Carnegie Mellon University - Arlington, VA
posted 2 days ago
About the position
As part of the Cyber Risk and Resilience Directorate, you will be part of a team of engineers aimed at applying the latest tools, techniques and methods to resilience challenges. The Senior Cybersecurity Engineer will support the operational capabilities and continued evolution of the Cybersecurity Assurance Team (CA), specifically focusing on cybersecurity training development and delivery. The CA team develops solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow organizations to assess, analyze, and manage organizational, operational, and technical risks to mission-critical assets, processes, systems, and infrastructures. In this role, you will help provide the bridge between our operational capabilities and the development of impactful in-person and on-demand training.
Responsibilities
- Provide subject matter expertise across the entire CA portfolio to assist in the development of impactful training material and resources.
- Support cybersecurity assessments standardization and documentation.
- Develop and employ security measurement approaches.
- Transition knowledge and expertise to the broader community.
- Work collaboratively on multidisciplinary teams solving difficult customer challenges in diverse environments.
- Serve as a trusted advisor to defense and critical infrastructure customers.
Requirements
- BS degree in a relevant discipline with 10 years of applicable experience, or a MS degree in a relevant discipline with 8 years of applicable experience, or a PhD in a relevant discipline with 5 years of applicable experience.
- Experience in managing projects.
- Experience in delivering cybersecurity training.
- Familiarity with cybersecurity standards (e.g., NIST CSF, NIST SP 800 series, ISO 27000 series, etc.).
- Knowledge of assessment methodologies, tactics, techniques, and procedures.
- Knowledge of the evaluation of cybersecurity controls and practices.
- Knowledge of conducting security assessments including conducting on-site technical assessments, pre- and post-assessment analysis, preparation of technical reports and briefings to customers.
- Knowledge of critical infrastructure protection concepts and standards.
- Knowledge of information sharing practices and models.
- An understanding of maturity model concepts.
- Ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.
- Ability to communicate with a range of audiences ranging from junior technical individual contributors to senior customer points of contacts.
Nice-to-haves
- Strong writing/editing ability.
- Ability to interact with others and function as a member of a process action team or instructional design working group.
- Experience with course and information mapping, flowcharting, etc.
- Certifications: A+ CE, CCNA-Security, CND, Network+ CE, SSCP, CISSP, CISM, CISA, PMP, or equivalent experience.
Benefits
- Comprehensive medical, prescription, dental, and vision insurance.
- Generous employer contribution to retirement savings program.
- Tuition benefits.
- Ample paid time off and observed holidays.
- Life and accidental death and disability insurance.
- Free Pittsburgh Regional Transit bus pass.
- Family Concierge Team to help navigate childcare needs.
- Fitness center access.
