Position Summary:  This position will be in support of the Software Engineering Institute’s Washington, DC office and will report to the Washington Operations Manager. The candidate will be responsible for performing various administrative duties including daily tasks to facilitate efficient/effective office and conference operations.  Maintain the office workflow to include providing well organized filing system and coordinating the office daily schedule of events. Duties will include; create a tracking system for office supplies and coffee orders to assist the Washington Operations Manager in staying within and determining the annual budget, welcoming and assisting (as necessary) all individuals who enter our facility; operate the main phone system; coordinate all hosted events; order office supplies. Responsible for all shipping and receiving including tracking shipping costs to support the operational costs to effectively run the DC office. Candidate will be responsible for daily suite walkthroughs to ensure a well maintained facility and professional appearance. The candidate will provide administrative assistance as requested to the Arlington office staff including Business Managers and the Director of Program Development and Transition. Candidate must be available to work 8:00am to 5:00pm or 7:00am to 4:00pm, Monday through Friday, with an hour for lunch.


Minimum Qualifications and Requirements:

Education/Training: High School Diploma or equivalent and combination of training and office staff experience.    

Experience:  Five (5) years secretarial/administrative related experience or equivalent in education and training.    

Skills/Abilities: Excellent interpersonal, problem solving and organization skills; ability to understand and follow directions; ability to operate standard office equipment; ability to work autonomously; establish priorities and meet deadlines; ability to handle multiple tasks simultaneously; reasoning and problem-solving skills; basic computer literacy, and working knowledge of Microsoft Office Products, especially MS Word, Power Point and Excel.    

Physical/ Mobility: Normally sedentary position with some mobility; i.e., able to travel to other campus locations; may require some bending, stretching, pushing as well as lifting of several reams of paper, etc.  Primary sedentary; may require some bending, reaching, pushing as well as lifting boxes up to 35 lbs.

Environmental Conditions: Usual office setting.

Mental: Ability to pay close attention to detail, meet inflexible deadlines, work under pressure and work  with frequent interruptions.  Willingness to assume responsibilities, exercise judgment and be self-motivated. Ability to identify new problems and present issues clearly to supervisor with suggestions for potential solutions.              
    
Other:  Successful candidate must be a US citizen, able to pass a background investigation and obtain a Secret security clearance.


Preferred Qualifications and Requirements:

Education/Training: Associate’s degree or equivalent business school degree.
    
Experience: Experience in an executive office environment.    

Other:  Successful candidate must be able to obtain a Security Clearance.  



Accountability:  Will greet all visitors to the Washington, DC branch office and answer main line into the facility. Be responsible for various administrative tasks; such as coordination of hosted events, meetings, and classes, ordering office supplies and maintaining a well-kept and professional environment. Responsible for providing administrative support to track and maintain accurate records of operational costs for use when determining the annual budget.  Responsible for ensuring the various day-to-day duties are carried out in a timely and professional manner. The individual must be able to act quickly, efficiently and accurately convey information to staff and visitors. Willing to follow required guidelines and procedures and clearly convey requirements to staff and visitors.  

Direction:  Must be proactive in determining the needs of visitors and staff at the Washington, DC branch office. Expected to work independently in most instances. Receives general direction from the Washington Operations Manager as to what needs to be done. Difficult or unique problems are referred to the supervisor. Needs to be able to clearly explain issues to supervisors when required.  

Decisions:  Suggests ideas/changes to be made to uphold the quality customer service to visitors and SEI staff at the Washington, DC branch office. Expected to handle questions or inquiries directly or route to the most appropriate person as necessary.  Expected to be able to handle routine questions without direct supervision.  

Supervisory Responsibilities:  No supervisory responsibilities.

JOB FUNCTIONS OR RESPONSIBILITIES:

30%    Serve as initial contact and liaison, providing information/coordination via phone or in person for the facility. Welcoming visitors to the Washington, DC branch office and operate main phone line into the office. Maintain various administrative tasks in support of the office, which include, but are not limited to the following: create and maintain a tracking system for office supplies and coffee orders to assist the Washington Operations Manager in staying within and determining the annual budget; responsible for tracking shipping costs to support the operational costs to effectively run the DC office and managing incoming and outgoing shipments and general mail delivery & distribution and all other deliveries received. Create, modify, and maintain well-organized filling system. Administer purchase request order requisitions and database. Candidate serves as a liaison with various vendors to insure building maintenance, work orders completions, etc.    

30%    Coordinate hosted meetings/events/classes in the Washington, DC branch office, and provide direct meeting support as required including the budgeting for and procurement of resources required for the accomplishment of successful meetings. Serve as a main point of contact and provide support for conference room calendars for the office.  Assists with room setup for events, and administrative assistance to instructors and students as requested. Expected to handle questions or inquires directly or route to the most appropriate person without contacting supervisor.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
20%    Maintain the office workflow to include providing drafts of necessary writing and correspondence to clients, employees, and other department heads. Arrange travel requests and prepares reimbursements.
        
5%    Troubleshoot problems with office equipment i.e. printers, faxes and copiers; and audio visual equipment in the Washington, DC branch office as needed.
    
15%    Supports Washington Operations Manager and serves as back up for the Course Administrator in his/her absence.

100% TOTAL EFFORT


ORGANIZATIONAL CHART: Director, PDT < Washington Operations Manager < Administrative Assistant II

 

Position Summary:  The CMU/SEI Cyber Innovation Center (CIC) is a formative activity focused on matching state-of-the-art software research with critical U.S. Government (USG) needs.  This position will support the CIC mission by developing, applying, demonstrating, evaluating, and transitioning software capabilities that operationalize research concepts of significant value to the USG.  Software developers in the CIC work on leading edge technologies and apply them to important and challenging problems. It is a dynamic and flexible development environment with constant opportunities to develop new skills, to learn new programming methods and techniques, to work on emerging architectures and systems, and to make a difference.

Duties include:  Take hands-on lead role on team of Software Developers; develop and code software solutions that provide needed capabilities to the USG building on state-of-the-art research in analytics, data architectures, software assurance, security, and human information interaction; conduct rapid software prototyping to demonstrate and evaluate technologies in relevant environments; conduct performance, security, and other aspects of evaluating software systems; test software capabilities using novel testing and analysis techniques; document software with an emphasis on architectures, user stories, and interface definitions; practice agile software development methods and actively participate on teams of software developers, researchers, designers, and technical leads; support software development infrastructure and assist in building and configuring computing systems and resources; interface with the research community and the USG to understand challenges, needs, and possible solutions; contribute to improving the overall technical capabilities of the CIC by mentoring and teaching others, participating in design (software and otherwise) sessions, and sharing insights and wisdom across the CIC team.


Minimum Qualifications and Requirements:

Education/Training:  Bachelors of Science in Computer Science, Information Systems, or related field with ten (10) years’ experience in hands on software development, or equivalent; Masters of Science in Computer Science, Information Systems, or related field with eight (8) years’ experience in hands on software development, or equivalent; Ph.D. with five (5) years’ experience is a plus.

Experience:  Professional experience listed above to include the following areas:  eight (8) years of production or intensive research software development experience in modern languages such as C/C++ or Java; knowledge of other commonly used language such as Perl, Python, Ruby, JavaScript, etc.; working knowledge of some modern computing paradigms and environments such as NoSQL systems (Hadoop, CouchDB, MapReduce), cloud computing and virtualization, parallel programming, HPC development, network programming, mobile development, and interface development; familiarity with end-to-end software development activities in Linux/Windows/Unix/Web environments; familiarity with software development tools including IDEs (Eclipse, IntelliJ, emacs etc.), version control systems (git, svn, p4 etc.) and bug tracking systems (e.g., bugzilla); working knowledge and experience in participating in agile software development practices and team design sessions; experience as team lead or supervisor; demonstrated problem solving ability with the ability to explore and evaluate many possible solutions to problems; proven contribution to open source development projects is a plus.

Skills/Abilities:  Knowledge of:  Software development in Python, C/C++, Java, and other modern languages; modern computing, data, and storage solutions including advanced web development (HTML5, Adobe Flex, PHP), data processing architectures (MapReduce, Hadoop, BigTable) including cloud computing and virtualization concepts; virtualization, hypervisors, cloud controllers, and other cloud provisioning concepts; algorithm design and analysis including analysis of algorithm complexity; familiarity with of core Internet protocols (e.g., TCP/IP, BGP, UDP, ICMP, DNS, SMTP, HTTP, etc.); software / systems development lifecycle, QA testing, revision control, and change management practices.

Mobility: Primarily sedentary in an office setting with some mobility. Flexible to travel to various locations within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion. Travel outside of Pittsburgh limited to no more than 5 working days a month.

Environmental Conditions: Normal office conditions; close contact with computer screen for extended periods of time.

Mental: The ability to:  explore and solve complex, ill-defined problems; work meticulously with attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; self-starter willing to take on tasks and initiate constructive activity with little guidance; deal collaboratively, diplomatically, and successfully with customers, co-workers, and other professional colleagues, managers, and staff; grasp the big picture, direction, and goals of an effort; interface with world-class research community; develop and communicate innovative ideas; quickly learn new procedures, techniques, and approaches.

Other:  Candidates must be able to pass a background investigation, obtain a DoD TS/SCI security clearance, and be a US citizen.


Preferred Qualifications and Requirements:

Education/Training:  Ph.D. in Computer Science, Mathematics, Information Systems, or related disciplie with five (5) years’ experience.


Accountability:  This position will be responsible for exploring, defining, developing, demonstrating, and, in some cases, transitioning software capabilities.  This includes working with a team of developers, researchers, designers, and other technical personnel to create solutions.

Direction:  This position is expected to act with minimal supervision in accordance with SEI procedures and policies, such as those involving product development, team interaction, and confidentiality.

Decisions:  This position will explore, develop, and demonstrate software capabilities and make implementation choices for a wide-range of software-intensive problems.

Supervisory Responsibilities:  This position will eventually supervise a team of approximately 2 to 6 developers, and will act in the capacity of a mentor to solutions architects, software developers, and designers.


JOB FUNCTIONS OR RESPONSIBILITIES:

30%    Design, develop, test, document, and demonstrate software.

20%    Lead, direct, and oversee the activities of a team of developers working on diverse set problems and projects; development and management the development infrastructure and support the development team.

20%    Interface with the research community to understand the state of research ideas and the practicality of applying those ideas to real USG problems and challenges.  Interface with USG customers to understand their needs and capabilities and identify possible solutions.

20%     Actively participate in agile team software development activities and team brainstorming, innovations, and design sessions.

10%     Participate in the broader SEI software research community through collaboration, papers, and presentations.

100% TOTAL EFFORT


ORGANIZATIONAL CHART:  CIC Director < CIC Chief Architect < Senior Software Developer
 

Position Summary:  The CMU/SEI Cyber Innovation Center (CIC) is a formative activity focused on matching state-of-the-art software research with critical U.S. Government (USG) needs.  This position will support the CIC mission by developing, applying, demonstrating, evaluating, and transitioning software capabilities that operationalize research concepts of significant value to the USG.  Software developers in the CIC work on leading edge technologies and apply them to important and challenging problems. It is a dynamic and flexible development environment with constant opportunities to develop new skills, to learn new programming methods and techniques, to work on emerging architectures and systems, and to make a difference.

Duties include:  Develop and code software solutions that provide needed capabilities to the USG building on state-of-the-art research in analytics, data architectures, software assurance, security, and human information interaction;  conduct rapid software prototyping to demonstrate and evaluate technologies in relevant environments; conduct performance, security, and other aspects of evaluating software systems; test software capabilities using novel testing and analysis techniques; document software with an emphasis on architectures, user stories, and interface definitions; practice agile software development methods and actively participate on teams of software developers, researchers, designers, and technical leads; support software development infrastructure and assist in building and configuring computing systems and resources; interface with the research community and the USG to understand challenges, needs, and possible solutions; contribute to improving the overall technical capabilities of the CIC by mentoring and teaching others, participating in design (software and otherwise) sessions, and sharing insights and wisdom across the CIC team.


Minimum Qualifications and Requirements:

Education/Training:  Bachelors of Science in Computer Science, Information Systems, or related field with eight (8) years’ experience in hands on software development, or equivalent; Masters of Science in Computer Science, Information Systems, or related field with five (5) years’ experience in hands on software development, or equivalent; Ph.D. with two (2) years’ experience is a plus.

