What You Will Do

The High Performance Computing (HPC) Division at Los Alamos National Laboratory provides scientific computing resources consisting of some of the largest HPC systems in the world as well as numerous large commodity cluster systems and a quickly growing AI/ML/LLM infrastructure. Our Cybersecurity Team within the HPC Systems Group (HPC-SYS) is seeking a highly qualified Cybersecurity Technical Staff member capable of integrating modern cybersecurity tools and technologies into our High Performance Computing environment. The selected candidate will stay up to date on cybersecurity tools, and techniques in order to integrate new software tools into our HPC security software stack. The selected candidate will assist the HPC ISSO and Cybersecurity Team with designing and implementing cybersecurity solutions for the HPC Division.

The primary responsibilities will include working closely with HPC Cybersecurity leads to assist implementing our overall cybersecurity plan. The selected candidate will assist in the review of cybersecurity configurations, and controls. Assist in validating new HPC systems by working with HPC admins to improve security or implement mitigations. Strengthen our existing cybersecurity infrastructure and prepare for the integration of future technologies including the expansion of more web-based tools, on and off-prem cloud solutions, virtualized support infrastructure and containerized user application running on HPC systems. Assist in the setup, administration and maintenance of Linux based servers using a configuration management system, and monitoring software systems including Splunk. The selected candidate will also participate in periodic on-call responsibilities and work both independently and collaboratively with other members of the team or group to provide technical assistance in problem solving and day-to-day operation and monitoring of various HPC systems to identify and fix security related issues.

The selected candidate will actively monitor logs and alerting systems, implement monitoring dashboards and alerts for cybersecurity related issues on our HPC Clusters, File Systems or Networks. The selected candidate will also be required to participate in process improvement and deep multi-system problem isolation and resolution in coordination with administrators of other HPC subsystems, propose and implement solutions when presented with problems. In addition, the selected candidate will have the opportunity to develop technical products such as presentations, technical papers, and reports, and communicate findings internally or at conferences. Mentoring of students, junior staff, and peers in technical and professional growth activities is highly valued, as is maintaining state-of-the-art technical expertise and knowledge within HPC and cybersecurity in addition to developing new skills in related disciplines.

This position will be filled at either the Scientist 2/3 level, depending on the skills of the selected candidate. Additional job responsibilities (outlined below) will be assigned if the candidate is hired at the higher level.

What You Need

Minimum Job Requirements:

Scientist 2: ($101,700 - $168,200)

• Knowledge in one or more of the following disciplines: Cybersecurity, Information Security, Information Assurance, Computer Science. Understanding of classic and contemporary cyber threats and vulnerabilities and demonstrated ability to apply that knowledge to system engineering, analytics, or operations.

• Knowledge of measurement tools for vulnerability assessment, detection and mitigation (such as Nessus). Knowledge of system monitoring tools, log collection, metric collection or agent based tools (such as Splunk).

• Familiar with NIST Security controls and Risk Management Framework (RMF) requirements.

• Demonstrated scripting experience in Bash, Perl, Python, or similar scripting languages as well as experience with more advanced programming languages.

• Experience working in a production computing environment, preferably with HPC systems or at large scale. Working knowledge of networking concepts and practices. Knowledge of or experience with hardware and software security practices.

• Outstanding written and oral technical communication. Experience with technical writing test plans, findings reports or published papers. Strong interpersonal communication skills with the ability to work with groups of people of various levels of technical knowledge or understanding. Demonstrated experience working effectively under the pressure of frequent interruptions and conflicting priorities.

Additional Job Requirements for Scientist 3:

Scientist 3: ($122,300 - $206,300)

In addition to the Job Requirements outlined above, qualification at the Scientist 3 level requires:

• Expert knowledge and practical experience at the advanced level in one or more of the following disciplines: Cybersecurity, Information Security, Information Assurance, Computer Science. Expert technical knowledge of classic and contemporary cyber threats and vulnerabilities and demonstrated ability to apply that knowledge to system engineering, analytics, or operations.

• Expert knowledge of and demonstrated experience creating measurement tools for vulnerability assessment, detection and mitigation. Expert knowledge of system monitoring tools, such as log collection, metric collection or agent based tools.

• Demonstrated experience and expertise in creating or modifying cybersecurity tools for a production computing environment.

• Develop and present technical reports and briefings on system vulnerabilities to convey risks, impacts and recommendations. Present materials at national conferences and meetings. Works with the HPC Cybersecurity leads in representing and advocating for an effective supercomputing security.

• Demonstrated experience leading efforts to improve cybersecurity in large technical projects. Experience making significant contributions to the planning, design, testing and implementation phases for deploying new technologies.

• Outstanding written and oral technical communication skills as evidenced by the production of materials for technical products, reports, documents, peer-reviewed journals and/or presentations at professional conferences. Demonstrated technical leadership and complex problem-solving experience.

Education/Experience at Scientist 2:

Position requires a Bachelor' degree in a STEM field from an accredited college and university and 4 years of relevant experience or an equivalent combination of education and experience directly related to the occupation.

Education/Experience at Scientist 3:

Position requires a Master's degree in a STEM field from an accredited college or university and 6 years of relevant experience or an equivalent combination of education and experience directly related to the occupation.

