Senior/Principal Cybersecurity Engineer - Embedded Systems, Onsite

Sandia National Laboratories is the nation's premier science and engineering lab for national security and technology innovation, with teams of specialists focused on cutting-edge work in a broad array of areas. Some of the main reasons we love our jobs:

• Challenging work with amazing impact that contributes to security, peace, and freedom worldwide
• Extraordinary co-workers
• Some of the best tools, equipment, and research facilities in the world
• Career advancement and enrichment opportunities
• Flexible work arrangements for many positions include 9/80 (work 80 hours every two weeks, with every other Friday off) and 4/10 (work 4 ten-hour days each week) compressed workweeks, part-time work, and telecommuting (a mix of onsite work and working from home)
• Generous vacation, strong medical and other benefits, competitive 401k, learning opportunities, relocation assistance and amenities aimed at creating a solid work/life balance*

World-changing technologies. Life-changing careers. Learn more about Sandia at: http://www.sandia.gov

*These benefits vary by job classification.

We are seeking hardworking, self-directed, results focused individuals who have strong interpersonal skills to support lab-wide efforts focusing on the cybersecurity of embedded hardware systems, such as flight vehicles, rocket systems, automotive semi-trailer trucks, cellular mobile devices, and weapon systems! This cybersecurity R&D staff member will perform research, capability development, and analyses using empirical, analytical, and computational techniques to secure, design, and analyze embedded systems. The responsibilities associated with this position span the spectrum of activities from research & development to assessment & secure design engineering.

On any given day, you may be called on to:

• Work with other researchers across the Labs over the capability development cycle to discover, model, validate, and apply new or existing cybersecurity capabilities to embedded systems to deal with constantly evolving technical needs and requirements.
• You will be involved in supporting Sandias numerous test programs, working to analyze proposed systems to support design, and analyze test data to validate models in support of these programs. It is expected that this experience will feed back into the capability development cycle.

Join our dynamic team and make a difference. The selected candidate will help cultivate relationships, grow existing programs, and develop new programs with both new and existing customers across US government agencies, including the Department of War (DoW) and programs inside and outside the National Security Program (NSP). They will also be responsible for collaborating closely with peers and management across the Labs.

Due to the nature of the work, the selected applicant must be able to work onsite in Albuquerque, NM.

$114,000 - $227,500

*Salary range is estimated, and actual salary will be determined after consideration of the selected candidate's experience and qualifications, and application of any approved geographic salary differential.

• A Bachelor's degree in a relevant discipline and five (5) years of directly relevant experience, or an equivalent combination of directly relevant education and engineering or scientific experience that demonstrates the knowledge, skills, and ability to perform independent research and development.
• The ability to obtain and maintain a DOE Q clearance.
• The ability to obtain and maintain an SCI clearance, which may may require a polygraph.

The ideal R&D Cybersecurity Engineer candidate for Sandia National Laboratories will in addition possess the following:

• Graduate degree in Computer Science/Engineering, Electrical Engineering, Computer Information Systems, Computer Forensics, Mathematics or a directly related field where an independent research project was a graduation requirement (e.g., independent project, thesis, or dissertation).
• Active DOE Q or DOD TS security clearance with the ability to obtain and maintain an SCI.
• Experience in one or more of the following: reverse engineering, software vulnerability assessment, web application assessment, computer networking, computer architecture, compilers, or similar computer security topics.
• Proficiency in scripting or high-level programming.
• Familiarity with secure-system design principles and information assurance principles.
• Excellent communication skills and a demonstrated ability to develop technical ideas and results and present them in oral and written form in a concise manner.

Ideally, we would like to see your background include some of the following:

• Real-time operating systems (RTOS) and embedded systems.
• Low-level research in multiple levels of firmware.
• Embedded systems vulnerability analysis.
• Professional experience in either weapon system design, embedded system design, mobile device security, vulnerability analysis, or embedded hardware security.
• Programming experience with an understanding of memory and resource management
• Analyzing device software, hardware, and communications protocols.
• Auditing code in C/C , Java, Python, assembly, or other languages
• Hardware virtualization technologies.
• Assembly or operating system, application layer, Dev-Ops, and/or network layer programming
• Deciphering file formats, data structures, and network protocols
• Analyzing mobile device software and hardware
• RF (radiofrequency) signal analysis
• Mobile/cellular protocols, operating systems, and applications security
• Well-developed leadership skills and able to prioritize and execute in a principled and focused manner

The Cyber Systems Security R&D Department is a forward-looking security risk management team of experts that analyze existing and future security architectures and technologies, and develop next generation methods and tools to improve the security effectiveness and assurance of our nation's critical systems. We employ systems engineering approaches across a spectrum that covers embedded, wireless, enterprise, and globally connected technologies. Our multidisciplinary R&D security research group includes electrical engineers, computer scientists, network security and engineering experts, and security risk management thought leaders. Core program areas our teams support include system red teaming, specialized secure software development, and enterprise security risk assessments. We have exciting career opportunities for individuals with a passion to improve the security effectiveness of our nations critical systems and technologies.

This posting will be open for application submissions for a minimum of seven (7) calendar days, including the 'posting date'. Sandia reserves the right to extend the posting date at any time.

Sandia is required by DOE to conduct a pre-employment drug test and background review that includes checks of personal references, credit, law enforcement records, and employment/education verifications. Applicants for employment need to be able to obtain and maintain a DOE Q-level security clearance and SCI access, both of which require US citizenship. SCI access may also require a polygraph examination. If you hold more than one citizenship (i.e., of the U.S. and another country), your ability to obtain these levels of access may be impacted.

Applicants offered employment with Sandia are subject to a federal background investigation to meet the requirements for access to classified information or matter if the duties of the position require a DOE security clearance. Substance abuse or illegal drug use, falsification of information, criminal activity, serious misconduct or other indicators of untrustworthiness can cause a clearance to be denied or terminated by the DOE, resulting in the inability to perform the duties assigned and subsequent termination of employment.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status and any other protected class under state or federal law.

If you have a Medical Portable Electronic Device (MedPED), such as a pacemaker, defibrillator, drug-releasing pump, hearing aids, or diagnostic equipment and other equipment for measuring, monitoring, and recording body functions such as heartbeat and brain waves, if employed by Sandia National Laboratories you may be required to comply with NNSA security requirements for MedPEDs.

If you have a MedPED and you are selected for an on-site interview at Sandia National Laboratories, there may be additional steps necessary to ensure compliance with NNSA security requirements prior to the interview date.