HPC Cybersecurity Engineer

The HPC Cybersecurity Engineering team is one half of the NCCS Security and Information Engineering Group. We architect, develop, deploy, and maintain the supercomputing-specific security program (an enclave within the broader ORNL authorization boundary) and provide HPC security expertise to projects of national interest. We collaborate across incident response, blue team engineering, vulnerability research, policy architecture, and DevSecOps. We work closely with scientific and operations teams and act as liaisons to ORNL's broader risk management framework. We are a Linux focused environment with security challenges that prioritize scale, performance, and scientific computing integrity., * Translate complex technical concepts to communicate effectively with scientific, operations, project, and management staff

• Help shape the Supercomputing security architectural vision and lead security reviews of new capabilities, services, and designs against core security plans
• Design, implement, and automate policy/control assessments to verify cybersecurity and operational policy compliance
• Engineer secure software development frameworks, tools, and guardrails that enable teams to deliver securely at HPC scale
• Define and implement best practices, standards, and technical baselines within the organization
• Analyze, triage, and respond to application, system, and network security relevant events
• Serve as a security liaison for projects of national interest and external partners
• Interpret cybersecurity policy and requirements; recommend enhancements to current policies/standards and lead implementation efforts with stakeholders
• Lead vulnerability management activities including remediation coordination, patch planning, verification, and approved penetration testing
• Document cybersecurity procedures, standards, control narratives, and decision records to support operations, audits, and continuous improvement
• Participate in a 24/7 on-call incident response rotation

You automate wherever possible, using Infrastructure as Code (IaC) and repeatable patterns so security can scale with operations. You can translate governance requirements into implementable standards and aggregate technical realities into clear risk-based decision options for leadership. You collaborate well, document what matters, and enjoy driving improvements that are both technically sound and audit ready. You may have more than a couple of our Preferred Qualifications and probably do not yet have any prior HPC experience. You may have technical leadership experience and/or want to grow into this role. You may or may not think Hackers is an incredible movie., * Bachelor's degree in Computer Science, Cybersecurity, or related field

• Minimum of five years of relevant experience
• Equivalent combination of education and experience will be considered, * Master's degree in Computer Science, Cybersecurity, or related field and at least eight years of relevant experience
• Strong understanding of U.S. Federal cybersecurity frameworks, standards, and guidelines including FISMA, NIST RMF (SP 800-37) and SP 800-53, FIPS 199/200, FedRAMP, and OMB Memorandums
• Experience as an Information Systems Security Officer (ISSO) and/or administering systems in UNIX/Linux environments
• Solid understanding of networked computing concepts and common protocols (DNS, DHCP, LDAP, SNMP, SMTP, HTTP(S), TLS/SSL)
• Experience representing organization during security cybersecurity audits
• Familiarity building or operating security tools such as SIEMs, vulnerability scanners, NIDS/HIDS, server telemetry, and detection engineering
• Experience with incident response and Linux forensics
• Familiarity with automated configuration management tools
• Experience in network, application, and/or security architecture and design, including threat modeling and security review practices
• Experience in a high-performance computing environment (nice to have), including multi-tenant compute, high-speed interconnects, and parallel filesystems

Special Requirements:

• This position requires the ability to obtain and maintain a clearance from the Department of Energy. As such, this position is a Workplace Substance Abuse (WSAP) testing designated position. WSAP positions require passing a pre-placement drug test and participation in an ongoing random drug testing program.

ORNL offers competitive pay and benefits programs to attract and retain individuals who demonstrate exceptional work behaviors. The laboratory provides a range of employee benefits, including medical and retirement plans and flexible work hours, to support the well-being of you and your family. Employee amenities such as on-site fitness, banking, and cafeteria facilities are also available for added convenience.

Other benefits include the following: Prescription Drug Plan, Dental Plan, Vision Plan, 401(k) Retirement Plan, Contributory Pension Plan, Life Insurance, Disability Benefits, Generous Vacation and Holidays, Parental Leave, Legal Insurance with Identity Theft Protection, Employee Assistance Plan, Flexible Spending Accounts, Health Savings Accounts, Wellness Programs, Educational Assistance, Relocation Assistance, and Employee Discounts.

As a U.S. Department of Energy (DOE) Office of Science national laboratory, ORNL has an impressive 80-year legacy of addressing the nation's most pressing challenges. Our team is made up of over 7,000 dedicated and innovative individuals! Our goal is to create an environment where a variety of perspectives and backgrounds are valued, ensuring ORNL is known as a top choice for employment. These principles are essential for supporting our broader mission to drive scientific breakthroughs and translate them into solutions for energy, environmental, and security challenges facing the nation.