Experience:  Professional experience listed above to include the following areas:  five (5) years of production or intensive research software development experience in modern languages such as C/C++ or Java; knowledge of other commonly used language such as Perl, Python, Ruby, JavaScript, etc.; working knowledge of some modern computing paradigms and environments such as NoSQL systems (Hadoop, CouchDB, MapReduce), cloud computing and virtualization, parallel programming, HPC development, network programming, mobile development, and interface development; familiarity with end-to-end software development activities in Linux/Windows/Unix/Web environments; familiarity with software development tools including IDEs (Eclipse, IntelliJ, emacs etc.), version control systems (git, svn, p4, etc.) and bug tracking systems (e.g., bugzilla); working knowledge and experience in participating in agile software development practices and team design sessions; demonstrated problem solving ability with the ability to explore and evaluate many possible solutions to problems; proven contribution to open source development projects is a plus.

Skills/Abilities: Knowledge of:  software development in Python, C/C++, Java, and other modern languages; modern computing, data, and storage solutions including advanced web development (HTML5, Adobe Flex, PHP), data processing architectures (MapReduce, Hadoop, BigTable) including cloud computing and virtualization concepts; algorithm design and analysis including analysis of algorithm complexity; familiarity with of core Internet protocols (e.g., TCP/IP, BGP, UDP, ICMP, DNS, SMTP, HTTP, etc); software / systems development lifecycle, QA testing, revision control, and change management practices.

Mobility: Primarily sedentary in an office setting with some mobility. Flexible to travel to various locations within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion. Travel outside of Pittsburgh limited to no more than 5 working days a month.

Environmental Conditions: Normal office conditions; close contact with computer screen for extended periods of time.

Mental: The ability to:  explore and solve complex, ill-defined problems; work meticulously with attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; self-starter willing to take on tasks and initiate constructive activity with little guidance; deal collaboratively, diplomatically, and successfully with customers, co-workers, and other professional colleagues, managers, and staff; grasp the big picture, direction, and goals of an effort; interface with world-class research community; develop and communicate innovative ideas; quickly learn new procedures, techniques, and approaches.

Other:  Candidates must be able to pass a background investigation, obtain a DoD TS/SCI security clearance, and be a US citizen.


Accountability:  This position will be responsible for exploring, defining, developing, demonstrating, and, in some cases, transitioning software capabilities.  This includes working with a team of developers, researchers, designers, and other technical personnel to create solutions.

Direction:  This position is expected to act with minimal supervision in accordance with SEI procedures and policies, such as those involving product development, team interaction, and confidentiality.

Decisions:  This position will explore, develop, and demonstrate software capabilities and make implementation choices for a wide-range of software-intensive problems.

Supervisory Responsibilities:  This position does not supervise others, but may provide technical leadership to projects and act in the capacity of a mentor to solutions architects, software developers, and designers.


JOB FUNCTIONS OR RESPONSIBILITIES:

60%    Design, develop, test, document, and demonstrate software

15%    Interface with the research community to understand the state of research ideas and the practicality of applying those ideas to real USG problems and challenges.  Interface with USG customers to understand their needs and capabilities and identify possible solutions.

15%    Actively participate in agile team software development activities and team brainstorming, innovations, and design sessions.

10%    Participate in the broader SEI software research community through collaboration, papers, and presentations

100% TOTAL EFFORT


ORGANIZATIONAL CHART:  CIC Director < CIC Chief Architect < Software Developer


 

Position Summary:  The CMU/SEI Cyber Innovation Center (CIC) is a formative activity focused on matching state-of-the-art software research with critical U.S. Government (USG) needs.  This senior position will support the CIC mission by developing, applying, demonstrating, evaluating, and transitioning software capabilities that operationalize research concepts of significant value to the USG.  Software developers in the CIC work on leading edge technologies and apply them to important and challenging problems. It is a dynamic and flexible development environment with constant opportunities to develop new skills, learn new programming methods and techniques, work on emerging architectures and systems, and make a difference.

Duties include:  Take hands-on leadership responsibilities on a team of software developers and cyber intelligence analysts; perform  rapid software prototyping to demonstrate and evaluate technologies in relevant environments; conduct performance, security, and other aspects of evaluating software systems; test software capabilities using novel testing and analysis techniques; document systems with an emphasis on architectures, user stories, and interface definitions; practice agile software development methods and actively participate on teams of software developers, researchers, designers, and intelligence analysts; support cyber analytical infrastructure and assist in building and configuring computing systems and resources; interface with the technical community, intelligence analytical community and the USG to understand challenges, needs, and possible solutions; contribute to improving the overall technical capabilities of the CIC by mentoring and teaching others, participating in design (software and otherwise) sessions, and sharing insights and wisdom across the CIC team.

Minimum Qualifications and Requirements:

Education/Training:  Bachelor of Science in Computer Science, Information Systems, or related field with ten (10) years’ experience in hands on software development, or equivalent; Masters with eight (8) years’ experience or a Ph.D. with five (5) years’ experience a plus.

Experience:  Professional experience listed above to include the following areas:  ten (10) years of production or intensive research software development experience in modern languages such as C/C++ or Java; knowledge of other commonly used language such as Perl, Python, Ruby, JavaScript, etc.; working knowledge of modern encryption and security computing topics e.g. Public Key Cryptography, Network security, etc.; familiarity with Operating System concepts in Linux/Windows/Unix environments; familiarity with software development tools including IDEs (Eclipse, IntelliJ, emacs etc.), version control systems (git, svn, p4 etc.) and bug tracking systems (e.g., bugzilla); working knowledge and experience in participating in agile software development practices and team design sessions; experience as team lead; demonstrated problem solving ability with the ability to explore and evaluate many possible solutions to problems; proven contribution to open source development projects is a plus.

Skills/Abilities: Knowledge of:  Software development in Python, C/C++, Java, and other modern languages; modern computing, data, and storage solutions including advanced web development (HTML5, Adobe Flex, PHP), data processing architectures (MapReduce, Hadoop, BigTable) including cloud computing and virtualization concepts; virtualization, hypervisors, cloud controllers, and other cloud provisioning concepts; algorithm design and analysis including analysis of algorithm complexity; familiarity with of core Internet protocols (e.g., TCP/IP, BGP, UDP, ICMP, DNS, SMTP, HTTP, etc); software and network security concepts.

Mobility: Primarily sedentary in an office setting with some mobility. Flexible to travel to various locations within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion. Travel outside of Pittsburgh limited to no more than 5 working days a month.

Environmental Conditions: Normal office conditions; close contact with computer screen for extended periods of time.

Mental: The ability to:  explore and solve complex, ill-defined problems; work meticulously with attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; self-starter willing to take on tasks and initiate constructive activity with little guidance; deal collaboratively, diplomatically, and successfully with customers, co-workers, and other professional colleagues, managers, and staff; grasp the big picture, direction, and goals of an effort; interface with world-class research community; develop and communicate innovative ideas; quickly learn new procedures, techniques, and approaches.

Other:  Candidates must be able to pass a background investigation, obtain a DoD TS/SCI security clearance, and be a US citizen.

Preferred Qualifications and Requirements:

Education/Training: Masters or Ph.D. in Computer Science, Mathematics, Information Systems, or related discipline with eight (8) years’ experience.

Accountability:  This position will be responsible for exploring, defining, developing, demonstrating, and, in some cases, transitioning software capabilities.  This includes working with a team of developers, researchers, designers, and other technical personnel to create solutions.

Direction:  This position is expected to act with minimal supervision in accordance with SEI procedures and policies, such as those involving product development, team interaction, and confidentiality.

Decisions:  This position will explore, develop, and demonstrate software capabilities and make implementation choices for a wide-range of software-intensive problems.

Supervisory Responsibilities:  This position will eventually supervise a team of approximately 2 to 6 developers, and will act in the capacity of a mentor to solutions architects, software developers, and designers.

JOB FUNCTIONS OR RESPONSIBILITIES:

30%     Design, develop, test, document, and demonstrate software.

20%     Lead, direct, and oversee the activities of a team of developers working on diverse set problems and projects; development and management the development infrastructure and support the development team.

20%     Interface with the research community to understand the state of research ideas and the practicality of applying those ideas to real USG problems and challenges.  Interface with USG customers to understand their needs and capabilities and identify possible solutions.

20%     Actively participate in agile team software development activities and team brainstorming, innovations, and design sessions.

10%     Participate in the broader SEI software research community through collaboration, papers, and presentations.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  CIC Director < CIC Chief Architect < Software Solutions Designer

Position Summary:  The goal of the Enterprise Threat and Vulnerability Management (ETVM) team is to assist organizations in improving their security posture and incident response capability by researching threat areas; developing information security assessment methods and techniques; and providing information, solutions and training for preventing, detecting, and responding to illicit activity.  ETVM team members are domain experts in threat analysis, cybersecurity assessments and incident response.  Team capabilities include threat analysis and modeling; development of security metrics and assessment methodologies; and creation and delivery of training, courses, and workshops.  The selected individual will participate in two principal areas of work in ETVM: performing security assessments for US Government agencies and industry representatives, and researching and developing new assessment tools.  Security assessments entail conducting on-site technical assessments, pre- and post-assessment analysis, preparation of technical reports and briefings to customers.  Research includes development of tools, scripts, methodologies and other assessment products for vulnerability assessment, penetration testing, and assessing operational threats.

Minimum Qualifications and Requirements:

Education/Training:  BS in computer science, software engineering, information systems, or a related technical field with three (3) years’ experience or equivalent.

Experience:  Experience as a system or network security tester, software engineer, information systems security analyst or similarly technical occupation.

Skills/Abilities:  System administration and network administration skills and familiarity with Windows, UNIX, LINUX operating systems; knowledge of TCP/IP networking and standard protocols (FTP, SMTP, HTTP, SNMP, etc.); knowledge of common attack methodologies; common types of security vulnerabilities; proficiency in the use of manual and automated techniques for scanning and enumeration, vulnerability discovery, and penetration testing of networks, applications, operating systems, databases, and email systems; proficiency in the use of  spreadsheets and word processing; proficiency in the use of relational databases, web servers, web app platforms and web services; development using Java, Python, Ruby, Perl, SQL (MySQL, Oracle), XML, C/C++, Javascript and/or other scripting languages; working knowledge of network security and survivability/resiliency issues; ability to conduct analytical studies on large amounts of data; outstanding written and oral communication skills; demonstrated ability to prepare papers and presentations for technical and non-technical audiences; reasoning and problem-solving skills; ability to work independently with limited supervision; ability to recognize and deal appropriately with confidential and sensitive information; participate in conferences and meetings; contribute to customer presentations and technology transfer activities; strong interest in vulnerability assessment R&D; ability to create instructional materials and conduct training.

Mobility:  Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites & various critical infrastructure sites.

Environmental Conditions:  Close contact with CRT for extended periods of time.

Mental:  Ability and interest in addressing security issues in a holistic manner, addressing both organizational and technical policies and practices; as well as behavioral and organizational issues; ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; ability to understand information security risks associated with vulnerability and penetration testing; ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.

Other: Candidate must have the ability to pass a background investigation, obtain a Top Secret security clearance, and be a US citizen.

Preferred Qualifications and Requirements:

Education/Training:  MS in computer science, software engineering, information systems, or a related technical field with one (1) year experience preferred or BS in computer science, software engineering, information systems, or a related technical field with three (3) years’ experience or equivalent.

Licenses:  Technical certifications such as CEH, ISRM, OSCP, GPEN or CPT.

Experience:  Experience working in or with the DOD, intelligence community, or law enforcement in a classified environment; experience in both physical and cyber security; experience in auditing, conducting assessments, or penetration testing; experience assessing the security of databases, web applications, wireless, DLP, SCADA and/or network infrastructure; working in a team environment on collaborative projects in critical infrastructure sectors involving network, system or data security; experience employing software engineering techniques in designing and developing distributed, secure software; experience leading technical project teams and interfacing with customers; experience making presentations to large or high level audiences.

Skills/Abilities:  Working knowledge of network security/survivability; knowledge of and experience with sound software engineering practices and best practices for information security; working knowledge of systems dynamic modeling techniques and modeling applications and tools; experience with statistics; project management experience; leadership and mentoring skills; working knowledge of social engineering techniques.

