Cyber Security Engineer (San Francisco)

Position Overview

Lawrence Berkeley National Labs (LBNL) National Energy Research Scientific Computing Center (NERSC) Division is looking for a Cyber Security Engineer to join their team. NERSC’s mission is to accelerate scientific discovery through high performance computing and data analysis for the DOE Office of Science programs, supporting over 10,000 users researching alternative energy sources, climate science, energy efficiency, environmental science, and other DOE mission areas.

In this exciting role, you will work both independently and collaboratively to monitor and respond to security incidents, perform vulnerability scanning and security testing, provide security guidance, and contribute to the strategy as NERSC moves to exascale and beyond.

Key Responsibilities

• Perform security duties including monitoring network traffic and log data, investigating anomalous activity, forensic analysis, and resolution of security incidents.
• Support and/or lead cyber incident response activities through the full incident response lifecycle with proper documentation.
• Maintain up-to-date awareness of cybersecurity threats and trends, assess emerging issues, and coordinate mitigation efforts across teams.
• Assist with vulnerability assessment activities, including configuring scanning tools, prioritizing vulnerabilities, and guiding remediation efforts.
• Participate in a 24/7 on-call rotation, occasionally working outside scheduled hours.
• Contribute to the design and development of NERSC's security architecture and address gaps in monitoring and detection capabilities.
• Participate or lead system upgrade efforts, including the specification, purchase, installation, configuration, and deployment of new hardware and security services.
• Help maintain existing cybersecurity systems using automation tools, and perform manual administration and hardware support as needed.
• Develop and update IDS signatures and monitoring rules to align with emerging threats and improve detection accuracy.
• Lead or support the implementation of a Zero Trust strategy to mitigate risk while supporting NERSC’s open science mission.
• Promote a strong security culture through outreach, technical consulting, and security awareness initiatives.
• Collaborate with system engineers and software developers to integrate cybersecurity tools and processes throughout the center.
• Conduct comprehensive security reviews and risk assessments, and provide actionable recommendations in detailed reports.
• Serve as a security subject matter expert on cross-functional projects and guide the development of cybersecurity requirements.
• Create technical guides, best practices, and resources to help NERSC staff and users adhere to cybersecurity policies.
• Lead technical initiatives focused on advancing security in areas such as containerized environments, Zero Trust Architecture, and secure HPC workflows.

Required Qualifications

• Bachelor’s degree in Computer Science or a related field with a minimum of 8 years of experience; or 6 years with a Master’s degree; or equivalent experience.
• Prior experience in cybersecurity, including network defense, security monitoring, vulnerability/risk assessment, penetration testing, or threat intelligence.
• Hands-on experience with incident response, including investigation, forensics, timeline reconstruction, and remediation.
• Experience in configuring and managing security tools such as intrusion detection systems (e.g., Snort, Suricata, Zeek), firewalls, and log analysis platforms.
• Proficiency in collecting, parsing, and analyzing log data from diverse systems to detect and investigate security incidents.
• Familiarity with security tools for code analysis, penetration testing, and vulnerability scanning with demonstrated expertise in one or more.
• Solid understanding of common security vulnerabilities, mitigations, attacker TTPs, and cybersecurity frameworks.
• Strong grasp of network security concepts and upper-layer protocols.
• Experience developing scripts or programs in C, C++, Python, Shell, or similar languages.
• Experience working in Linux/Unix environments with strong command-line skills for effective troubleshooting.
• Familiarity with configuration management tools such as Ansible or Puppet.
• Demonstrated leadership in project or team environments with experience implementing systems or providing direction on projects.
• Excellent problem-solving skills, with the ability to troubleshoot complex issues and manage multiple tasks in a fast-paced environment.
• Ability to work both independently and collaboratively within interdisciplinary teams.
• Strong verbal and written communication skills.

Preferred Qualifications

• Experience with securing large-scale or open network computing environments.
• Background working in High Performance Computing (HPC), higher education, or research environments.
• Expertise in designing and implementing Zero Trust architectures and security best practices for authentication and authorization.
• Experience securing container orchestration platforms and containerized workloads, including runtime security monitoring and image scanning.
• Experience integrating security tools within development and deployment pipelines, with knowledge of secure coding practices and security-focused code reviews.
• Familiarity with API security, including OAuth 2.0, JWT, and API key management.
• Knowledge of data analytics, machine learning, or statistical models applied to cybersecurity analysis.

Benefits & Perks

• Full-time, career appointment, exempt (monthly paid) from overtime pay.
• Compensation: The full salary range is between $129,948 to $219,276 per year with a targeted range of $146,184 to $178,668 per year based on skills, certifications, and experience.
• Subject to a background check (convictions evaluated on relevance to the position).
• Eligible for a flexible work mode; hybrid schedules may be considered for candidates residing within 150 miles of Berkeley Lab.
• Work schedules are dependent on business needs, with opportunities to attend NERSC seminars and engage in cross-team projects.