Early Career Cybersecurity Researcher - Cyber Threat Center

About Sandia National Laboratories

Sandia National Laboratories stands as the nation's leading science and engineering laboratory, dedicated to national security and technological innovation. Our teams specialize in cutting-edge work across a vast array of fields, driven by challenging projects with significant global impact, an extraordinary peer network, and access to world-class tools and facilities.

We foster career advancement and enrichment, offering flexible work arrangements such as 9/80 and 4/10 compressed workweeks, part-time options, and telecommuting. Employees benefit from generous vacation, comprehensive medical and other benefits, a competitive 401k, extensive learning opportunities, and relocation assistance, all designed to ensure a solid work/life balance. Discover more about Sandia at: http://www.sandia.gov

Your Role as an Early Career Cybersecurity Researcher - Cyber Threat Center

Are you driven by a passion for research aimed at safeguarding systems and preventing cyber intrusions? Do you envision yourself developing protective technologies, performing threat assessments, and analyzing government, military, and civilian computer networks? This is your chance to join Sandia's unique multidisciplinary team, committed to resolving the critical information security challenges facing our nation. In this role, you will contribute to work spanning the technology spectrum, including embedded, mobile, desktop, enterprise, and cloud systems, as well as globally interconnected networks.

We are seeking early-career cybersecurity scientists and engineers to advance Sandia's national security missions.

Key Responsibilities

• Manual and automated reverse engineering, vulnerability assessment, and malware analysis.
• Intrusion prevention/detection and response, penetration testing, and forensics.
• Network operation, information protection, and resiliency.
• Authentication and authorization.
• Cryptography.
• Side Channel Analysis and Failure Analysis.
• Threat intelligence.
• Modeling, simulation, and emulation.
• Data science, information theory, and streaming and behavioral analytics.
• Hardware/software trust and assurance.
• Real-time operating systems (RTOS) and embedded systems, including Internet of Things (IoT).
• FPGA Programming (HDL/VHDL experience).
• Virtualization (system and network) technologies and cloud technologies.
• Mobile devices and smart technologies.
• Autonomous systems.
• Industrial control systems, Operational Technology (OT), and SCADA systems.
• Artificial Intelligence (AI) and AI Security.

Please note: Applicants for this requisition may be interviewed by multiple organizations within Sandia National Laboratories.

This position requires onsite work due to the nature of the job.

Qualifications We Require

• A Bachelor's degree in a relevant discipline, or an equivalent combination of directly relevant education and engineering or scientific experience demonstrating the knowledge, skills, and ability to perform independent research and development.
• Ability to obtain and maintain a DOE Q and SCI clearance, which may require a polygraph test.

Qualifications We Desire

The ideal R&D Cybersecurity Engineer candidate for Sandia National Laboratories will also possess:

• A graduate degree in Computer Science/Engineering, Electrical Engineering, Computer Information Systems, Computer Forensics, Mathematics, or a directly related field with an independent research project as a graduation requirement (e.g., independent project, thesis, or dissertation).
• Experience in one or more of the following: reverse engineering, software vulnerability assessment, web application assessment, computer networking, computer architecture, compilers, or similar computer security topics.
• Proficiency in scripting or high-level programming.
• Familiarity with secure-system design principles and information assurance principles.
• Excellent communication skills, with a proven ability to develop and present technical ideas and results concisely in both oral and written forms.

Ideally, your background would include:

• Firmware and Hardware: Competency in firmware or hardware emulation; strong capabilities in FPGA design, programming, and analysis.
• Cybersecurity Expertise: Experience with Kernel development, OT/ICS/SCADA devices and systems, virtualization technologies, and firmware environments; hands-on technical cybersecurity experience/internships; experience with cybersecurity research and/or publications.
• Operating System and Low-Level Software: Experience with operating system design and security, driver development, low-level software debugging, hypervisor implementations, and memory management.
• Data Science and AI: Demonstrated experience in data science, machine learning, information theory, streaming and behavioral analytics, and network protocols; cyber-relevant experience in Artificial Intelligence (AI), including AI security, data engineering, and machine learning models.
• An active DOE Q-level security clearance or equivalent (e.g., DOD Top Secret).

About Our Team - The Threat Intelligence Center

As a Federally Funded Research and Development Center (FFRDC), Sandia National Laboratories is continually called upon to address the nation's most critical national security needs. Within the Threat Intelligence Center, the Information Operations Program focuses on assessing, designing, implementing, and influencing the development of national security-related information systems and technologies for Defense and Intelligence customers.

When applying to this requisition, you may be interviewed and/or hired into one of several groups contributing to the Information Operations Mission:

• Cyber-Physical Mission R&D: Performs research and development to assess and protect Cyber-Physical Systems (CPS) from a system view down to individual components.
• Cyber Intelligence Research: Develops and applies software and hardware tools to analyze complex information systems for vulnerabilities, transferring solutions for critical information system challenges.
• Microelectronics Protection Technologies: Assesses, designs, and influences national-security-related information systems by developing tools to analyze microelectronic devices for vulnerabilities and developing protective solutions.
• Emerging Cyber Capabilities: Develops innovative cyber capabilities, synthesizing operational, experimental, threat, and vulnerability data to understand and protect high-consequence national security systems.

Security Clearance Requirements

Sandia mandates a pre-employment drug test and background review, including checks of personal references, credit, law enforcement records, and employment/education verifications. Applicants must obtain and maintain a DOE Q-level security clearance and SCI access, both requiring US citizenship. SCI access may also involve a polygraph examination. Dual citizenship may affect access eligibility.

Employment with Sandia is contingent upon a federal background investigation to meet classified information access requirements. Substance abuse, illegal drug use, falsification of information, criminal activity, or other indicators of untrustworthiness can lead to clearance denial or termination by the DOE, impacting job performance and employment.

Key skills/competency

• Reverse Engineering
• Vulnerability Assessment
• Malware Analysis
• Intrusion Detection
• Penetration Testing
• Threat Intelligence
• Data Science
• AI Security
• Embedded Systems
• FPGA Programming