Accountability: The individual will implement and participate in the planning and execution of projects leading to technical results (this may include the detailed examination and analysis of law enforcement, federal agency, or classified casefiles).  The individual will also contribute to project, department, or program objectives and planning document development.  The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction: The individual is expected to act independently using CMU, SEI, and NSS defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual must make sound technical decisions with little supervision.  The individual must accurately represent the program in interactions with customers, sponsors, and the public.  The individual is expected to perform analysis on-site at critical infrastructure locations and immediately assess potential vulnerabilities requiring further investigation.

Supervisory Responsibilities:  This position could be responsible for leading projects as assigned, and could involve the training and supervision of graduate students. 

JOB FUNCTIONS OR RESPONSIBILITIES:

50%           Perform onsite security assessments.  Travel to customer sites is required.

40%           Participate in the development and delivery of security analysis and risk assessment approaches with customers and partners;  participate in research, analysis, and documentation of physical/cyber security vulnerabilities at critical infrastructure sites.

10%           Contribute to conferences and meetings; participate in marketing calls on clients; give talks and lectures as appropriate.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  Networked Systems Survivability Program, Director < Cyber Enterprise and Workforce Management, Technical Director < Enterprise Threat and Vulnerability Management, Technical Manager < Cyber Security Assessments and Validation, Team Lead < Risk & Vulnerability Assessment Security Analyst

Position Summary:  The Senior Member of the Engineering Technical Staff of the Military Services Team will be responsible for leading teams that enable the organizations within the Department of Defense as well as other customer organizations to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems. Key activities include understanding customer requirements and key challenge problems and addressing them with tailored solutions; applying, adapting, integrating, verifying and transitioning the SEI body of knowledge and other bodies of knowledge to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software engineering state of the practice; and maintaining situational awareness in technical and DoD domains. The candidate will coordinate closely with technical staff in ASP and other SEI programs to deliver software engineering technical expertise to customers throughout the lifecycle. The senior engineering technical staff member will be able to lead and participate in multi-disciplinary teams in support of the ASP vision and mission.

Minimum Qualifications and Requirements:
 
Education/Training: Bachelor's degree in Computer Science, Information Systems, systems engineering, software engineering, acquisition management or equivalent combination of experience and training.

Experience: The candidate must have at least: BS or equivalent degree in relevant discipline with ten (10) years applicable experience; MS or equivalent degree in relevant discipline with eight (8) years applicable experience; PhD or equivalent degree in relevant discipline with five (5) years applicable experience.
The candidate must have experience in software engineering, development or management and/or systems engineering. Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD, Intelligence Community or Civilian Agency acquisition processes. The candidate should have experience building, leading, managing and participating on cross-functional, high technology teams, should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors.

Skills/Abilities: Detailed knowledge of software engineering; detailed knowledge of at least one core competency: requirements, architecture and design, program and acquisition management, performance improvement, assurance, or security and depth in at least one SEI body of work.

Experience in five or more of the following: DoD or Civilian Agency software systems acquisition on major programs (For the purposes of this announcement, our definition of major is at least 100K SLOC of custom developed code, and/or significant integration of COTS/GOTS products); solid technical breadth and understanding of all aspects of the end-to-end software lifecycle (e.g., requirements, design, implementation, testing, etc.); alternative life cycles (e.g. waterfall, agile); major DoD, Intelligence Community, or Civilian Agency software acquisition policies and directives; enterprise architecture (e.g., DoD Architecture Framework [DoDAF] or Federal Enterprise Architecture Framework [FEAF]); software architecture development and evaluation, software architecture patterns (e.g. SOA) and concepts (e.g. Cloud computing); information Assurance/survivability; systems engineering on software intensive systems; COTS product integration; performance measurement including definition and application of goals, measurements and metric; system of systems engineering; requirements development and management; software integration and test and software/hardware integration; deployment of software intensive systems, especially including transition from legacy systems; cost estimation.

Strong written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization.  Proven program and project management skills including: interfacing with clients, developing proposals, and establishing relationships with new DoD and/or government clients and programmatic and project management skills (e.g., ability to develop project plans, track deliverables, manage risks, perform staff planning, provide budget oversight).  Ability to lead and participate in multidisciplinary teams.

Mobility: Will be required to travel on overnight assignments

Environmental Conditions: Usual office setting with extended use of CRT

Other: Successful candidate must be able to pass a background investigation, be a US citizen and be eligible for a Top Secret SCI security clearance.

Preferred Qualifications and Requirements: 

Education/Training: Master's degree in Computer Science, Information Systems, systems engineering, software engineering, or acquisition management.

Licenses: Certified DoD Acquisition Professional. Certified PMP.

Accountability:  The member will be directly accountable for understanding DoD acquisition needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction:  As a technical staff member, he/she will be expected operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions:  Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  Must be able to lead and supervise others.

JOB FUNCTIONS OR RESPONSIBILITIES:

85%  Participate as a leader or member of technical teams in support of government acquisition program offices or participate as a member of a technical team performing research. Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

10%  Other duties as assigned by the Acquisition Support Program Executive Director, Deputy Director, Associate Director or Chief Engineer.

5%  Serve in an advisory capacity to other SEI technical programs on acquisition or technical issues.
100% TOTAL EFFORT

 ORGANIZATIONAL CHART:    SEI Director’s Office < Executive Director—Interagency, Acquisition and Cyber < Associate Director, Military Services Acquisition < Military Services Team: Senior Engineer 

Position Summary: The Senior Member of the Engineering Technical Staff of the Military Services Team will be responsible for leading teams that enable the organizations within the Department of Defense as well as other customer organizations to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems. Key activities include understanding customer requirements and key challenge problems and addressing them with tailored solutions; applying, adapting, integrating, verifying and transitioning the SEI body of knowledge and other bodies of knowledge to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software engineering state of the practice; and maintaining situational awareness in technical and DoD domains. The candidate will coordinate closely with technical staff in ASP and other SEI programs to deliver software engineering technical expertise to customers throughout the lifecycle. The senior engineering technical staff member will be able to lead and participate in multi-disciplinary teams in support of the ASP vision and mission.

Minimum Qualifications and Requirements:

Education/Training: Bachelor's degree in Computer Science, Information Systems, systems engineering, software engineering, acquisition management or equivalent combination of experience and training.

Experience: The candidate must have at least: BS or equivalent degree in relevant discipline with ten (10) years applicable experience; MS or equivalent degree in relevant discipline with eight (8) years applicable experience; PhD or equivalent degree in relevant discipline with five (5) years applicable experience.
The candidate must have experience in software engineering, development or management and/or systems engineering. Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD, Intelligence Community or Civilian Agency acquisition processes. The candidate should have experience building, leading, managing and participating on cross-functional, high technology teams, should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors.

Skills/Abilities: Detailed knowledge of software engineering; detailed knowledge of at least one core competency: requirements, architecture and design, program and acquisition management, performance improvement, assurance, or security and depth in at least one SEI body of work.

Experience in five or more of the following: DoD or Civilian Agency software systems acquisition on major programs (For the purposes of this announcement, our definition of major is at least 100K SLOC of custom developed code, and/or significant integration of COTS/GOTS products); solid technical breadth and understanding of all aspects of the end-to-end software lifecycle (e.g., requirements, design, implementation, testing, etc.); alternative life cycles (e.g. waterfall, agile); major DoD, Intelligence Community, or Civilian Agency software acquisition policies and directives; enterprise architecture (e.g., DoD Architecture Framework [DoDAF] or Federal Enterprise Architecture Framework [FEAF]); software architecture development and evaluation, software architecture patterns (e.g. SOA) and concepts (e.g. Cloud computing); information Assurance/survivability; systems engineering on software intensive systems; COTS product integration; performance measurement including definition and application of goals, measurements and metric; system of systems engineering; requirements development and management; software integration and test and software/hardware integration; deployment of software intensive systems, especially including transition from legacy systems; cost estimation.

Strong written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization. Proven program and project management skills including: interfacing with clients, developing proposals, and establishing relationships with new DoD and/or government clients and programmatic and project management skills (e.g., ability to develop project plans, track deliverables, manage risks, perform staff planning, provide budget oversight). Ability to lead and participate in multidisciplinary teams.

Mobility: Will be required to travel on overnight assignments.

Environmental Conditions: Usual office setting with extended use of CRT.

Other: Successful candidate must be able to pass a background investigation, be a US citizen and be eligible for a Top Secret SCI security clearance.

Preferred Qualifications and Requirements:

Education/Training: Master's degree in Computer Science, Information Systems, systems engineering, software engineering, or acquisition management.

Licenses: Certified DoD Acquisition Professional. Certified PMP.

Accountability: The member will be directly accountable for understanding DoD acquisition needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction: As a technical staff member, he/she will be expected operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions: Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities: Must be able to lead and supervise others.

JOB FUNCTIONS OR RESPONSIBILITIES:

85% Participate as a leader or member of technical teams in support of government acquisition program offices or participate as a member of a technical team performing research. Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

10% Other duties as assigned by the Acquisition Support Program Executive Director, Deputy Director, Associate Director or Chief Engineer.

5% Serve in an advisory capacity to other SEI technical programs on acquisition or technical issues.

100% TOTAL EFFORT

ORGANIZATIONAL CHART: SEI Director’s Office < Executive Director—Interagency, Acquisition and Cyber < Associate Director, Military Services Acquisition < Military Services Team: Senior Engineer

ADDITIONAL INFORMATION:  This position will be located in Arlington, VA with travel to various client locations.

Position Summary: The Senior Member of the Engineering Technical Staff of the Military Services Team will be responsible for leading teams that enable the organizations within the Department of Defense as well as other customer organizations to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems. Key activities include understanding customer requirements and key challenge problems and addressing them with tailored solutions; applying, adapting, integrating, verifying and transitioning the SEI body of knowledge and other bodies of knowledge to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software engineering state of the practice; and maintaining situational awareness in technical and DoD domains. The candidate will coordinate closely with technical staff in ASP and other SEI programs to deliver software engineering technical expertise to customers throughout the lifecycle. The senior engineering technical staff member will be able to lead and participate in multi-disciplinary teams in support of the ASP vision and mission.

Minimum Qualifications and Requirements:

Education/Training: Bachelor's degree in Computer Science, Information Systems, systems engineering, software engineering, acquisition management or equivalent combination of experience and training.

Experience: The candidate must have at least: BS or equivalent degree in relevant discipline with ten (10) years applicable experience; MS or equivalent degree in relevant discipline with eight (8) years applicable experience; PhD or equivalent degree in relevant discipline with five (5) years applicable experience.
The candidate must have experience in software engineering, development or management and/or systems engineering. Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD, Intelligence Community or Civilian Agency acquisition processes. The candidate should have experience building, leading, managing and participating on cross-functional, high technology teams, should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors.

Skills/Abilities: Detailed knowledge of software engineering; detailed knowledge of at least one core competency: requirements, architecture and design, program and acquisition management, performance improvement, assurance, or security and depth in at least one SEI body of work.

Experience in five or more of the following: DoD or Civilian Agency software systems acquisition on major programs (For the purposes of this announcement, our definition of major is at least 100K SLOC of custom developed code, and/or significant integration of COTS/GOTS products); solid technical breadth and understanding of all aspects of the end-to-end software lifecycle (e.g., requirements, design, implementation, testing, etc.); alternative life cycles (e.g. waterfall, agile); major DoD, Intelligence Community, or Civilian Agency software acquisition policies and directives; enterprise architecture (e.g., DoD Architecture Framework [DoDAF] or Federal Enterprise Architecture Framework [FEAF]); software architecture development and evaluation, software architecture patterns (e.g. SOA) and concepts (e.g. Cloud computing); information Assurance/survivability; systems engineering on software intensive systems; COTS product integration; performance measurement including definition and application of goals, measurements and metric; system of systems engineering; requirements development and management; software integration and test and software/hardware integration; deployment of software intensive systems, especially including transition from legacy systems; cost estimation.

Strong written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization. Proven program and project management skills including: interfacing with clients, developing proposals, and establishing relationships with new DoD and/or government clients and programmatic and project management skills (e.g., ability to develop project plans, track deliverables, manage risks, perform staff planning, provide budget oversight). Ability to lead and participate in multidisciplinary teams.

Mobility: Will be required to travel on overnight assignments

Environmental Conditions: Usual office setting with extended use of CRT

Other: Successful candidate must be able to pass a background investigation, be a US citizen and be eligible for a Top Secret SCI security clearance.

