Sandia National Laboratories R&D Cybersecurity Researcher (Early/Mid-Career) in Livermore, California


We are seeking R&D S&E, Cybersecurity researchers to participate in efforts to secure government and critical infrastructure systems. Our group is a unique team whose members conduct network monitoring and incident response, develop and deploy operational cybersecurity capabilities, and conduct cutting-edge research in advanced cybersecurity technologies. Researchers are expected to apply research advances to challenging multi-disciplinary problems important to national security, with an emphasis on creating a strong cyber environment that can withstand multipronged, highly sophisticated attacks. Current research includes vulnerability assessments, reverse engineering, program understanding, malware analysis, VM introspection, intrusion detection, countermeasures development and assessment, network and host forensics, mobile devices and networks, at-scale virtualization, and enterprise-scale emulation and analysis of cyber events. Some travel is expected to meet with sponsors and support successful execution of programs.

On any given day, you may be called on to:

  • Conduct innovative research; to lead projects and also contribute effectively on research teams; to work with customers to understand needs and propose solutions; and to present results as appropriate at open conferences and classified meetings.


  • Bachelor's and master's degrees in computer science, computer engineering, or a related technical discipline, with an emphasis on cybersecurity; or bachelor's degree in these disciplines with at least four years' relevant experience.
  • Expertise in one or more of the following: cyber vulnerability assessment, intrusion detection systems and countermeasures, network protocols and monitoring, host forensics and memory forensics, malware analysis and triage, mobile security, cloud security, network traffic analysis, and emulation of large-scale computer networks.
  • Evidence of relevant research expertise in the form of technical publications, presentations, software, and/or knowledge of applications.
  • Software development competence in at least one programming language; e.g. C/C++, Perl, Python, Ruby, Java or a related language.
  • Ability to obtain and maintain a Department of Energy (DOE)-granted Q-level and SCI security clearance. In order to obtain these clearances, U.S. Citizenship and polygraphs are required.


  • Record of strong academic performance.
  • Demonstrated ability to team effectively in a collaborative research environment.
  • Software engineering proficiency, particularly with respect to best practices and team development of high-quality code.
  • Familiarity with system level development, kernel programming, and binary reverse engineering.
  • Experience in day-to-day incident response cyber security operations
  • Experience with Intrusion Detection Systems (IDS) and signature development
  • Hands-on network/packet level examination using tools such as tcpdump or wireshark.
  • Working knowledge of TCP/IP, HTTP, SSL, DNS, FTP, SSH, and other common Internet protocols as well as common client scripting languages such as shell script, Javascript and VBscript.
  • Strong understanding of inter-domain networking including BGP, layer-2 networking protocols such as OSPF, ARP, DHCP, and TCP/IP networks in general.
  • Experience searching/parsing log files with command line utilities.
  • Working knowledge of multiple operating systems (Windows, UNIX/BSD, Linux, OS X, etc.)
  • Background in solving practical problems in science and engineering that involve encounters with real-world data.

Department Description:

The Information Security Sciences group (8960) includes work in advanced computer security research, operational network security, high-performance computing research, decision analysis, and information extraction research. This work is conducted for a wide range of government sponsors, including the Departments of Energy, Homeland Security, and Defense.

Our mission is to both underpin the current business areas with robust and exciting research capabilities and provide fundamental knowledge for future innovation.

This posting will be used to fill openings in the Cyber Systems Research (8964), Enterprise Cyber Security (8965) and Cyber System Assessments (8966) departments.

About Sandia:

Sandia National Laboratories is the nation’s premier science and engineering lab for national security and technology innovation, with teams of specialists focused on cutting-edge work in a broad array of areas. Some of the main reasons we love our jobs:

  • Challenging work withamazingimpact that contributes to security, peace, and freedom worldwide
  • Extraordinary co-workers
  • Some of the best tools, equipment, and research facilities in the world
  • Career advancement and enrichment opportunities
  • Flexible schedules, generous vacations,strongmedical and other benefits, competitive 401k, learning opportunities, relocation assistance and amenities aimed at creating a solid work/life balance*

World-changing technologies. Life-changing careers. Learn more about Sandia at:

*These benefits vary by job classification.

Security Clearance:

Position requires a Department of Energy (DOE) granted Q-level security clearance and SCI clearance, which may require a polygraph test.

Sandia is required by DOE directive to conduct a pre-employment background review that includes personal reference checks, law enforcement record and credit checks, and employment and education verifications. Applicants for employment must be able to obtain and maintain a DOE Q-level security clearance, which requires U.S. citizenship and SCI clearance, which may require a polygraph test.

Applicants offered employment with Sandia are subject to a federal background investigation to meet the requirements for access to classified information or matter if the duties of the position require a DOE security clearance. Substance abuse or illegal drug use, falsification of information, criminal activity, serious misconduct or other indicators of untrustworthiness can cause a clearance to be denied or terminated by the DOE, rendering the inability to perform the duties assigned and resulting in termination of employment.

EEO Statement:

Equal opportunity employer/Disability/Vet/GLBT