join NREL, where world-class scientists, engineers, and experts are accelerating energy innovation through breakthrough research and systems integration. From our mission to our collaborative culture, NREL stands out in the research community for its commitment to an affordable and secure energy future. Spanning foundational science to applied systems engineering and analysis, we focus on solving complex challenges to deliver advanced, secure, reliable, and cost-effective energy solutions. Our work helps strengthen U.S. industries, support job creation, and promote national economic growth.
At NREL, you’ll find a mission-driven environment supported by state-of-the-art facilities, multidisciplinary research teams, and strong collaborations with industry, academia, and other national laboratories. We offer robust professional development opportunities, and a competitive benefits package designed to support your career and well-being.
Job Description
This position is located in Colorado and requires the selected candidate to reside in Colorado. A hybrid work schedule is required, with regular weekly onsite presence. Relocation benefits are available.
NREL is seeking a mid-career Network & Systems Engineer to join its Cybersecurity Research Center (CRC). The CRC conducts applied research at the intersection of cybersecurity, energy systems, national resilience, and data-centric research infrastructure—developing the tools, architectures, methods, and scientific foundations required to secure and sustain the nation’s evolving energy infrastructure.
CRC research and experimentation spans secure network and system architecture, adversarial and defensive cybersecurity experimentation, operational technology (OT) and industrial control systems (ICS), network and system modeling, database and data workflow management, hardware/software assurance, and cyber-physical resilience testing. Working across NREL’s energy, grid, and systems integration missions, the CRC leverages unique laboratory assets—including the ARIES Cyber Range—to build, operate, and evaluate large-scale, high-fidelity cyber-physical research environments.
We are seeking a technically strong and research-focused systems professional who can design, build, and manage secure research infrastructures while enabling controlled adversarial experimentation, threat emulation, and cybersecurity evaluation. The successful candidate will bring depth in one or more areas such as network engineering, systems administration, programming/automation, database management, cybersecurity, data center operations, or systems architecture. This individual will collaborate with researchers conducting adversarial experiments and will help translate research requirements into reproducible, secure, and high-performance computing environments.
Key Research Responsibilities:
Network Engineer IV
• Lead the architecture, deployment, and evolution of secure hybrid IT/OT research platforms and data center environments.
• Serve as technical authority for virtualization, containerization, automation, and data services, guiding platform strategy and lifecycle decisions.
• Architect and implement automation frameworks and tooling that scale across research projects and organizational environments.
• Establish data management strategies, including database architecture, governance practices, and analytics infrastructure.
• Develop zero-trust and defense-in-depth security architectures and evaluate emerging technologies for adoption.
• Lead major technical initiatives, establish system standards, and resolve highly complex technical and operational issues.
• Represent the organization as a primary technical point of contact with partners, sponsors, and senior leadership.
• Mentor staff, lead capability development, and contribute to long-range planning of cyber range and research computing resources.
Network Engineer III
• Design, implement, and administer secure hybrid IT/OT network and system architectures to support cyber and energy experimentation projects.
• Configure, deploy, and manage systems, networks, virtualization platforms (VMware/KVM), and server/storage infrastructure within data center environments.
• Develop automation scripts and system tools (Python, Bash, PowerShell) to improve operational efficiency and support research workflows.
• Configure and administer databases and data pipelines, ensuring data integrity, reproducibility, and appropriate access controls.
• Implement cybersecurity controls, such as identity and access management, network segmentation, firewall rules, and monitoring.
• Troubleshoot and resolve complex system, network, and database issues; recommend improvements to optimize performance.
• Produce technical documentation and contribute to proposals, runbooks, and architecture diagrams.
• Collaborate with cybersecurity researchers and platform users to integrate systems and data across experimental environments.
• Provide informal mentorship and onboarding assistance to junior technical staff.
Key Experience:
Network Engineer IV
• Leadership experience designing and directing enterprise-level or research computing network architectures.
• Deep technical expertise in routing, switching, segmentation, firewall design, VPN architectures, and secure system configuration.
• Demonstrated experience evaluating new technologies and making procurement or platform recommendations.
• Strong background in virtualization, container orchestration, and architecture of scalable compute platforms.
• Advanced automation experience, including integration of systems, data flows, and orchestration frameworks.
• Extensive experience designing cybersecurity architecture, zero-trust models, and segmentation strategies.
• Proven ability to communicate technical strategy to senior leadership, sponsors, and external partners.