Preferred Qualifications and Requirements:

Education/Training: Master's degree in Computer Science, Information Systems, systems engineering, software engineering, or acquisition management.

Licenses: Certified DoD Acquisition Professional. Certified PMP.

Accountability: The member will be directly accountable for understanding DoD acquisition needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction: As a technical staff member, he/she will be expected operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions: Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities: Must be able to lead and supervise others.

JOB FUNCTIONS OR RESPONSIBILITIES:

85% Participate as a leader or member of technical teams in support of government acquisition program offices or participate as a member of a technical team performing research. Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

10% Other duties as assigned by the Acquisition Support Program Executive Director, Deputy Director, Associate Director or Chief Engineer.

5% Serve in an advisory capacity to other SEI technical programs on acquisition or technical issues.
100% TOTAL EFFORT

 
ORGANIZATIONAL CHART: SEI Director’s Office < Executive Director—Interagency, Acquisition and Cyber < Associate Director, Military Services Acquisition < Military Services Team: Senior Engineer 

ADDITIONAL INFORMATION:  This position will be located in Huntsville or other remote location with travel to various client locations.

Position Summary:  The successful candidate will be a member of the Research, Technology, and System Solutions (RTSS) Program and will be assigned to the High-Confidence Cyber-Physical Systems (HCCPS) Research Project in Pittsburgh. This project conducts research in the design and analysis of cyber-physical systems (CPSs). Such systems are distributed in nature and include intimate interdependencies between software computations (cyber-computations) and physical processes. In this project we conduct research in verification techniques from model-checking and static analysis for functional verification; in real-time scheduling, and resource allocation; and in robot coordination. Our goal is to develop CPS design and analysis principles so that CPSs can be developed with high confidence that they will provide desired behavior.

The HCCPS project is not only interested in theoretical investigation but also in building prototypes to evaluate the practicality of results. Our ultimate goal is to transition new techniques and methods for CPSs into widespread use.  As a result, we create model problems inspired by the practitioner community and we develop ready-to-use materials including books, reports, courses, etc. As a DoD Federally-Funded Research and Development Center we are particularly interested in serving the needs of DoD.

Minimum Qualifications and Requirements:

Education/Training: Ph.D. degree in software engineering, computer science, electrical and computer engineering or related discipline with a dissertation in a related topic.

Experience: Five (5) years of experience in software and systems development or verification tool development (counting research projects). 

Skills/Abilities: Ability to function as a member of a team, conduct publishable research and implement research prototypes. Knowledge of the theory and experience in any (or all) the areas of: robotics systems, real-time systems, formal method tools, control theory, and hybrid systems. Good written, verbal, and presentation skills. Established publication record.  Candidates must have an established publication record.

Other: US citizenship required.

Preferred Qualifications and Requirements:

Experience: Experience conducting research related to developing DoD-related systems.

Mobility: The ability and willingness to travel is required.

Environmental Conditions: Usual office setting with extended use of CRT.

Mental: Ability to work under pressure, meet deadlines, and function productively as a team member.

Other: Successful candidates must be able to pass a background investigation for a DoD security clearance.

Accountability:  This position is accountable to the Technical Manager of the Cyber-Physical  and Ultra-Large Scale Systems (CPS/ULS) Initiative for work content, quality, and schedule.
 
Direction: This position operates within broad guidelines from the Technical Manager and is expected to exercise reasonable discretion on technical solutions.

Decisions: Technical decisions to support research or customer needs. Development of research plans for CPS. Design and development of experiments to validate research hypotheses.

Supervisory Responsibilities:  May lead teams to accomplish specific technical tasks or supervise students on a research project.

JOB FUNCTIONS OR RESPONSIBILITIES:
60%     Defining and executing research projects; and developing prototypes.
20%     Writing and/or presenting research reports and publications.
20%     Working with the professional community and customers.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  Director of Research, Technology, and System Solutions (RTSS) Program < Technical Manager of Cyber-Physical and Ultra-Large Scale Systems < Principal Researcher 

Position Summary:  The goal of the Enterprise Threat and Vulnerability Management (ETVM) team is to assist organizations in improving their security posture and incident response capability by researching technical threat areas; developing information security assessment methods and techniques; and providing information, solutions and training for preventing, detecting, and responding to illicit activity. ETVM team members are domain experts in insider threat, security assessments, and incident response; team capabilities include threat analysis and modeling; development of security metrics and assessment methodologies; and creation and delivery of training, courses, and workshops.
 
The selected individual will be part of ETVM’s Threat Research Team, and will conduct analysis of cyber threat data from industry, government and public sources.  The individual will be responsible for fusing numerous data sets, developing analytical techniques, and synthesizing the results to create actionable intelligence.  The individual will explore and develop cutting edge technology solutions to address national and industry-wide cybersecurity problems. The selected individual will participate in the development and execution of new security assessment methodologies, including innovative new methods for conducting operational threat assessments, risk and vulnerability assessments, and penetration testing / red team exercises.  The selected individual also conducts research on best practices on difficult information technology solutions and provides reference architecture papers to assist Federal agencies in deploying those solutions. The selected individual will develop and apply data-driven research methods and models to solve complex problems in the cybersecurity domain.  The individual will be expected to contribute to the state of the practice in the operational cyber threat domain; to develop professional standards and training; and to mentor other staff on threat analysis and mitigation solution principles. The selected individual may also assist on compliance validation teams which entail conducting on-site assessments, pre- and post-assessment analysis, preparation of technical reports and briefings to customers.  The individual will work as a member of collaborative project teams and will work closely with customers from a variety of organizations, including government agencies and critical infrastructure providers.


Minimum Qualifications and Requirements:

Education/Training:  MS in computer science, software engineering, information systems, or a related technical field with five (5)  years of experience or BS in computer science, software engineering, information systems, or a related technical field with eight (8) years’ experience or equivalent.

Experience:  Experience as a system or network administrator, software engineer, information systems analyst, database administrator or similarly technical occupation.

Skills/Abilities: Understanding of information technology and telecommunications systems; working knowledge of network security and survivability/resiliency issues; working knowledge of cybersecurity domain, including common classes of threat actors, vectors and targets; ability to conduct analytical studies and investigations of cyber threats; experience conducting cybersecurity assessments including threat assessments; outstanding written and oral communication skills; experience with corporate security teams, incident response teams, security operations centers or the intelligence community investigating and responding to threats; demonstrated research skills; ability to design detailed analysis methodologies and explain them to technical and non-technical collaborators; demonstrated ability to prepare papers and presentations for technical and non-technical audiences; reasoning and problem-solving skills; ability to work independently with limited supervision; ability to recognize and deal appropriately with confidential and sensitive information; participate in conferences and meetings; contribute to customer presentations and technology transfer activities; strong interest in security analysis R&D; ability to create instructional materials and conduct training.

Mobility:  Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites & various critical infrastructure sites.

Environmental Conditions:  Close contact with CRT for extended periods of time.

Mental: Ability and interest in addressing security issues in a holistic manner, addressing both organizational and technical policies and practices; as well as behavioral and organizational issues.  Ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities.  Ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.

Other:  Candidate must have or be able to obtain a Top Secret security clearance and be a US citizen.


Preferred Qualifications and Requirements:  

Experience:  Experience working in or with the DOD, intelligence community, or law enforcement in a classified environment; experience investigating, tracking, and reporting on cyber threats and risks to organizations; experience analyzing intelligence and/or conducting investigations related to cybercrime, espionage, fraud and critical infrastructure; experience in penetration testing, red teaming, or blue teaming; experience in both physical and cyber security functions; experience in auditing or conducting assessments including threat assessments; experience developing, testing, documenting and applying threat modeling methodologies; experience programming or scripting in a high level language such as Python, Ruby, .NET, Javascript; experience creating custom queries and reports based on SQL-based and other databases; experience with risk management frameworks and formal research and modeling methodologies; working in a team environment on collaborative projects in critical infrastructure sectors involving network, system or data security; experience employing software engineering techniques, resiliency management models and capability maturity models in complex and dynamic problem spaces.
    
Skills/Abilities:  Working knowledge of network security/survivability.  Knowledge of and experience with sound software engineering practices and best practices for information security, project management experience, leadership and mentoring skills.


Accountability:  The individual will implement and participate in the planning and execution of projects leading to technical results (this may include the detailed examination and analysis of law enforcement or classified case files).  The individual will also contribute to project, department, or program objectives and planning document development.  The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction:  The individual is expected to act independently using CMU, SEI, and NSS defined policies, practices, and procedures – within the scope of assigned work.

Decisions:  The individual must make sound technical decisions with little supervision.  The individual must accurately represent the program in interactions with customers, sponsors, and the public.  The individual is expected to perform analysis on-site at critical infrastructure locations and immediately assess potential vulnerabilities requiring further investigation.  

Supervisory Responsibilities:  This position could involve the training and mentoring of junior level employees and/or graduate students.  


JOB FUNCTIONS OR RESPONSIBILITIES:

55%    Development of new assessment methodologies, as well as accompanying documentation and training.

25%    Perform on-site security assessments.  Travel to customer sites is required.

15%    Participate on other ETVM technical project work.

5%    Participate in team meetings; participate in meetings with customers and potential customers; give talks and lectures as appropriate

100% TOTAL EFFORT


ORGANIZATIONAL CHART:  Networked Systems Survivability Program, Director < Cyber Enterprise Workforce Management (CEWM), Technical Director < Enterprise Threat and Vulnerability Management (ETVM), Technical Manager < Enterprise Threat and Vulnerability Management (ETVM), Technical Team Lead < ETVM Cybersecurity Analyst
 

Position Summary:  The goal of the Enterprise Threat and Vulnerability Management (ETVM) team is to assist organizations in improving their security posture and incident response capability by researching technical threat areas; developing information security assessment methods and techniques; and providing information, solutions and training for preventing, detecting, and responding to illicit activity. ETVM team members are domain experts in insider threat, security assessments, and incident response; team capabilities include threat analysis and modeling; development of security metrics and assessment methodologies; and creation and delivery of training, courses, and workshops.
 
The selected individual will be part of ETVM’s Threat Research Team, and will conduct analysis of cyber threat data from industry, government and public sources.  The individual will be responsible for fusing numerous data sets, developing analytical techniques, and synthesizing the results to create actionable intelligence.  The individual will explore and develop cutting edge technology solutions to address national and industry-wide cybersecurity problems. The selected individual will participate in the development and execution of new security assessment methodologies, including innovative new methods for conducting operational threat assessments, risk and vulnerability assessments, and penetration testing / red team exercises.  The selected individual also conducts research on best practices on difficult information technology solutions and provides reference architecture papers to assist Federal agencies in deploying those solutions. The selected individual will develop and apply data-driven research methods and models to solve complex problems in the cybersecurity domain.  The individual will be expected to contribute to the state of the practice in the operational cyber threat domain; to develop professional standards and training; and to mentor other staff on threat analysis and mitigation solution principles. The selected individual may also assist on compliance validation teams which entail conducting on-site assessments, pre- and post-assessment analysis, preparation of technical reports and briefings to customers.  The individual will work as a member of collaborative project teams and will work closely with customers from a variety of organizations, including government agencies and critical infrastructure providers.


Minimum Qualifications and Requirements:

Education/Training:  MS in computer science, software engineering, information systems, or a related technical field with eight (9)  years of experience or BS in computer science, software engineering, information systems, or a related technical field with ten (10) years’ experience or equivalent.

Experience:  Experience as a system or network administrator, software engineer, information systems analyst, database administrator or similarly technical occupation.

Skills/Abilities: Understanding of information technology and telecommunications systems; working knowledge of network security and survivability/resiliency issues; working knowledge of cybersecurity domain, including common classes of threat actors, vectors and targets; ability to conduct analytical studies and investigations of cyber threats; experience conducting cybersecurity assessments including threat assessments; outstanding written and oral communication skills; experience with corporate security teams, incident response teams, security operations centers or the intelligence community investigating and responding to threats; demonstrated research skills; ability to design detailed analysis methodologies and explain them to technical and non-technical collaborators; demonstrated ability to prepare papers and presentations for technical and non-technical audiences; reasoning and problem-solving skills; ability to work independently with limited supervision; ability to recognize and deal appropriately with confidential and sensitive information; participate in conferences and meetings; contribute to customer presentations and technology transfer activities; strong interest in security analysis R&D; ability to create instructional materials and conduct training.

