Cleared Senior/Principal Cyber Assurance Architect - Cyber Investigative Services, CA, Onsite

About Sandia:

Sandia National Laboratories is the nation’s premier science and engineering lab for national security and technology innovation, with teams of specialists focused on cutting-edge work in a broad array of areas. Some of the main reasons we love our jobs:

• Challenging work with amazing impact that contributes to security, peace, and freedom worldwide

• Extraordinary co-workers

• Some of the best tools, equipment, and research facilities in the world

• Career advancement and enrichment opportunities

• Flexible work arrangements for many positions include 9/80 (work 80 hours every two weeks, with every other Friday off) and 4/10 (work 4 ten-hour days each week) compressed workweeks, part-time work, and telecommuting (a mix of onsite work and working from home)

• Generous vacation, strong medical and other benefits, competitive 401k, learning opportunities, relocation assistance and amenities aimed at creating a solid work/life balance*

World-changing technologies. Life-changing careers. Learn more about Sandia at: http://www.sandia.gov

*These benefits vary by job classification.

What Your Job Will Be Like:

The Cyber Enterprise Security and Initiatives department is seeking a highly motivated Cyber Assurance Architect to be a part of the Cyber Investigative Services (CIS) team. This team provides a wide range of services ranging from system administration, eDiscovery, waste fraud and abuse (WFA) investigation, forensic investigation, incident of security concern (IOSC) sanitization, and insider risk management monitoring (IRM) at Sandia National Laboratories.

Are you passionate about identifying and engaging in the resolution of complex issues? Do you want to help support Sandia’s Cybersecurity, Legal, and Ethics programs that have impacts across Sandia? If so, consider applying for this great opportunity.

On any given day, you may be called on to:

• Implement, test, and maintain critical customer applications throughout their lifecycle

• Provide application administration support for users and partners including, but not limited to, enhancements, modifications, and corrections to existing solution implementations

• Work closely with customers and software vendors to define and implement technical and business requirements

• Research and evaluate new processes, technologies, and software

• Assist the team in collecting, processing, analyzing, and delivering electronic artifacts needed by our Legal and Ethics organizations

• Handle a high-pressure environment while successfully partnering with team members and customers

Due to the nature of the work, the selected applicant must be able to work onsite in California.

Salary Range:

$135,700 - $270,900

*Salary range is estimated, and actual salary will be determined after consideration of the selected candidate's experience and qualifications, and application of any approved geographic salary differential.

Qualifications We Require:

• Bachelor's degree in Computer Science, Computer Engineering or related field, plus five (5) or more years of relevant experience; or equivalent combination of education and experience that demonstrates the knowledge, skills, and ability to perform duties of the job

• At least 5 years of experience administering enterprise hardware and software running Windows and/or Linux

• At least 3 years of experience working with Splunk, including writing and/or modifying queries

• Active DOE Q-level security clearance or equivalent DOD Top Secret level security clearance; and ability to obtain and maintain SCI-level security clearance, which may require a polygraph test

Qualifications We Desire:

• At least 3 years of experience designing, installing, and/or administering network packet capture systems

• Knowledgeable and experienced with chain of custody and regulatory compliance processes for sensitive data

• Experience with Security Information and Event Management tools (SIEM)

• Proficient in legal case management, document management, and electronic discovery tool suites

• Experience collecting and analyzing mobile forensic data

• Development experience with tools such as Python, SQL, PowerShell, Java, and Perl

• Knowledge and experience in testing methodologies, including the ability to analyze and determine solutions for cybersecurity and IT issue

• Experience with coordinating and leading maintenance operations with servers and databases

• System administration experience, including significant technical knowledge of the underlying operating systems (e.g., Windows, Linux, and Mac)

• Proficient in utilizing industry standard Intrusion Detection Systems (IDS) and Endpoint Detection and Remediation systems (EDR)

• Experienced with detailed information system monitoring processes

• Proven ability to identify information security requirements and ensuring they are effectively integrated into information technology processes

• Well-versed in developing acceptance criteria for cybersecurity systems and architectures

• Experience and familiarity of the Electronic Discovery Reference Model (EDRM)

• Background and experience with electronic data forensic tools

• Strong analytical skills

About Our Team:

The Cyber Enterprise Security & Initiatives department resides within the Reliability & Digital Assurance group at Sandia/California, and is a matrixed element of Sandia National Laboratories Cyber Security Program. This team is responsible for Sandia California's network security operations, as well as partnering with NM based cyber security teams to support the breadth of Sandia's network security operations on classified and unclassified networks. The team is responsible for maintenance and continuous improvements to Sandia's network security architecture, and performs information & cyber security research to develop and apply state-of-the-art cyber technologies. The department performs research in all areas of cyber defense, vulnerability analyses of networks and networked systems, vulnerability scanning, intrusion detection, incident response, computer and network forensics, counterintelligence technical support, and consulting services to other organizations with information security concerns. The team partners with various organizations across the laboratories and external stakeholders to ensure the protection of Sandia's information and assets.

Posting Duration:

This posting will be open for application submissions for a minimum of seven (7) calendar days, including the ‘posting date’. Sandia reserves the right to extend the posting date at any time.

Security Clearance:

Sandia is required by DOE to conduct a pre-employment drug test and background review that includes checks of personal references, credit, law enforcement records, and employment/education verifications. Position requires a Department of Energy (DOE) Q security clearance to start, or equivalent active security clearance with another U.S. government agency (e.g., DOD). Applicants for employment need to also be able to obtain and maintain SCI access, which requires US citizenship. SCI access may also require a polygraph examination. If you hold more than one citizenship (i.e., of the U.S. and another country), your ability to obtain these levels of access may be impacted.

Applicants offered employment with Sandia are subject to a federal background investigation to meet the requirements for access to classified information or matter if the duties of the position require a DOE security clearance. Substance abuse or illegal drug use, falsification of information, criminal activity, serious misconduct or other indicators of untrustworthiness can cause a clearance to be denied or terminated by the DOE, resulting in the inability to perform the duties assigned and subsequent termination of employment.

EEO:

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status and any other protected class under state or federal law.

NNSA Requirements for MedPEDs:

If you have a Medical Portable Electronic Device (MedPED), such as a pacemaker, defibrillator, drug-releasing pump, hearing aids, or diagnostic equipment and other equipment for measuring, monitoring, and recording body functions such as heartbeat and brain waves, if employed by Sandia National Laboratories you may be required to comply with NNSA security requirements for MedPEDs.

If you have a MedPED and you are selected for an on-site interview at Sandia National Laboratories, there may be additional steps necessary to ensure compliance with NNSA security requirements prior to the interview date.

Job ID: 695431

Job Family: IT

Regular/Temporary Position: R

Full/Part-Time Status: F