• Demonstrated ability to lead others, mentor staff, and influence long-term technical direction.
Network Engineer III
• Experience in network, systems, or database administration across Linux and Windows environments.
• Demonstrated ability to design and configure TCP/IP networks, routing, switching, segmentation, VPNs, and VLANs.
• Hands-on experience with virtualization (VMware, KVM) or containerized environments (Docker, Kubernetes).
• Proficiency in scripting (Python, PowerShell, Bash) to automate infrastructure tasks.
• Experience working with database platforms (PostgreSQL, SQL Server, NoSQL) for configuration, ingestion, and backup.
• Familiarity with cybersecurity tools (SIEM/log aggregation, PKI, identity management, intrusion detection).
• Effective communication skills with the ability to create documentation and explain technical concepts to users.
• Experience providing technical support or onboarding in complex research or compute environments.
Basic Qualifications
Network Engineer IV
Relevant Bachelor's Degree and 9 or more years of experience or equivalent relevant education/experience. Or, relevant Master's Degree and 7 or more years of experience or equivalent relevant education/experience. Or, relevant PhD and 4 or more years of experience or equivalent relevant education/experience. Applies extensive IS expertise in specific field and has full knowledge of related disciplines. Evaluates new hardware, software, systems tools and applications and makes procurement recommendations. Excellent leadership and project management skills. Skilled in analytical techniques, practices and problem solving. Extensive programming and architecture abilities with various computer software programs and information systems.
Network Engineer III
Relevant Bachelor's Degree and 5 or more years of experience or equivalent relevant education/experience. Or, relevant Master's Degree and 3 or more years of experience or equivalent relevant education/experience. Or, relevant PhD or equivalent relevant education/experience. Complete understanding and wide application of principles, concepts and techniques in specific field. General knowledge of related IS disciplines. Strong leadership and project management skills. Skilled in analytical techniques, practices and problem solving. Advanced programming, design and analysis abilities with various computer software programs and information systems.
* Must meet educational requirements prior to employment start date.
Additional Required Qualifications
• Must be able to obtain and maintain a DOE security clearance at the Q/TS/SCI level. A polygraph may be required. Eligibility requirements: To obtain a clearance, an individual must be at least 18 years of age; U.S. citizenship is required except in very limited circumstances. See DOE O 472.2A for additional information.
• Ability to travel as needed up to 25%
Preferred Qualifications
Network Engineer IV
• Leadership experience designing and directing enterprise-level or research computing network architectures.
• Deep technical expertise in routing, switching, segmentation, firewall design, VPN architectures, and secure system configuration.
• Demonstrated experience evaluating new technologies and making procurement or platform recommendations.
• Strong background in virtualization, container orchestration, and architecture of scalable compute platforms.
• Advanced automation experience, including integration of systems, data flows, and orchestration frameworks.
• Extensive experience designing cybersecurity architecture, zero-trust models, and segmentation strategies.
• Proven ability to communicate technical strategy to senior leadership, sponsors, and external partners.
• Demonstrated ability to lead others, mentor staff, and influence long-term technical direction.
Network Engineer III
• Experience in network, systems, or database administration across Linux and Windows environments.
• Demonstrated ability to design and configure TCP/IP networks, routing, switching, segmentation, VPNs, and VLANs.
• Hands-on experience with virtualization (VMware, KVM) or containerized environments (Docker, Kubernetes).
• Proficiency in scripting (Python, PowerShell, Bash) to automate infrastructure tasks.
• Experience working with database platforms (PostgreSQL, SQL Server, NoSQL) for configuration, ingestion, and backup.
• Familiarity with cybersecurity tools (SIEM/log aggregation, PKI, identity management, intrusion detection).
• Effective communication skills with the ability to create documentation and explain technical concepts to users.
• Experience providing technical support or onboarding in complex research or compute environments.
Job Application Submission Window
The anticipated closing window for application submission is up to 30 days and may be extended as needed.
Annual Salary Range (based on full-time 40 hours per week)
Job Profile: IT Professional IV / Annual Salary Range: $97,800 - $176,000
Job Profile: IT Professional III / Annual Salary Range: $81,500 - $146,700
NREL takes into consideration a candidate’s education, training, and experience, expected quality and quantity of work, required travel (if any), external market and internal value, including seniority and merit systems, and internal pay alignment when determining the salary level for potential new employees. In compliance with the Colorado Equal Pay for Equal Work Act, a potential new employee’s salary history will not be used in compensation decisions.