Mobility:  Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites & various critical infrastructure sites.

Environmental Conditions:  Close contact with CRT for extended periods of time.

Mental: Ability and interest in addressing security issues in a holistic manner, addressing both organizational and technical policies and practices; as well as behavioral and organizational issues.  Ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities.  Ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.

Other:  Candidate must have or be able to obtain a Top Secret security clearance and be a US citizen.


Preferred Qualifications and Requirements:  

Experience:  Experience working in or with the DOD, intelligence community, or law enforcement in a classified environment; experience investigating, tracking, and reporting on cyber threats and risks to organizations; experience analyzing intelligence and/or conducting investigations related to cybercrime, espionage, fraud and critical infrastructure; experience in penetration testing, red teaming, or blue teaming; experience in both physical and cyber security functions; experience in auditing or conducting assessments including threat assessments; experience developing, testing, documenting and applying threat modeling methodologies; experience programming or scripting in a high level language such as Python, Ruby, .NET, Javascript; experience creating custom queries and reports based on SQL-based and other databases; experience with risk management frameworks and formal research and modeling methodologies; working in a team environment on collaborative projects in critical infrastructure sectors involving network, system or data security; experience employing software engineering techniques, resiliency management models and capability maturity models in complex and dynamic problem spaces.
    
Skills/Abilities:  Working knowledge of network security/survivability.  Knowledge of and experience with sound software engineering practices and best practices for information security, project management experience, leadership and mentoring skills.


Accountability:  The individual will implement and participate in the planning and execution of projects leading to technical results (this may include the detailed examination and analysis of law enforcement or classified case files).  The individual will also contribute to project, department, or program objectives and planning document development.  The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction:  The individual is expected to act independently using CMU, SEI, and NSS defined policies, practices, and procedures – within the scope of assigned work.

Decisions:  The individual must make sound technical decisions with little supervision.  The individual must accurately represent the program in interactions with customers, sponsors, and the public.  The individual is expected to perform analysis on-site at critical infrastructure locations and immediately assess potential vulnerabilities requiring further investigation.  

Supervisory Responsibilities:  This position could involve the training and mentoring of junior level employees and/or graduate students.  


JOB FUNCTIONS OR RESPONSIBILITIES:

55%    Development of new assessment methodologies, as well as accompanying documentation and training.

25%    Perform on-site security assessments.  Travel to customer sites is required.

15%    Participate on other ETVM technical project work.

5%    Participate in team meetings; participate in meetings with customers and potential customers; give talks and lectures as appropriate

100% TOTAL EFFORT


ORGANIZATIONAL CHART:  Networked Systems Survivability Program, Director < Cyber Enterprise Workforce Management (CEWM), Technical Director < Enterprise Threat and Vulnerability Management (ETVM), Technical Manager < Enterprise Threat and Vulnerability Management (ETVM), Technical Team Lead < ETVM Cybersecurity Analyst
 

Position Summary:  The goal of the Enterprise Threat and Vulnerability Management (ETVM) team is to assist organizations in improving their security posture and incident response capability by researching threat areas; developing information security assessment methods and techniques; and providing information, solutions and training for preventing, detecting, and responding to illicit activity.  ETVM team members are domain experts in threat analysis, cybersecurity assessments and incident response.  Team capabilities include threat analysis; development of security metrics and assessment methodologies; and creation and delivery of training, courses, and workshops.  The Cyber Security Technical Lead will lead the Cybersecurity Compatibility Assessment (CCV) methodology development; evaluate emerging technologies, infrastructure support, prototyping, tool development, deployment guidance and other support to customer network security initiatives.  Additionally, the candidate will lead cyber security assessments of government agencies, ensuring that assessment reports are technically accurate and validating the cyber security capability technical indicators.  

 
Minimum Qualifications and Requirements:

Education/Training:  MS in computer science, software engineering, information systems, or a related technical field with eight (8) years of experience or BS in computer science, software engineering, information systems, or a related technical field with ten (10) years’ experience or equivalent.

Experience:  Experience as a system or network administrator, software engineer, information systems analyst, database administrator or similarly technical occupation.

Skills/Abilities: Understanding of information technology and telecommunications systems; knowledge of TCP/IP networking and standard protocols (FTP, SMTP, HTTP, SNMP, etc.); knowledge of network security and survivability/resiliency issues; ability to conduct analytical studies and investigations; outstanding written and oral communication skills; demonstrated ability to prepare papers and presentations for technical and non-technical audiences; reasoning and problem-solving skills; ability to work independently with limited supervision; ability to recognize and deal appropriately with confidential and sensitive information; participate in conferences and meetings; contribute to customer presentations and technology transfer activities; strong interest in security analysis R&D; ability to create instructional materials and conduct training.

Mobility:  Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites, conferences, assessment locations, and offsite meetings with routine frequency (2-3 trips a month).

Environmental Conditions:  Normal office conditions; close contact with computer display for extended periods of time.

Mental:  Ability and interest in addressing security issues in a holistic manner, addressing both organizational and technical policies and practices; as well as behavioral and organizational issues; ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.

Other: Candidate must have the ability to pass a background investigation, obtain a Top Secret security clearance, and be a US citizen.


Preferred Qualifications and Requirements:   

Education/Training:  MS in computer science, software engineering, information systems, or a related technical field with at least eight (8) years’ experience preferred or BS in computer science, software engineering, information systems, or a related technical field with ten (10) years’ experience or equivalent.

Licenses:  CISSP

Experience:  Experience working in or with the DOD, intelligence community, or law enforcement in a classified environment; experience in both physical and cyber security; experience in auditing or conducting assessments; working in a team environment on collaborative projects in critical infrastructure sectors involving network, system or data security.  Experience employing software engineering techniques in designing and developing distributed, secure software, and experience with / knowledge of any of the following:  system administration; networking; firewalls, intrusion detection systems, and other security technologies; application development/programming; relational databases; experience working with law enforcement and the intelligence community; familiarity with insider threat and mitigation strategies.

Skills/Abilities:  Working knowledge of network security/survivability; knowledge of and experience with sound software engineering practices and best practices for information security; working knowledge of systems dynamic modeling techniques and modeling applications and tools; experience with statistics; project management experience; leadership and mentoring skills.  



Accountability:  The individual will be responsible for reviewing all assessment results, and ensuring that all assessments are consistent, accurate, and defensible.  The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution. The individual will be expected to interface with government sponsors and agencies to explain all assessment results.

Direction:  The individual is expected to act independently using CMU, SEI, and NSS defined policies, practices, and procedures – within the scope of assigned work.

Decisions:  The individual must make sound technical decisions with little supervision.  The individual must accurately represent the program in interactions with customers, sponsors, and the public.  The individual is expected to perform analysis on-site at critical infrastructure locations and immediately assess potential vulnerabilities requiring further investigation.  

Supervisory Responsibilities:  This position could be responsible for leading projects as assigned, and could involve the training and supervision of support staff and graduate students.  


JOB FUNCTIONS OR RESPONSIBILITIES:

35%    Participate in the development and delivery of assessment methodology, participate in research, analysis, and provide technical validation of physical/cyber security vulnerabilities contained within ETVM assessment reports.

30%     Perform onsite cybersecurity assessments and review cyber security and insider threat assessment reports for technical accuracy.  Travel to customer sites is required.

20%     Participate in the development and delivery of automated testing tools used to assist in the technical validation of cybersecurity vulnerabilities.

10%    Install/configure hardware and software including promising new technologies that require examination for information security and assurance research and development.

5%      Contribute to conferences and meetings; participate in marketing calls on clients; give talks and lectures as appropriate.

100% TOTAL EFFORT



ORGANIZATIONAL CHART:  Networked Systems Survivability Program, Director < Cyber Enterprise and Workforce Management, Technical Director < Enterprise Threat and Vulnerability Management, Technical Manager < Cybersecurity Assessments and Validation, Team Lead < Senior Cyber Security Technical Lead
 

Position Summary:  The Senior Member of the Engineering Technical Staff of the Military Services Team will be responsible for leading teams that enable the organizations within the Department of Defense as well as other customer organizations to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems.   Key activities include understanding customer requirements and key challenge problems and addressing them with tailored solutions; applying, adapting, integrating, verifying and transitioning the SEI body of knowledge and other bodies of knowledge to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software engineering state of the practice; and maintaining situational awareness in technical and DoD domains.  The candidate will coordinate closely with technical staff in ASP and other SEI programs to deliver software engineering technical expertise to customers throughout the lifecycle.  The senior engineering technical staff member will be able to lead and participate in multi-disciplinary teams in support of the ASP vision and mission. 

This position is located in the Los Angeles, California area.

Minimum Qualifications and Requirements:
 
Education/Training:  Bachelor's degree in Computer Science, Information Systems, systems engineering, software engineering, acquisition management or equivalent combination of experience and training

Experience: The candidate must have at least:  BS or equivalent degree in relevant discipline with ten (10) years applicable experience; MS or equivalent degree in relevant discipline with eight (8) years applicable experience; PhD or equivalent degree in relevant discipline with five (5) years applicable experience.

The candidate must have experience in software engineering, development or management and/or systems engineering.  Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD acquisition processes.   The candidate should have experience building, leading, managing and participating on cross-functional, high technology teams, should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors.   The candidate should have experience with software acquisition for space systems – satellites, ground or both.

Skills/Abilities: Detailed knowledge of software engineering; detailed knowledge of at least one core competency: requirements, architecture and design, program and acquisition management, performance improvement, assurance, or security.  Depth in at least one SEI body of work.

Experience in five or more of the following: DoD or Civilian Agency software systems acquisition on major programs   (For the purposes of this announcement, our definition of major is at least 100K SLOC of custom developed code, and/or significant integration of COTS/GOTS products); solid technical breadth and understanding of all aspects of the end-to-end software lifecycle (e.g., requirements, design, implementation, testing, etc.); alternative life cycles (e.g. waterfall, agile); major DoD software acquisition policies and directives; enterprise architecture (e.g., DoD Architecture Framework [DoDAF]); software architecture development and evaluation and software architecture patterns (e.g. SOA); cloud computing; information Assurance/survivability; risk management; systems engineering on software intensive systems; COTS product integration; performance measurement including definition and application of goals, measurements and metrics; system of systems engineering; requirements development and management; software integration and test and software/hardware integration; deployment of software intensive systems, especially including transition from legacy systems; cost estimation.

Strong written and verbal communications skills and the ability to present to high visibility stakeholders internal and external to the organization.

Proven program and project management skills including:  Interfacing with clients, developing proposals, and establishing relationships with new DoD clients.  Programmatic skills (e.g., ability to develop project plans, track deliverables, manage risks).  Project management skills (e.g., program control activities, budget oversight, staff planning).  Ability to lead and participate in multidisciplinary teams.

Mobility:  Will be required to travel on overnight assignments

Environmental Conditions: Usual office setting with extended use of CRT

Other:   Successful candidate must be able to pass a background investigation, be a US citizen and be eligible for a security clearance.

Preferred Qualifications and Requirements:  

Education/Training:  Master's degree in Computer Science, Information Systems, systems engineering, software engineering, or acquisition management.

Licenses: Certified DoD Acquisition Professional.  Certified PMP.

Skills/Abilities:  Experience in organizational change management.  Completion of DoD acquisition accreditation levels (SPRDE, Program Management, and/or Test) and attendance at DAU courses
 

Accountability:  The member will be directly accountable for understanding DoD acquisition needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction:  As a technical staff member, he/she will be expected operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions:  Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  Must be able to lead and supervise others.

JOB FUNCTIONS OR RESPONSIBILITIES:

85%   Participate as a leader or member of technical teams in support of government acquisition program offices or participate as a member of a technical team performing research.  Identify and support the implementation strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).

10%  Other duties as assigned by the Acquisition Support Program Executive Director, Deputy Director or Chief Engineer.

5%      Serve in an advisory capacity to other SEI technical programs on acquisition or technical issues.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  SEI Director’s Office < Executive Director—Acquisition, Interagency and Cyber < Associate Director, Military Services Programs < Military Services Team: Senior Engineer

Position Summary:  The CERT Malicious Code group’s analysis team aims to improve malware analysis capability. The successful candidate will support high-impact customers by producing analytical reports, performing strategic analysis of emerging security issues, and developing new analysis methods and tools.

