Job Requirements
Pittsburgh, PA
Top Secret/SCI Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries
Job Description
What We Do:
Our team, within the Cyber Risk and Resilience Directorate researches, designs, and develops software tools for the collection, storage, and analysis of network data to provide security insights. We provide both the core network tools to facilitate this capability, and prototypes of new methods to present the data most effectively. We work with data at a scale generally not experienced by most organizations, handling record counts in the tens of billions per day.
Developing security insights at this scale requires creativity, efficiency, and contemporary knowledge of modern computing platforms. In some cases, the computing has outpaced the methods, and it is incumbent upon us to generate novel views of both the entire data collection, and of focused datasets tailored to specific analyst needs.
Our network situational awareness security tools are published here: https://tools.netsa.cert.org/
Position Summary:
As a network security researcher on the Network Situational Awareness team, you will research network threats to develop methods of detection and tailor these for partner environments. Transition of this research will take the form of developing detection capabilities, providing new requirements and feature requests for our NetSA Security tool suite, writing publications, and providing customer-specific training. The primary network data source for the team is netflow combined with application layer metadata, with an expanding focus on host-based (e.g., EDR) and cloud telemetry.
You will be responsible for gaining insights from data to facilitate detections, working with partners to help them to better understand their data and researching new data sources to expand the expertise of the team.
Requirements:
-Bachelor's Degree in Computer Science or a relevant technical discipline with eight (8) years of relevant work experience; or a MS in Computer Science or a relevant technical discipline with five (5) years of relevant work experience; or a PhD in Computer Science or other relevant technical discipline with two (2) years of relevant work experience.
-Movement between buildings within the SEI and CMU community required.
Willingness to travel to various locations to support the SEI's overall mission. This may include national travel to sponsor sites, conferences, and offsite meetings on occasion.
-You will be subject to a background check and will need to obtain and maintain a Department of War security clearance.
Knowledge, Skills and Abilities:
Ability to translate threat intelligence to avenues for research, prototyping, and curation of detection capabilities.
Strong knowledge of network fundamentals, common application layer protocols, and network-based telemetry.
Strong proficiency in at least one scripting or programming language such as Python, Go, Ruby, C, Java, or Scala.
Strong problem-solving and analytical skills, detailed research, and ability to document and communicate ideas and findings to diverse audiences.
Desired Experience:
Hands-on experience in a security research, threat hunting, detection engineering, or Cyber threat Intelligence (CTI) analyst role.
Experience analyzing large datasets, especially network telemetry such as netflow, application metadata, or PCAP from network sensors such as YAF, Zeek, Suricata, etc;
Experience applying cybersecurity data science methods and practices
Experience using open-source and / or commercial Internet intelligence telemetry and datasets
Strong grasp of the threat landscape and experience researching and investigating threats
Experience presenting technical topics
Location
Arlington, VA, Pittsburgh, PA
Job Function
Software/Applications Development/Engineering
Position Type
Staff - Regular
Full time/Part time
Full time
Pay Basis
Salary
More Information:
Our team, within the Cyber Risk and Resilience Directorate researches, designs, and develops software tools for the collection, storage, and analysis of network data to provide security insights. We provide both the core network tools to facilitate this capability, and prototypes of new methods to present the data most effectively. We work with data at a scale generally not experienced by most organizations, handling record counts in the tens of billions per day.
Developing security insights at this scale requires creativity, efficiency, and contemporary knowledge of modern computing platforms. In some cases, the computing has outpaced the methods, and it is incumbent upon us to generate novel views of both the entire data collection, and of focused datasets tailored to specific analyst needs.
Our network situational awareness security tools are published here: https://tools.netsa.cert.org/
Position Summary:
As a network security researcher on the Network Situational Awareness team, you will research network threats to develop methods of detection and tailor these for partner environments. Transition of this research will take the form of developing detection capabilities, providing new requirements and feature requests for our NetSA Security tool suite, writing publications, and providing customer-specific training. The primary network data source for the team is netflow combined with application layer metadata, with an expanding focus on host-based (e.g., EDR) and cloud telemetry.
You will be responsible for gaining insights from data to facilitate detections, working with partners to help them to better understand their data and researching new data sources to expand the expertise of the team.
Requirements:
-Bachelor's Degree in Computer Science or a relevant technical discipline with eight (8) years of relevant work experience; or a MS in Computer Science or a relevant technical discipline with five (5) years of relevant work experience; or a PhD in Computer Science or other relevant technical discipline with two (2) years of relevant work experience.
-Movement between buildings within the SEI and CMU community required.
Willingness to travel to various locations to support the SEI's overall mission. This may include national travel to sponsor sites, conferences, and offsite meetings on occasion.
-You will be subject to a background check and will need to obtain and maintain a Department of War security clearance.
Knowledge, Skills and Abilities:
Ability to translate threat intelligence to avenues for research, prototyping, and curation of detection capabilities.
Strong knowledge of network fundamentals, common application layer protocols, and network-based telemetry.
Strong proficiency in at least one scripting or programming language such as Python, Go, Ruby, C, Java, or Scala.
Strong problem-solving and analytical skills, detailed research, and ability to document and communicate ideas and findings to diverse audiences.
Desired Experience:
Hands-on experience in a security research, threat hunting, detection engineering, or Cyber threat Intelligence (CTI) analyst role.
Experience analyzing large datasets, especially network telemetry such as netflow, application metadata, or PCAP from network sensors such as YAF, Zeek, Suricata, etc;
Experience applying cybersecurity data science methods and practices
Experience using open-source and / or commercial Internet intelligence telemetry and datasets
Strong grasp of the threat landscape and experience researching and investigating threats
Experience presenting technical topics
Location
Arlington, VA, Pittsburgh, PA
Job Function
Software/Applications Development/Engineering
Position Type
Staff - Regular
Full time/Part time
Full time
Pay Basis
Salary
More Information:
- Please visit " Why Carnegie Mellon " to learn more about becoming part of an institution inspiring innovations that change the world.
- Click here to view a listing of employee benefits
- Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran .
- Statement of Assurance
group id: SOFTENG