Cyber Security Engineer

Position Overview

The Cyber Security Engineer at the National Energy Research Scientific Computing Center (NERSC) at Lawrence Berkeley National Laboratory (LBNL) plays a critical role in protecting high performance computing and data systems while accelerating scientific discovery. You will work both independently and collaboratively to monitor threats, perform vulnerability assessments, lead incident response, and advance cybersecurity initiatives to secure a cutting-edge research environment serving over 10,000 users.

Key Responsibilities

• Perform security duties including monitoring for potential threats, examining network traffic and log data, investigating anomalous activity, and conducting forensic analysis.
• Support and/or lead cyber incident response activities throughout the entire incident lifecycle, from detection through resolution and documentation.
• Stay informed about emerging cybersecurity threats and trends, assess risks, and coordinate mitigation efforts across teams.
• Assist with vulnerability assessments by configuring scanning tools, triaging discovered vulnerabilities, and guiding remediation efforts.
• Participate in a 24/7 on-call rotation and occasionally work outside scheduled hours as needed.
• Contribute to the design and development of NERSC’s security architecture and help evaluate new cybersecurity tools and technologies.
• Participate or lead efforts to upgrade systems through specification, installation, configuration, and deployment of new hardware and security services.
• Perform system administration, troubleshooting, and hardware maintenance while managing cybersecurity systems using automation tools.
• Develop comprehensive documentation for technical systems, processes, and procedures.
• Enhance detection capabilities by developing new IDS signatures and refining existing rules based on emerging threats.
• Lead or support security initiatives, including a Zero Trust strategy, to reduce risks while enabling NERSC’s open science mission.
• Promote a strong security culture through outreach, technical consulting, and security awareness activities.
• Provide guidance on security best practices and assist with the implementation of security controls and policies.
• Collaborate with system engineers and software developers to integrate cybersecurity tools and practices across projects.
• Conduct in-depth security reviews and risk assessments, document findings, and recommend actionable improvements.
• Act as a subject matter expert on cross-functional projects to ensure security is integrated at every phase.
• Develop cybersecurity requirements by translating high-level policies into actionable controls and guidelines.
• Create technical guides, best practices, and other resources to educate staff and users on cybersecurity.
• Lead or support technical initiatives focused on advancing security in containerized environments, secure software practices, Zero Trust Architecture, and secure data movement in HPC workflows.

Required Qualifications

• Minimum of 8 years of related experience with a Bachelor’s degree; or 6 years with a Master’s degree; or equivalent experience.
• Experience administering Linux/Unix systems or configuring network security devices.
• Proficiency with cybersecurity tools and technologies such as intrusion detection/prevention systems, firewalls, SIEM platforms, or vulnerability scanners.
• Experience designing, implementing, and maintaining network traffic capture and monitoring solutions in high-speed environments.
• Experience performing or supporting incident response activities including investigation, analysis, containment, and resolution.
• Skilled in collecting, parsing, and analyzing log and telemetry data from various systems to detect and respond to incidents.
• Experience in IT infrastructure implementation or administration, leading projects or teams, or providing technical direction for security initiatives.
• Proficiency in developing scripts or programs using languages such as Python, Shell, C, or C++.
• Solid knowledge of common security vulnerabilities and mitigations, attacker TTPs, and core cybersecurity principles.
• Demonstrated ability to work in Linux/UNIX environments from a Command Line Interface (CLI).
• Strong troubleshooting skills with an aptitude for analyzing complex issues.
• In-depth understanding of network security and upper-layer protocols.
• Excellent interpersonal skills with the ability to collaborate across interdisciplinary teams.
• Capacity to manage multiple tasks and adapt to rapidly changing priorities.
• Exceptional oral and written communication skills.

Preferred Qualifications

• Experience working in High Performance Computing, higher education, or research environments.
• Experience implementing Zero Trust architectures, securing container platforms and workloads, or integrating security into development and deployment processes.
• Experience conducting policy compliance activities, including audits against cybersecurity frameworks such as NIST, ISO 27001, or CIS Controls, and performing risk assessments.
• Experience securing large-scale computing or open network environments with broadly accessible infrastructure.
• Familiarity with configuration automation tools such as Puppet or Ansible.
• Knowledge of dual-stack (IPv4/IPv6) and IPv6-only network environments and their associated security challenges.
• Understanding of API security, including secure API design principles and familiarity with OAuth 2.0, JWT, and API key management.
• Expertise in secure coding practices with the ability to review source code for vulnerabilities and collaborate with development teams on secure solutions.
• Knowledge of data analytics, machine learning, or statistical models and their application to security analysis.

Benefits & Perks

• Exceptional health and retirement benefits including pension or 401K-style plans.
• Career growth opportunities with access to Tuition Assistance Programs and professional development resources.
• Generous leave policies including vacation, sick time, and an annual Winter Holiday Shutdown, plus parental bonding leave for both mothers and fathers.
• Additional perks such as pet insurance.
• Compensation: Salary range is approximately $156,864 – $191,724, fitting into the full range of $139,440 – $235,308 based on skills, knowledge, education, certifications, and experience.
• This full-time, career appointment includes a background check and offers a hybrid work mode with required on-site presence at Lawrence Berkeley National Lab.