Duties include:  Analyze malicious code in support of customers; document and transition results in reports, presentations, and technical exchanges; design, prototype, document, mature, and transition malicious code analysis methods and tools appropriate for operational use; identify and document high impact, emerging, and complex active security threats; design and pursue solutions; and transition results in tools, reports, presentations, and technical exchanges; participate in the broader security community through collaboration, papers, and presentations.

Malware Analysts may be on-call for critical support situations.

Minimum Qualifications and Requirements:

Education: Bachelor of Science in Computer Science or scientific/technical field with eight (8) years’ experience, or equivalent; Master Degree in Computer Science or scientific/technical field with five (5) years of experience, or equivalent.

Experience: Experience with or substantial knowledge in most of the following areas:  analysis of malicious code; reverse engineering; familiarity with multiple programming languages including C and assembly; common host and network security tools; core internet protocols (e.g., TCP/IP, DNS, SMTP, HTTP, etc.); common types of attacks against systems and networks; theoretical underpinnings of computer security.
 
Experience with or substantial knowledge is preferred in many of the following areas:  computer forensics; software development; computer security incident handling; system and/or network administration; operational details of multiple operating systems; cryptography and encryption tools.

Additionally, knowledge or familiarity with most of the following areas:  best practices for secure code development.

Skills/Abilities:  Must have the following abilities and skills:  analytical and problem solving skills; develop and explain technical decisions; prioritize work; interact effectively with technical and non-technical audiences both written and verbally; work within a closely coordinated team; work calmly and well under pressure; maintain composure while dealing with difficult people; recognize and deal appropriately with confidential and sensitive information; communicate effectively under normal and stressful situations; handle shifting priorities; mentoring/training skills.

Mobility:  Primarily sedentary in an office setting with some mobility. Flexible to travel to various locations within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion.

Environmental Conditions:  Normal office conditions; close contact with computer screen for extended periods of time.

Mental:  The ability to: Work meticulously with attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; deal collaboratively, diplomatically, and successfully with customers, co-workers, and other professional colleagues, managers, and staff; grasp the big picture, direction, and goals of an effort; develop and communicate innovative ideas; take leadership role in technical projects; quickly learn new procedures, techniques, and approaches.

Other:  Candidates must be able to pass a background investigation, obtain a DOD TS/SCI security clearance, and be a US citizen.

Preferred Qualifications and Requirements: 

Other: Fluency in a secondary language.

Accountability:  Develop and implement project technical results.  Contribute to program objectives and plans development.  Keep in confidence sensitive information such as security, vulnerability, and site information.

Direction:  Expected to act independently, in accordance with SEI and NSS program procedures and policies, such as those involving product development, team interaction, and confidentiality.

Decisions:  Must accurately represent the program in interactions with customers, sponsors, and the public.  Participate in conferences and workshops where security-related issues are discussed as required.

Supervisory Responsibilities:  This position does not supervise others.

JOB FUNCTIONS OR RESPONSIBILITIES:

50% Analyze malicious code in support of customers; document and transition results in reports, presentations, and technical exchanges.

20%   Design, prototype, document, and transition malicious code analysis methods and tools appropriate for operational use.

20%     Identify and document high impact, emerging, and complex active security threats; design and pursue solutions; and transition results in tools, reports, presentations, and technical exchanges.

10% Participate in the broader security community through collaboration, papers, and presentations.

100%      TOTAL EFFORT

ORGANIZATIONAL CHART:  Networked Systems Survivability Program, Manager (Rich Pethia) < Cyber Threat and Vulnerability Analysis, Director (Roman Danyliw) < CERT Malicious Code, Manager , CERT Malicious Code, Malware Analyst

Position Summary:  The mission of the SEI is to improve the practice of software engineering worldwide. One of the focus areas of the Research, Technology, and System Solutions (RTSS) Program is creating architecture-centric theories and practices that increase development efficiency and effectiveness on large-scale software and systems engineering projects. Examples of SEI architecture research include work in architecture evaluation, documenting and modeling architectures, identifying architecturally significant requirements, quality attribute analysis, and architecting in iterative environments.

The successful candidate will join the Architecture Practices team and will contribute to its architecture-centric research agenda. The team builds on established research and experience to create and extend architecture-centric theories and practices that organizations use to produce systems that meet their business and mission goals. Individual responsibilities include: contributing to ongoing architecture research efforts and new research directions, validating ideas in customer settings, and publishing results as part of the defined technical work plan.


Minimum Qualifications and Requirements:

Education/Training: MS degree in software engineering, computer science, or information systems or an equivalent combination of training and experience.

Experience: Five (5) years of experience in architecture research and/or practice working on large systems, systems of systems, or enterprise architectures.

Skills/Abilities: Broad knowledge of architecture research and its application to real world systems. A record of successfully contributing to the definition, proposal, and execution of research agendas. Publishes and presents in high-quality, peer-reviewed venues. Knowledge of modern development processes, languages, and platforms. Effective written and oral communication skills.

Physical Mobility: The ability and willingness to travel is required.

Environmental Conditions: Usual office setting, including extended work at a computer screen.

Mental: Ability to meet deadlines and function productively as a team member.

Other:  US citizenship required; successful candidate must be able to pass background investigation for a DoD secret clearance.


Preferred Qualifications and Requirements:

Education/Training:  PhD with two (2) years’ experience in software engineering, computer science, or information systems or an equivalent combination of training and experience.

Skills/Abilities:  Skills/abilities as listed above, plus: knowledge of the architectural implications of emerging technologies (for example, cloud computing, big data and analytics, and social software), an understanding of DoD challenges and stakeholders, experience working on distributed research and/or development teams, and working knowledge of SEI architecture research and methods.


Accountability: Estimation and tracking of time for technical tasks.


Direction:  Expected to act independently, with little day-to-day guidance. Expected to also work collaboratively in teams with minimal needed outside facilitation.


Decisions:  Determine architecture-centric solution techniques for practical system development problems.  Determine and recommend appropriate technology to use at a customer site in order to solve specific problems. Determine appropriate technical content for published report.

Supervisory Responsibilities:  Direct support activities to enable technical work. May direct the activities of work study or graduate student. Lead or co-lead customer efforts or transition project teams.



JOB FUNCTIONS OR RESPONSIBILITIES:

10%    Defining and developing research strategies and projects.
        
40%    Leading research teams and/or conducting planned research projects.

20%    Working with collaborators and customers applying research outcomes.

20%    Author publication-quality technical reports and deliver presentations as part of the defined technical work plan.

10%    Participate in and lead technical activities in community settings (conferences, workshops, working groups).
100% TOTAL EFFORT


ORGANIZATIONAL CHART:  RTSS Director > Architecture Practices manager > Architecture Researcher
 

Position Summary:  The mission of the SEI is to improve the practice of software engineering worldwide. One of the focus areas of the Research, Technology, and System Solutions (RTSS) Program is creating architecture-centric theories and practices that increase development efficiency and effectiveness on large-scale software and systems engineering projects. Examples of SEI architecture research include work in architecture evaluation, documenting and modeling architectures, identifying architecturally significant requirements, quality attribute analysis, and architecting in iterative environments.
    
The successful candidate will join the Architecture Practices team and will contribute to its architecture-centric research agenda. The team builds on established research and experience to create and extend architecture-centric theories and practices that organizations use to produce systems that meet their business and mission goals. Individual responsibilities include: contributing to ongoing architecture research efforts and new research directions, validating ideas in customer settings, and publishing results as part of the defined technical work plan.


Minimum Qualifications and Requirements:

Education/Training: MS degree in software engineering, computer science, or information systems or an equivalent combination of training and experience.

Experience: Five years of experience in architecture research and/or practice working on large systems, systems of systems, or enterprise architectures.

Skills/Abilities: Broad knowledge of architecture research and its application to real world systems. A record of successfully contributing to the definition, proposal, and execution of research agendas. Publishes and presents in high-quality, peer-reviewed venues. Knowledge of modern development processes, languages, and platforms. Effective written and oral communication skills.

Physical Mobility: The ability and willingness to travel is required.

Environmental Conditions: Usual office setting, including extended work at a computer screen.

Mental: Ability to meet deadlines and function productively as a team member.
 

Preferred Qualifications and Requirements:

Education/Training:  PhD with two (2) years’ experience in software engineering, computer science, or information systems or an equivalent combination of training and experience.

Skills/Abilities:  Skills/abilities as listed above, plus: knowledge of the architectural implications of emerging technologies (for example, cloud computing, big data and analytics, and social software), an understanding of DoD challenges and stakeholders, experience working on distributed research and/or development teams, and working knowledge of SEI architecture research and methods.

Other: US citizenship; successful candidate should be able to pass background investigation for a DoD secret clearance.


Accountability:  Estimation and tracking of time for technical tasks.

Direction:  Expected to act independently, with little day-to-day guidance. Expected to also work collaboratively in teams with minimal needed outside facilitation.

Decisions:  Determine architecture-centric solution techniques for practical system development problems.  Determine and recommend appropriate technology to use at a customer site in order to solve specific problems. Determine appropriate technical content for published report.

Supervisory Responsibilities:  Direct support activities to enable technical work. May direct the activities of work study or graduate student. Lead or co-lead customer efforts or transition project teams.


JOB FUNCTIONS OR RESPONSIBILITIES:

10%    Defining and developing research strategies and projects.
        
40%    Leading research teams and/or conducting planned research projects.

20%    Working with collaborators and customers applying research outcomes.

20%    Author publication-quality technical reports and deliver presentations as part of the defined technical work plan.

10%    Participate in and lead technical activities in community settings (conferences, workshops, working groups).

100% TOTAL EFFORT


ORGANIZATIONAL CHART:  RTSS Director > Architecture Practices manager > Architecture Researcher

Position Summary:  The mission of the SEI is to improve the practice of software engineering worldwide. One of the focus areas of the Research, Technology, and System Solutions (RTSS) Program is creating architecture-centric theories and practices that increase development efficiency and effectiveness on large-scale software and systems engineering projects. Examples of SEI architecture research include work in architecture evaluation, documenting and modeling architectures, identifying architecturally significant requirements, quality attribute analysis, and architecting in iterative environments.

The successful candidate will join the Architecture Practices team and will contribute to its architecture-centric research agenda. The team builds on established research and experience to create and extend architecture-centric theories and practices that organizations use to produce systems that meet their business and mission goals. Individual responsibilities include: contributing to ongoing architecture research efforts, developing new research directions, validating ideas in customer settings, and publishing results as part of the defined technical work plan.


Minimum Qualifications and Requirements:

Education/Training: PhD in software engineering, computer science, or information systems or an equivalent combination of training and experience.

Experience: Five (5) years of experience in architecture research and/or practice working on large systems, systems of systems, or enterprise architectures.

Skills/Abilities: Broad knowledge of architecture research and its application to real world systems. A record of successfully defining, proposing, and executing research agendas. Frequently publishes and presents in high-quality, peer-reviewed venues. Knowledge of modern development processes, languages, and platforms. Effective written and oral communication skills.

Physical Mobility: The ability and willingness to travel is required.

Environmental Conditions: Usual office setting, including extended work at a computer screen.

Mental: Ability to meet deadlines and function productively as a team member.
 

Preferred Qualifications and Requirements:

Skills/Abilities:  Skills/abilities as listed above, plus: knowledge of the architectural implications of emerging technologies (for example, cloud computing, big data and analytics, and social software), an understanding of DoD challenges and stakeholders, experience working on distributed research and/or development teams, and working knowledge of SEI architecture research and methods.

Other:  US citizenship; successful candidate should be able to pass background investigation for a DoD secret clearance.


Accountability:  Estimation and tracking of time for technical tasks.

Direction:  Expected to act independently, with little day-to-day guidance. Expected to also work collaboratively in teams with minimal needed outside facilitation.

Decisions:  Determine architecture-centric solution techniques for practical system development problems.  Determine and recommend appropriate technology to use at a customer site in order to solve specific problems. Determine appropriate technical content for published report.

Supervisory Responsibilities:  Direct support activities to enable technical work. May direct the activities of work study or graduate student. Lead or co-lead customer efforts or transition project teams.


JOB FUNCTIONS OR RESPONSIBILITIES:

10%    Defining and developing research strategies and projects.
        
40%    Leading research teams and/or conducting planned research projects.

20%    Working with collaborators and customers applying research outcomes.