Benefits Summary
Benefits include medical, dental, and vision insurance; short*- and long-term disability insurance; pension benefits*; 403(b) Employee Savings Plan with employer match*; life and accidental death and dismemberment (AD&D) insurance; personal time off (PTO) and sick leave; paid holidays; and tuition reimbursement*. NREL employees may be eligible for, but are not guaranteed, performance-, merit-, and achievement- based awards that include a monetary component. Some positions may be eligible for relocation expense reimbursement. Limited-term positions are not eligible for long-term disability or tuition reimbursement.
* Based on eligibility rules
Badging Requirement
NREL is subject to Department of Energy (DOE) access restrictions. All employees must also be able to obtain and maintain a federal Personal Identity Verification (PIV) card as required by Homeland Security Presidential Directive 12 (HSPD-12), which includes a favorable background investigation.
Drug Free Workplace
NREL is committed to maintaining a drug-free workplace in accordance with the federal Drug-Free Workplace Act and complies with federal laws prohibiting the possession and use of illegal drugs. Under federal law, marijuana remains an illegal drug.
If you are offered employment at NREL, you must pass a pre-employment drug test prior to commencing employment. Unless prohibited by state or local law, the pre-employment drug test will include marijuana. If you test positive on the pre-employment drug test, your offer of employment may be withdrawn.
Submission Guidelines
Please note that in order to be considered an applicant for any position at NREL you must submit an application form for each position for which you believe you are qualified. Applications are not kept on file for future positions. Please include a cover letter and resume with each position application.
Equal Opportunity Employer
All qualified applicants will receive consideration for employment without regard basis of age (40 and over), color, disability, gender identity, genetic information, marital status, domestic partner status, military or veteran status, national origin/ancestry, race, religion, creed, sex (including pregnancy, childbirth, breastfeeding), sexual orientation, and any other applicable status protected by federal, state, or local laws.
Reasonable Accommodations
E-Verify www.dhs.gov/E-Verify For information about right to work, click here for English or here for Spanish.
E-Verify is a registered trademark of the U.S. Department of Homeland Security. This business uses E-Verify in its hiring practices to achieve a lawful workforce.
NREL, located at the foothills of the Rocky Mountains in Golden, Colorado is the nation's primary laboratory for energy systems research and development.
Join NREL, where world-class scientists, engineers, and experts are accelerating energy innovation through breakthrough research and systems integration. From our mission to our collaborative culture, NREL stands out in the research community for its commitment to an affordable and secure energy future. Spanning foundational science to applied systems engineering and analysis, we focus on solving complex challenges to deliver advanced, secure, reliable, and cost-effective energy solutions. Our work helps strengthen U.S. industries, support job creation, and promote national economic growth.
At NREL, you’ll find a mission-driven environment supported by state-of-the-art facilities, multidisciplinary research teams, and strong collaborations with industry, academia, and other national laboratories. We offer robust professional development opportunities, and a competitive benefits package designed to support your career and well-being.
Job Description
This position is located in Colorado and requires the selected candidate to reside in Colorado. A hybrid work schedule is required, with regular weekly onsite presence. Relocation benefits are available.
NREL is seeking a mid-career Network & Systems Engineer to join its Cybersecurity Research Center (CRC). The CRC conducts applied research at the intersection of cybersecurity, energy systems, national resilience, and data-centric research infrastructure—developing the tools, architectures, methods, and scientific foundations required to secure and sustain the nation’s evolving energy infrastructure.
CRC research and experimentation spans secure network and system architecture, adversarial and defensive cybersecurity experimentation, operational technology (OT) and industrial control systems (ICS), network and system modeling, database and data workflow management, hardware/software assurance, and cyber-physical resilience testing. Working across NREL’s energy, grid, and systems integration missions, the CRC leverages unique laboratory assets—including the ARIES Cyber Range—to build, operate, and evaluate large-scale, high-fidelity cyber-physical research environments.
We are seeking a technically strong and research-focused systems professional who can design, build, and manage secure research infrastructures while enabling controlled adversarial experimentation, threat emulation, and cybersecurity evaluation. The successful candidate will bring depth in one or more areas such as network engineering, systems administration, programming/automation, database management, cybersecurity, data center operations, or systems architecture. This individual will collaborate with researchers conducting adversarial experiments and will help translate research requirements into reproducible, secure, and high-performance computing environments.
Key Research Responsibilities:
Network Engineer IV
• Lead the architecture, deployment, and evolution of secure hybrid IT/OT research platforms and data center environments.
