IT Professional III - Cybersecurity Analyst Location: CO - Golden Position Type: Regular Hours Per Week: 40 Working at NREL: The National Renewable Energy Laboratory (NREL), located at the foothills of the Rocky Mountains in Golden, Colorado is the nation's primary laboratory for research and development of renewable energy and energy efficiency technologies. From day one at NREL, you’ll connect with coworkers driven by the same mission to save the planet. By joining an organization that values a supportive, inclusive, and flexible work environment, you’ll have the opportunity to engage through our ten employee resource groups, numerous employee-driven clubs, and learning and professional development classes. NREL supports inclusive, diverse, and unbiased hiring practices that promote creativity and innovation. By collaborating with organizations that focus on diverse talent pools, reaching out to underrepresented demographics, and providing an inclusive application and interview process, our Talent Acquisition team aims to hear all voices equally. We strive to attract a highly diverse workforce and create a culture where every employee feels welcomed and respected and they can be their authentic selves. Job Description: The cybersecurity analyst monitors NREL's networks and computing systems for suspicious or unwanted activity, investigates the causes and impacts of the activity, and ensures any related security issues are remediated. The cybersecurity analyst uses a combination of technical tools, analysis techniques, intuition, and soft skills to identify, investigate, respond to, and report instances of or trends in anomalous activity. The ideal candidate is a strong communicator and collaborator who has direct experience or training in incident detection and response. This position is located on NREL’s Golden, CO campus. Job Duties: Respond to alerts and investigate security events Recognize successful and unsuccessful intrusion attempts through analysis of relevant event information Perform incident response, analysis, and recovery actions Regularly interact with and educate NREL colleagues who report suspected security threats Research and evaluate security tools and attacker tactics, techniques, and procedures to improve NREL's ability to detect and respond to malicious activity Contribute to the evolution of the Cyber Incident Response Procedure and create and maintain supporting operating procedures Perform forensic tasks to understand the scope and impact of an incident and to collect, preserve and analyze evidence collected during incidents and authorized internal investigations Provide input and support to security tool engineering efforts that enhance detection, analysis, and automation capabilities Contribute to reporting of trends in security events and incidents observed within NREL information systems for management risk awareness and to support continuous monitoring of NREL’s security posture Lead projects (as assigned or independently) that improve the effectiveness and efficiency of NREL’s cybersecurity program, including but not limited to workflow improvements, management tool enhancements, program or NREL strategic initiatives, and user awareness training Basic Qualifications: Relevant Bachelor's Degree and 5 or more years of experience or equivalent relevant education/experience. Or, relevant Master's Degree and 3 or more years of experience or equivalent relevant education/experience. Or, relevant PhD or equivalent relevant education/experience. Complete understanding and wide application of principles, concepts and techniques in specific field. General knowledge of related IS disciplines. Strong leadership and project management skills. Skilled in analytical techniques, practices and problem solving. Advanced programming, design and analysis abilities with various computer software programs and information systems. Must meet educational requirements prior to employment start date. Additional Required Qualifications: Experience includes at least three years in an Information Technology role working in security analysis or incident response One or more professional security certifications, such as C|EH, GIAC (SANS) certifications, Security Splunk or other SIEM experience Experience performing investigations and analysis with an enterprise EDR platform Experience performing incident response in virtualized and cloud computing environments Experience automating tasks with a SOAR platform Experience using incident response triage and tracking systems, workflows, and playbooks Subject matter expertise in one or a combination of the following areas: network packet and protocol analysis, forensic analysis, e-discovery, insider threat analysis, malware analysis, data enrichment and aggregation, security intelligence analysis Technical background in multiple disciplines, including experience with: Windows, Mac and Linux operating systems, including system administration; TCP/IP networking concepts, protocols and architecture; security measures/defense-in-depth; security and availability monitoring Strong understanding of common cybersecurity concepts and threats Strong troubleshooting skills with ability to synthesize multiple related data points into a coherent understanding of an event or series of related events Ability to relay structured technical information in the context of a report Ability to perform research, read documentation, and independently learn new skills Ability to work both alone and as part of a collaborative team Demonstrated skills in critical thinking and problem solving Excellent communication skills, including active listening, ability to prepare and deliver presentations, and clear written correspondence and documentation Must be able to obtain and maintain a DOE (L or Q) security clearance and SCI access. SCI access may require a polygraph examination. Preferred Qualifications: Job Application Submission Window: The anticipated closing window for application submission is up to 30 days and may be extended as needed. Annual Salary Range (based on full-time 40 hours per week): Job Profile: IT Professional III / Annual Salary Range: $79,600 - $143,300 NREL takes into consideration a candidate’s education, training, and experience, expected quality and quantity of work, required travel (if any), external market and internal value, including seniority and merit systems, and internal pay alignment when determining the salary level for potential new employees. In compliance with the Colorado Equal Pay for Equal Work Act, a potential new employee’s salary history will not be used in compensation decisions. Benefits Summary: Benefits include medical, dental, and vision insurance; short- and long-term disability insurance; pension benefits; 403(b) Employee Savings Plan with employer match; life and accidental death and dismemberment (AD&D) insurance; personal time off (PTO) and sick leave; paid holidays; and tuition reimbursement. NREL employees may be eligible for, but are not guaranteed, performance-, merit-, and achievement-based awards that include a monetary component. Some positions may be eligible for relocation expense reimbursement. Limited-term positions are not eligible for long-term disability or tuition reimbursement. Badging Requirement: NREL is subject to Department of Energy (DOE) access restrictions. All employees must also be able to obtain and maintain a federal Personal Identity Verification (PIV) card as required by Homeland Security Presidential Directive 12 (HSPD-12), which includes a favorable background investigation. Drug Free Workplace: NREL is committed to maintaining a drug-free workplace in accordance with the federal Drug-Free Workplace Act and complies with federal laws prohibiting the possession and use of illegal drugs. Under federal law, marijuana remains an illegal drug. If you are offered employment at NREL, you must pass a pre-employment drug test prior to commencing employment. Unless prohibited by state or local law, the pre-employment drug test will include marijuana. If you test positive on the pre-employment drug test, your offer of employment may be withdrawn. Submission Guidelines: Please note that in order to be considered an applicant for any position at NREL you must submit an application form for each position for which you believe you are qualified. Applications are not kept on file for future positions. Please include a cover letter and resume with each position application. EEO Policy: NREL is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard basis of age (40 and over), color, disability, gender identity, genetic information, marital status, domestic partner status, military or veteran status, national origin/ancestry, race, religion, creed, sex (including pregnancy, childbirth, breastfeeding), sexual orientation, and any other applicable status protected by federal, state, or local laws. EEO is the Law | Pay Transparency Nondiscrimination | Reasonable Accommodations E-Verify: www.dhs.gov/E-Verify For information about right to work, click here for English or here for Spanish. J-18808-Ljbffr