20%    Author publication-quality technical reports and deliver presentations as part of the defined technical work plan.

10%    Participate in and lead technical activities in community settings (conferences, workshops, working groups).

100% TOTAL EFFORT


ORGANIZATIONAL CHART:  RTSS Director > Architecture Practices manager > Architecture Researcher
 

Position Summary:  The mission of the SEI is to improve the practice of software engineering worldwide. One of the focus areas of the Research, Technology, and System Solutions (RTSS) Program is creating architecture-centric theories and practices that increase development efficiency and effectiveness on large-scale software and systems engineering projects. Examples of SEI architecture research include work in architecture evaluation, documenting and modeling architectures, identifying architecturally significant requirements, quality attribute analysis, and architecting in iterative environments.

The successful candidate will join the Architecture Practices team and will contribute to its architecture-centric research agenda. The team builds on established research and experience to create and extend architecture-centric theories and practices that organizations use to produce systems that meet their business and mission goals. Individual responsibilities include: contributing to ongoing architecture research efforts, developing new research directions, validating ideas in customer settings, and publishing results as part of the defined technical work plan.


Minimum Qualifications and Requirements:

Education/Training: PhD in software engineering, computer science, or information systems or an equivalent combination of training and experience.

Experience: Five (5) years of experience in architecture research and/or practice working on large systems, systems of systems, or enterprise architectures.

Skills/Abilities: Broad knowledge of architecture research and its application to real world systems. A record of successfully defining, proposing, and executing research agendas. Frequently publishes and presents in high-quality, peer-reviewed venues. Knowledge of modern development processes, languages, and platforms. Effective written and oral communication skills.

Physical Mobility: The ability and willingness to travel is required.

Environmental Conditions: Usual office setting, including extended work at a computer screen.

Mental: Ability to meet deadlines and function productively as a team member.

Other:  US citizenship required; successful candidate must be able to pass background investigation for a DoD secret clearance.
 

Preferred Qualifications and Requirements:

Skills/Abilities:  Skills/abilities as listed above, plus: knowledge of the architectural implications of emerging technologies (for example, cloud computing, big data and analytics, and social software), an understanding of DoD challenges and stakeholders, experience working on distributed research and/or development teams, and working knowledge of SEI architecture research and methods.


Accountability:  Estimation and tracking of time for technical tasks.

Direction:  Expected to act independently, with little day-to-day guidance. Expected to also work collaboratively in teams with minimal needed outside facilitation.

Decisions:  Determine architecture-centric solution techniques for practical system development problems.  Determine and recommend appropriate technology to use at a customer site in order to solve specific problems. Determine appropriate technical content for published report.

Supervisory Responsibilities:  Direct support activities to enable technical work. May direct the activities of work study or graduate student. Lead or co-lead customer efforts or transition project teams.


JOB FUNCTIONS OR RESPONSIBILITIES:

10%    Defining and developing research strategies and projects.
        
40%    Leading research teams and/or conducting planned research projects.

20%    Working with collaborators and customers applying research outcomes.

20%    Author publication-quality technical reports and deliver presentations as part of the defined technical work plan.

10%    Participate in and lead technical activities in community settings (conferences, workshops, working groups).

100% TOTAL EFFORT


ORGANIZATIONAL CHART:  RTSS Director > Architecture Practices manager > Architecture Researcher

Position Summary:  The CERT Program is part of the Software Engineering Institute (SEI), a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. CERT engages in cutting-edge research and development in computer security. The CERT Digital Investigation and Intelligence Directorate (DIID) group help forensic incidents; develop tools and techniques and supply training for law enforcement community. As a member of DIID team, the selected candidate will be responsible for designing, developing, and deploying software applications and systems to enhance the capabilities of DIID customers. The candidate will participate in all phases of the software development lifecycle, and will be involved in key decisions regarding software design and technology selection.

Minimum Qualifications and Requirements:

Education/Training:  BS in computer science, software engineering, computer engineering, or a related quantitative field of study with eight (8) years of applicable experience.

Experience: Experience as a software developer working on software applications in a professional environment required. At least three of the five years relevant experience working on database-driven web applications. Working knowledge of web frameworks, toolkits, HTTP protocol, and both front- and back-end development. Hands on experience with MVC frameworks and  C# web development Knowledge of other commonly used language such as HTML, CSS,  Perl, Python,  JavaScript, etc.;  familiarity with software development tools including IDEs (VisualStudio, Eclipse, Netbeans,  etc.), version control systems ( svn, source safe etc.) and bug tracking systems (e.g., fogbugz, Jira); working knowledge and experience in participating in agile software development practices and team design sessions.

Skills/Abilities: Ability to function within a development team. Willingness to learn new skills, programming languages, and technologies as necessary. Desire to solve challenging problems through technical innovation. Ability to analyze customer requirements and provide novel solutions. Ability and willingness to provide accurate estimates of development time and risk. Excellent written and verbal communication skills. Ability to work effectively without close supervision. Capable to attend customer meetings and respond to customer requirements.

Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel up to 20% to customer sites.

Environmental Conditions: Close contact with computer for extended periods of time.

Mental: Ability to work meticulously with careful attention to detail; ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort; ability to quickly learn new procedures, techniques, approaches, etc.

Other: Candidate must be able to pass a background investigation, obtain a TS/SCI security clearance, and be a US citizen.

Preferred Qualifications and Requirements:  

Education/Training: MS in computer science, software engineering, computer engineering, or a related quantitative field of study with five (5) years of applicable experience.

Experience: Experience with virtualization or cloud technologies a plus. Experience with Hibernate, Spring, Javascript, JQuery, MySQL, SQL and RESTful web services.
 
Skills/Abilities:  Ability to multitask, troubleshoot and work end users.

Accountability:  Develop and implement project technical results.  Contribute to program objectives and plans development.  Keep in confidence sensitive information such as security, and site-specific information.

Direction:  Regular interaction with supervisor.  Expected to act in accordance with SEI and NSS program procedures and policies, such as those involving product development, team interaction, and confidentiality.

Decisions:  Must accurately represent the program in interactions with customers, sponsors, and the public.  Participate in conferences and workshops where security-related issues are discussed as required.
 
Supervisory Responsibilities:  This position does not formally supervise others.  However, the individual may will act in a technical leadership (non-supervisory) role in regard to specific work products and activities, or in regard to student interns, etc.

JOB FUNCTIONS OR RESPONSIBILITIES:

80%      Design and implement software requirements and integrate with other software tools or relational databases.

10%      Contribute to conferences and meetings; participate in marketing calls on clients; give technical talks as appropriate.

10%      Contribute to the broader software engineering and security community.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  Manager, Networked Systems Survivability Program < Technical Director, Forensics < Technical Manager < Software Engineer

Position Summary:  The individual in this position will work as a member of the ITS staff on the USHS (User Services and Hardware Support) Team and will coordinate with other members of the IT staff on data network issues, problem resolution, and new releases. The individual will provide 2nd tier support for the services and technologies provided and will work closely with other systems administrators and engineers to resolve problems.   The primary responsibilities include:  Point of contact for escalations to the Windows team from other members of USHS; leading projects on new services and deployments; installation, maintenance, configuration,security, and performance upgrades to support application resource management and availability; troubleshooting difficult user software and hardware problems; providing equipment repair and replacement; training, documenting, and providing consulting for applications and services provided; able to step in as site administrator for CIC or other locations.

Minimum Qualifications and Requirements:

Education/Training:  Bachelor’s degree in Computer Science, Information Technology or Information Science, or equivalent combination of training and experience.

Experience: Three or more (3+) years of end-user support, problem identification, problem resolution, and consulting experience.   One to two years in the maintenance and repair of computer systems and associated peripherals.  Experience working independently on projects with limited supervision.  Up to three years of systems administration experience.

Skills/Abilities: Able to participate on technical teams; contribute to the improvement of products and services; provide technical leadership; advanced technical knowledge of desktop operating systems, systems administration, office productivity software, and web browsers; general understanding of technical environments such as networking, enterprise applications infrastructure services, and other technical areas.

Mobility:  Computer hardware installation and configuration required on a regular basis, sometimes involving transport of heavy objects (typically under 100 lbs.) short distances, use of hand tools, et cetera. Carrying of light objects (< 20 lbs.) between buildings may also be required.

Environmental Conditions: Ability to use a computer keyboard and display for extended periods of time; periodic work in a computer machine room or wiring closet environment.

Mental: Able to work under pressure; meet inflexible deadlines; deal with difficult individuals while maintaining composure.  Must have strong customer service orientation. Able to identify, isolate, and resolve systems problems.

Other:   There is a rotating on-call component to this position. Candidate must respond to outage events via remote access (in appropriate circumstances) within 30 minutes.  Some situations in this role will demand an on-site response; on-site response to the local SEI facility must be achieved within 60 minutes barring extreme adverse weather conditions.

Candidate must be able to pass a background investigation to obtain a United States DoD Top Secret clearance and must be a U.S. citizen.

Preferred Qualifications and Requirements:

Education/Training: Additional course work, seminars, workshops, etc., in computer technology and or/applications.  Software or hardware certification such as from Microsoft or Cisco is a plus. 

Licenses: Microsoft Certifies System Administrator (MCSA),  Microsoft Certifies System Engineer (MCSE), CompTIA A+, CompTIA Network +, CompTIA Security +, ITIL Foundation Certification, Dell Certified Technician.

Experience:  Experience in implementing new services and products; leading technical projects; performing advanced technical support; creating new operational and technical processes and procedures..

Skills/Abilities:  Ability to act independently; research and implement new products and services; participation on technical teams.

Other: Clearances: United States DoD Secret that is transferable to the SEI.

Accountability:  Responsible for insuring technical problems are resolved to satisfaction of users;  working with other members of IT to identify and resolve problems with the infrastructure.  Handles tickets that have been escalated from front line or desktop support.  Provide training to users and other IT staff on new technologies. Able to work independently; prioritize tasks; and act as contact person to coordinate with other IT groups on problem resolution and software releases.

Direction:  Employee will be expected to work under minimum supervision within the defined scope of authority and in accordance with SEI IT operating guidelines.

Decisions:  This position will make recommendations on applications based on requirements of users.  This position will also regularly encounter problems with the SEI computing systems and will be expected to identify and solve the problems independently.

Supervisory Responsibilities:  This position may manage or supervise  students or temporary employees. 

JOB FUNCTIONS OR RESPONSIBILITIES:

50%   Provide advanced technical consulting to assist in resolving difficult software and hardware problems which have been escalated by the IT staff handling desktop support.  Assist users in installing applications and ensuring that these applications meet IT security and infrastructure requirements. Ensure compliance with SEI ITS Practices and Procedures and in some cases will be expected to identify and create procedures to comply.

25%  Act as project lead for developing deployment strategy and resolutions for new service releases.  This includes providing training and advanced support for team members.

20%  Works with other members of the ITS staff on projects developing the IT infrastructure.

5%  Professional development.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  IT & Security Director < User Services & Hardware Support Manager < Systems Administrator

Position Summary:  The Chief Engineer – Civil and Defense Agencies (C&DA) reports directly to the Associate Director, Interagency  who reports to the SEI Executive Director, Interagency, Acquisition and Cyber.   The Chief Engineer is responsible for enabling accomplishment of the goals of the Civil and Defense Agency organizations. In this role, the Chief Engineer will provide technical and program management leadership to apply, integrate, innovate, and transition the SEI and other bodies of knowledge, research, and state of the practice experience to the Civil and Defense Agency communities.  The Chief Engineer will formulate a technical, business and research strategy that is responsive to the needs of customers and raises the standard practice for Acquisition and Innovation.   The Chief Engineer will be responsible for execution of all Civil and Defense Agency customer work. 

Key responsibilities of the Chief Engineer–Civil and Defense Agencies include:  Act as Portfolio Manager and provide senior level direction and guidance for Civil and Defense Agency business development activities.  Work in tandem with the Associate Director and PD&T in the development of new customer opportunities and extension of existing opportunities. Create and implement an integrated strategy and organizational capability for leveraging and transitioning SEI and other software engineering technologies to maximize impact on Civil and Defense Agency communities.  Advise the Executive Director and SEI senior leadership on emerging trends and topics of interest within the Civil and Defense Agency community that should be addressed in SEI’s core research and technical programs.  Provide effective technical and program management across the Civil and Defense Agency portfolio through continuous engagement with customers and leveraging key bodies of work (including the SEI) and domain knowledge and experience to add value to the customer with the goal of increasing customer impact and advancing the software engineering state of the practice.  Ensure effective program and project management across all portfolio activities work activities consistent with SEI / ASP processes and provide appropriate management visibility of program and project status.  Lead all human resource actions for the Civil and Defense Agency Portfolio including staffing, performance management, communications, training and development.  Support the broader research and transition missions of the SEI.