Desired Qualifications:

• Strong Linux knowledge and expertise as an administrator. Broad knowledge of administration of production Linux computer systems, utilities, and tools, including experience building, configuring, and administering production Linux computer systems. Experience with multiple Linux distributions.

• Knowledge of High Performance Computing, including environments and supporting infrastructure. Knowledge of distributed systems, including system architectures, computer networks, software and multi-tenancy. Experience with networking and file systems in an HPC environment, experience with parallel file systems (Lustre, GPFS, etc.), experience with archive solutions (HPSS, TSM, etc.), experience with data movement tools.

• Knowledge of one or more monitoring tools (Splunk, Ganglia, Grafana, etc.). Experience configuring syslog, experience with data collection and transport (syslog, IPMI, AMQP, Kafka).

• Knowledge of and experience with cloud security, micro services and containers; their use cases, best practices and knowledge of existing tools to help scan and secure them.

• Experience applying security standards on container architectures, such as Docker, Kubernetes or OpenShift. Knowledge of container vulnerability lifecycle management.

• Knowledge of DevSecOps and CI/CD Pipeline development.

• Knowledge of and experience with web-based user interfaces; their use cases, best practices and knowledge of existing tools to help scan and secure them.

• Possess high attention to detail including excellent organizational skills, analytical thinking, observational skills and problem-solving skills. Ability to multi-task and adjust to the workings of a dynamic and fast paced environment.

• Active DOE "Q" clearance

Work Location:

This position will be located in Los Alamos, NM, with the potential for a hybrid work arrangement (60% onsite/40% offsite) from a location within 2 hours ground commute of this location. Reporting onsite will be required. Hybrid is at the discretion of management and can change at any time with appropriate notice.

Position commitment: Regular appointment employees are required to serve a period of continuous service in their current position in order to be eligible to apply for posted jobs throughout the Laboratory. If an employee has not served the time required, they may only apply for Laboratory jobs with the documented approval of their Division Leader. The position commitment for this position is 1 year.

Note to Applicants:

For consideration, applicants should submit a cover letter addressing how their knowledge, skills and abilities meet the minimum requirements along with a resume.

Where You Will Work

Located in beautiful northern New Mexico, Los Alamos National Laboratory (LANL) is a multidisciplinary research institution engaged in strategic science on behalf of national security. Our generous benefits package includes:

§ PPO or High Deductible medical insurance with the same large nationwide network

§ Dental and vision insurance

§ Free basic life and disability insurance

§ Paid childbirth and parental leave

§ Award-winning 401(k) (6% matching plus 3.5% annually)

§ Learning opportunities and tuition assistance

§ Flexible schedules and time off (PTO and holidays)

§ Onsite gyms and wellness programs

§ Extensive relocation packages (outside a 50 mile radius)

Additional Details

Directive 206.2 - Employment with Triad requires a favorable decision by NNSA indicating employee is suitable under NNSA Supplemental Directive 206.2 (https://directives.nnsa.doe.gov/supplemental-directive/sd-0206-0002) . Please note that this requirement applies only to citizens of the United States. Foreign nationals are subject to a similar requirement under DOE Order 142.3A.

Clearance: Q (Position will be cleared to this level). Selected applicants will be subject to a background investigation conducted by or on behalf of the Federal Government, and must meet eligibility requirements* for access to classified matter. This position requires a Q clearance. and obtaining such clearance requires US Citizenship except in extremely rare circumstances. Dependent upon the position, additional authorization to access classified information may be required, which may or may not be available to dual citizens. Receipt of a Q clearance and additional access authorization ultimately is a decision of the Federal Government and not of Triad.

*Eligibility requirements: To obtain a clearance, an individual must be at least 18 years of age; U.S. citizenship is required except in very limited circumstances. See DOE Order 472.2 (https://www.directives.doe.gov/directives-documents/400-series/0472.2-BOrder-chg1-pgchg) for additional information.

New-Employment Drug Test: The Laboratory requires successful applicants to complete a new-employment drug test and maintains a substance abuse policy that includes random drug testing. Although New Mexico and other states have legalized the use of marijuana, use and possession of marijuana remain illegal under federal law. A positive drug test for marijuana will result in termination of employment, even if the use was pre-offer.

Regular position: Term status Laboratory employees applying for regular-status positions are converted to regular status.

Internal Applicants: Regular appointment employees who have served the required period of continuous service in their current position are eligible to apply for posted jobs throughout the Laboratory. If an employee has not served the required period of continuous service, they may only apply for Laboratory jobs with the documented approval of their Division Leader. Please refer to Policy Policy P701 (https://int.lanl.gov/policy/documents/P701.pdf) for applicant eligibility requirements.

Equal Opportunity: Los Alamos National Laboratory is an equal opportunity employer and supports a diverse and inclusive workforce. All employment practices are based on qualification and merit, without regard to race, color, national origin, ancestry, religion, age, sex, gender identity, sexual orientation, marital status or spousal affiliation, physical or mental disability, medical conditions, pregnancy, status as a protected veteran, genetic information, or citizenship within the limits imposed by federal laws and regulations. The Laboratory is also committed to making our workplace accessible to individuals with disabilities and will provide reasonable accommodations, upon request, for individuals to participate in the application and hiring process. To request such an accommodation, please send an email to applyhelp@lanl.gov or call 1-505-665-4444 option 1.