• Serve as technical authority for virtualization, containerization, automation, and data services, guiding platform strategy and lifecycle decisions.
• Architect and implement automation frameworks and tooling that scale across research projects and organizational environments.
• Establish data management strategies, including database architecture, governance practices, and analytics infrastructure.
• Develop zero-trust and defense-in-depth security architectures and evaluate emerging technologies for adoption.
• Lead major technical initiatives, establish system standards, and resolve highly complex technical and operational issues.
• Represent the organization as a primary technical point of contact with partners, sponsors, and senior leadership.
• Mentor staff, lead capability development, and contribute to long-range planning of cyber range and research computing resources.
Network Engineer III
• Design, implement, and administer secure hybrid IT/OT network and system architectures to support cyber and energy experimentation projects.
• Configure, deploy, and manage systems, networks, virtualization platforms (VMware/KVM), and server/storage infrastructure within data center environments.
• Develop automation scripts and system tools (Python, Bash, PowerShell) to improve operational efficiency and support research workflows.
• Configure and administer databases and data pipelines, ensuring data integrity, reproducibility, and appropriate access controls.
• Implement cybersecurity controls, such as identity and access management, network segmentation, firewall rules, and monitoring.
• Troubleshoot and resolve complex system, network, and database issues; recommend improvements to optimize performance.
• Produce technical documentation and contribute to proposals, runbooks, and architecture diagrams.
• Collaborate with cybersecurity researchers and platform users to integrate systems and data across experimental environments.
• Provide informal mentorship and onboarding assistance to junior technical staff.
Key Experience:
Network Engineer IV
• Leadership experience designing and directing enterprise-level or research computing network architectures.
• Deep technical expertise in routing, switching, segmentation, firewall design, VPN architectures, and secure system configuration.
• Demonstrated experience evaluating new technologies and making procurement or platform recommendations.
• Strong background in virtualization, container orchestration, and architecture of scalable compute platforms.
• Advanced automation experience, including integration of systems, data flows, and orchestration frameworks.
• Extensive experience designing cybersecurity architecture, zero-trust models, and segmentation strategies.
• Proven ability to communicate technical strategy to senior leadership, sponsors, and external partners.
• Demonstrated ability to lead others, mentor staff, and influence long-term technical direction.
Network Engineer III
• Experience in network, systems, or database administration across Linux and Windows environments.
• Demonstrated ability to design and configure TCP/IP networks, routing, switching, segmentation, VPNs, and VLANs.
• Hands-on experience with virtualization (VMware, KVM) or containerized environments (Docker, Kubernetes).
• Proficiency in scripting (Python, PowerShell, Bash) to automate infrastructure tasks.
• Experience working with database platforms (PostgreSQL, SQL Server, NoSQL) for configuration, ingestion, and backup.
• Familiarity with cybersecurity tools (SIEM/log aggregation, PKI, identity management, intrusion detection).
• Effective communication skills with the ability to create documentation and explain technical concepts to users.
• Experience providing technical support or onboarding in complex research or compute environments.
Basic Qualifications
Network Engineer IV
Relevant Bachelor's Degree and 9 or more years of experience or equivalent relevant education/experience. Or, relevant Master's Degree and 7 or more years of experience or equivalent relevant education/experience. Or, relevant PhD and 4 or more years of experience or equivalent relevant education/experience. Applies extensive IS expertise in specific field and has full knowledge of related disciplines. Evaluates new hardware, software, systems tools and applications and makes procurement recommendations. Excellent leadership and project management skills. Skilled in analytical techniques, practices and problem solving. Extensive programming and architecture abilities with various computer software programs and information systems.
Network Engineer III
Relevant Bachelor's Degree and 5 or more years of experience or equivalent relevant education/experience. Or, relevant Master's Degree and 3 or more years of experience or equivalent relevant education/experience. Or, relevant PhD or equivalent relevant education/experience. Complete understanding and wide application of principles, concepts and techniques in specific field. General knowledge of related IS disciplines. Strong leadership and project management skills. Skilled in analytical techniques, practices and problem solving. Advanced programming, design and analysis abilities with various computer software programs and information systems.
* Must meet educational requirements prior to employment start date.
Additional Required Qualifications
• Must be able to obtain and maintain a DOE security clearance at the Q/TS/SCI level. A polygraph may be required. Eligibility requirements: To obtain a clearance, an individual must be at least 18 years of age; U.S. citizenship is required except in very limited circumstances. See DOE O 472.2A for additional information.
• Ability to travel as needed up to 25%
Preferred Qualifications
Network Engineer IV
• Leadership experience designing and directing enterprise-level or research computing network architectures.
• Deep technical expertise in routing, switching, segmentation, firewall design, VPN architectures, and secure system configuration.
• Demonstrated experience evaluating new technologies and making procurement or platform recommendations.
• Strong background in virtualization, container orchestration, and architecture of scalable compute platforms.
• Advanced automation experience, including integration of systems, data flows, and orchestration frameworks.
• Extensive experience designing cybersecurity architecture, zero-trust models, and segmentation strategies.
• Proven ability to communicate technical strategy to senior leadership, sponsors, and external partners.
• Demonstrated ability to lead others, mentor staff, and influence long-term technical direction.
Network Engineer III
• Experience in network, systems, or database administration across Linux and Windows environments.
• Demonstrated ability to design and configure TCP/IP networks, routing, switching, segmentation, VPNs, and VLANs.
• Hands-on experience with virtualization (VMware, KVM) or containerized environments (Docker, Kubernetes).
• Proficiency in scripting (Python, PowerShell, Bash) to automate infrastructure tasks.
• Experience working with database platforms (PostgreSQL, SQL Server, NoSQL) for configuration, ingestion, and backup.
• Familiarity with cybersecurity tools (SIEM/log aggregation, PKI, identity management, intrusion detection).
• Effective communication skills with the ability to create documentation and explain technical concepts to users.
• Experience providing technical support or onboarding in complex research or compute environments.
Job Application Submission Window
The anticipated closing window for application submission is up to 30 days and may be extended as needed.
Annual Salary Range (based on full-time 40 hours per week)
Job Profile: IT Professional IV / Annual Salary Range: $97,800 - $176,000
Job Profile: IT Professional III / Annual Salary Range: $81,500 - $146,700
NREL takes into consideration a candidate’s education, training, and experience, expected quality and quantity of work, required travel (if any), external market and internal value, including seniority and merit systems, and internal pay alignment when determining the salary level for potential new employees. In compliance with the Colorado Equal Pay for Equal Work Act, a potential new employee’s salary history will not be used in compensation decisions.
Benefits Summary
Benefits include medical, dental, and vision insurance; short*- and long-term disability insurance; pension benefits*; 403(b) Employee Savings Plan with employer match*; life and accidental death and dismemberment (AD&D) insurance; personal time off (PTO) and sick leave; paid holidays; and tuition reimbursement*. NREL employees may be eligible for, but are not guaranteed, performance-, merit-, and achievement- based awards that include a monetary component. Some positions may be eligible for relocation expense reimbursement. Limited-term positions are not eligible for long-term disability or tuition reimbursement.
* Based on eligibility rules
Badging Requirement
NREL is subject to Department of Energy (DOE) access restrictions. All employees must also be able to obtain and maintain a federal Personal Identity Verification (PIV) card as required by Homeland Security Presidential Directive 12 (HSPD-12), which includes a favorable background investigation.
Drug Free Workplace
NREL is committed to maintaining a drug-free workplace in accordance with the federal Drug-Free Workplace Act and complies with federal laws prohibiting the possession and use of illegal drugs. Under federal law, marijuana remains an illegal drug.
If you are offered employment at NREL, you must pass a pre-employment drug test prior to commencing employment. Unless prohibited by state or local law, the pre-employment drug test will include marijuana. If you test positive on the pre-employment drug test, your offer of employment may be withdrawn.
Submission Guidelines
Please note that in order to be considered an applicant for any position at NREL you must submit an application form for each position for which you believe you are qualified. Applications are not kept on file for future positions. Please include a cover letter and resume with each position application.
Equal Opportunity Employer
All qualified applicants will receive consideration for employment without regard basis of age (40 and over), color, disability, gender identity, genetic information, marital status, domestic partner status, military or veteran status, national origin/ancestry, race, religion, creed, sex (including pregnancy, childbirth, breastfeeding), sexual orientation, and any other applicable status protected by federal, state, or local laws.
Reasonable Accommodations
E-Verify www.dhs.gov/E-Verify For information about right to work, click here for English or here for Spanish.
E-Verify is a registered trademark of the U.S. Department of Homeland Security. This business uses E-Verify in its hiring practices to achieve a lawful workforce.
group id: RTL97829