Minimum Qualifications and Requirements:

Education/Training:  Masters of Science in a technical field such as Computer Science, Information Systems, or Engineering or equivalent combination of training and experience.

Experience: The candidate must have at least:  BS or equivalent degree in relevant discipline with ten (10) years applicable experience; MS or equivalent degree in relevant discipline with eight (8) years applicable experience;  PhD or equivalent degree in relevant discipline with five (5) years applicable experience.

The successful candidate must have a proven record of progressively increasing experience managing the acquisition life cycle and development of complex software intensive projects in a DoD or government related environment including those at a classified level.  The ideal candidate must have experience building and managing interdisciplinary, high technology teams had have the knowledge of the DoD/IC/Federal computer science, IT architecture, software technology and acquisition processes.  The successful candidate must be able to demonstrate experience managing and exercising oversight of large, complex, and software intensive programs that were strategic in nature. Leadership and management experience within the Federal government, the military, a university, FFRDC, and/or Fortune 500 technology organization is preferred.  Deep understanding of one or more of the SEI technical domains is desired.

Skills/Abilities: Able to work closely and negotiate agreements with senior acquisition officials and all levels of SEI personnel particularly senior management.  Able to work with and coordinate cross-functional teams of technical staff from the SEI and both customer team members and others from the broader community; Able to develop plans, manage projects (budgets, schedules etc.) and develop and deliver marketing/sales forecasts and proposals.  Have strong organization and team building and mentoring skills.

The successful candidate must possess:  Strong technical and business acumen. He/she must be a visionary with a strong sense of purpose; track record of accomplishment in portfolio, project and program management; demonstrated understanding of the Civil and Defense Agencies including the acquisition and developer communities; strong influencing and engagement management skills; demonstrated abilities in strategic planning, financial and personnel management; reputation for the highest level of integrity; high comfort level with ambiguity; success at building consensus within a matrixed organization; experience originating new techniques and approaches, establishing criteria, and developing new information; excellent oral, written and presentation skills.

Mobility:  Will be required to travel on overnight assignments.
   
Environmental Conditions: Usual office setting with extended use of computer.

Mental: Ability to pay close attention to details, meet inflexible deadlines, remain calm during difficult situations, work under pressure and work with frequent interruptions.  Ability to act professionally at all times.

Other: Candidates must be able to pass a background investigation, obtain a DoD Top Secret security clearance, and be a US citizen.

Preferred Qualifications and Requirements:

Licenses: Certified DoD Acquisition Professional, PMP Certification.

Experience:  The successful candidate should have a 15 - 20 year proven record of progressively increasing experience managing the acquisition life cycle and development of complex software intensive projects in a DoD or government related environment including those at a classified level.  The ideal candidate must have experience building and managing interdisciplinary, high technology teams had have the knowledge of the DoD/IC/Federal computer science, IT architecture, software technology and acquisition processes.  The successful candidate must be able to demonstrate experience managing and exercising oversight of large, complex, and software intensive programs that were strategic in nature. Leadership and management experience within the Federal government, the military, a university, FFRDC, and/or Fortune 500 technology organization is preferred.  Deep understanding of one or more of the SEI technical domains is desired.

Accountability:  The incumbent will be responsible for developing and implementing operational plans that enable the Civil and Defense Agency communities  to maintain technical superiority;  developing and meeting revenue projections; developing and meeting commitments made to customer;  performing administrative oversight for all Civil and Defense Agency work, and building and maintaining staff to execute against plans.

Direction:  The incumbent is expected to participate as a member of the SEI and ASP management team and operate with minimum supervision using CMU, SEI and ASP defined practice, policies, and procedures. Additionally, it is expected that the Associate Director will define and implement continuous improvements of policies and processes related to the portfolio of work, as well as provide guidance on the management of Civil and Defense Agency work.

Decisions:  The incumbent is responsible for making decisions regarding the budget, performance and deliverables for the portfolio of work.  Will be required to identify best practices, determine methods that will assess the challenges of Civil and Defense Agency customers and integrate and innovate solutions.  This includes determining and implementing workforce development that allows customers to make large-scale improvement in their software-reliant programs and cyber operations.

Supervisory Responsibilities:  Will have direct supervisory responsibilities over delivery teams within portfolio.  The position is directly responsible for complete human resource management to include hiring and job assignment, performance management, and salary administration.

JOB FUNCTIONS OR RESPONSIBILITIES:

50%    Lead the Civil and Defense Agencies Portfolio of work. Participate as a leader or member of technical teams in support of government acquisition program offices or participate as a member of a technical team performing research.  Identify and support the implementation strategies for capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses and blog entries).  Investigate and provide guidance and direction in helping to focus SEI programs to more effectively transition technology into practice in the Civil and Defense Agency community.

30%    Participate as a member or leader of SEI business/technical development teams to support acquisition excellence, lifecycle software engineering, and innovation and performance impact.

10%     Serve in an advisory capacity to other SEI technical programs on Civil and Defense Agencies, acquisition and innovation issues.

10%  Other duties as assigned by the Executive Director, Deputy Director or Associate Director.

ORGANIZATIONAL CHART: SEI Director’s Office < Executive Director Interagency, Acquisition and Cyber: Terry Roberts < Associate Director, Interagency < Chief Engineer, Civil and Defense Agencies

ADDITIONAL INFORMATION:  The incumbent will work in the Arlington, VA office location.

Postion Summary:  The CERT Program is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT® Program engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems. The CERT Network Situational Awareness (NetSA) group supports government customers by developing cutting-edge, network analysis tools and techniques for operational use in high-impact environments.

The Senior Security Solutions Engineer position is a member of the CERT NetSA team and based in the SEI Ballston office (in the Washington DC area). This position will provide technical leadership to enterprise network security projects or ongoing security operations. This support would include system requirements development, technology evaluation, prototyping, tool development, and deployment guidance.

MULTIPLE POSITIONS AVAILABLE

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science, Mathematics, Information Systems, Information Systems Management or related field with eight (8) years experience, or equivalent; or MS with five (5) years experience.

Experience: Professional experience should include five (5) or more years of experience supporting technical decision-making, acquisition and management of large-scale enterprise network security or middleware system. Experience with full life-cycle management, from costing, design, deployment, operation, maintenance, and retirement for enterprise scale systems is desired.

Skills/Abilities: Ability to function in the role of a consultant; planning and organizational skills; strong problem solving skills; excellent oral and written communication skills; ability to work both independently and with teams; proven ability to research, compare, test and evaluate alternative technical solutions, and communicate the results; broad understanding of network, host and application security issues; expertise in enterprise level systems in network security; experience in enterprise level transaction systems; experience in enterprise scale storage with a focus on performance; familiarity with various Internet protocols (e.g., TCP/IP, DNS, SMTP, BGP, TLS).

Mobility: Primarily sedentary in an office setting with some mobility. Flexibility to travel to sites in Northern VA (Tysons Corner, Arlington) and Southern Maryland (Fort Meade); locations within the SEI and CMU community, sponsor sites, conferences, and offsite meetings with routine frequency.

Environmental Conditions: Normal office conditions; close contact with computer display for extended periods of time.

Mental: The ability to: work meticulously with careful attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort; develop and communicate innovative ideas; take leadership role in technical projects; and quickly learn new procedures, techniques, and approaches.

Other:  Candidates must be able to pass a background investigation, obtain a DoD TS/SCI security clearance, and be a US citizen.

Preferred Qualifications and Requirements:

Education/Training: PhD with two (2) years experience.

Experience: Practical network security training (e.g. SANS GIAC Level 2 courses, CCNP, CCIE Security).

Skills/Abilities:  Experience working with the government, or within a critical infrastructure sector; experience developing briefing materials for senior leadership within government or industry; history of contributions to the broader industry or research community; experience deploying or supporting large-scale network security monitoring infrastructures; experience in a variety of network security areas; C/Java/Python development experience in the Unix environment with the ability to apply sound software engineering practices (e.g., documenting code; version control and configuration management; code reviews; and testing); experience in conducting studies analyzing event streams including quantitative and visual approaches.

Acountability:  The individual is accountable for capturing the requirements of network security analysts at customer sites, technical papers and non-technical papers for potential customers and technology transition.

Direction:  The individual is expected to act independently using CMU, SEI, NSS, and NetSA defined policies, practices, and procedures – within the scope of assigned work.

Decisions:  The individual is expected to participate in the decision-making and problem-solving processes of designing, building, and operating systems for network security; suggesting and implementing policies and procedures to support these activities; and creating prototype implementations of tools and approaches for situational awareness.

Supervisory Responsibilities:  This position does not formally supervise others. However, the individual will act in a technical leadership or project lead role in regard to specific work products and activities both at CMU and at the customer site.

JOB FUNCTIONS OR RESPONSIBILITIES:

75%  Provide direct support to the customer program office in the areas of strategy; process/policies; requirements elicitation; design and architecture; operations; outreach; and training.

15%  Enable the transition and appropriate focus of NetSA analysis approaches and tools into operational environments.

10%  Design, prototype, and transition tactical analysis studies and tools appropriate for operational use in situational awareness.

100% TOTAL EFFORT

ORGANIZATIONAL CHART: Program Director, CERT < Technical Director, CTVA < Network Situational Awareness (NetSA) Technical Manager < NetSA Security Solutions Engineer

Position Summary: The Acquisition Support Program (ASP) Chief Scientist reports to the SEI’s Executive Director – Acquisition, Interagency and Cyber. This position is responsible for working with ASP Leadership Team to plan, develop and implement research and life cycle software engineering strategies, initiatives, policies, programs and projects that further the mission of ASP and the SEI.  ASP is focused on accelerating the delivery of assured software for the mission throughout the life cycle, including the acquisition, evolution and operations of software-reliant systems. 

This position is located in Pittsburgh, PA.

Key responsibilities include:  Formulating  a research agenda that enables ASP to establish a national agenda in the acquisition, evolution and operations of software-reliant systems; aligning ASP’s research plans and phased implementation with the overall SEI research strategy; leading the strategic research planning and execution process and contributing to the development of the ASP strategic plan and program plan in conjunction with the ASP Leadership Team; assisting in strategic planning, portfolio management, program management and project management in an integrated team environment; collaborating with the ASP Leadership Team to shape the technical direction of ASP; including working with technical leads during project start-ups and project execution to develop and implement prioritized, executable phased implementation plans addressing client strategic and tactical goals and objectives; identifying technical trends, performing gap analysis and assisting with resource allocation/staffing and training and development planning; participating as a leader or member of technical teams in support of government acquisition organizations including program offices and independent review teams; maintaining situational awareness in technical and DoD domains, including understanding client requirements and key challenge problems; applying, adapting, integrating, innovating, verifying and transitioning the SEI body of knowledge and other bodies of knowledge to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software engineering state of the practice.

Minimum Qualifications and Requirements:

Education/Training: PhD in a technical field such as Computer Science, engineering Mathematics, Information Technology or related discipline with at least five (5) years experience or equivalent.

Experience: The candidate must have experience in software engineering, acquisition, development management and/or systems engineering of software-reliant systems with progressively responsible experience in a technology or research-based organization in government, industry, or higher education.   Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD, Intelligence Community or Civilian Agency acquisition processes.  The candidate should have experience building, leading, managing and participating on cross-functional, high technology teams.  Demonstrated success in formulating and delivering successful innovative research proposals, white papers and client-centered proposals and in leading successful  resulting projects.  Demonstrated record of publications and contributions to the science and technology communities.  Demonstrated management experience with responsibility for projects, people and contracts.  Must be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with customers and sponsors.  

Skills/Abilities:  Must be a visionary with strong sense of purpose; proven team leader; prior academic research experience; a reputation for applied and/or theoretical research with published results in respected technical journals and other venues; prior experience in software-reliant systems in government context; track record of accomplishments for innovative thinking leading to research or new client-based projects; detailed knowledge in architecture, mission assurance, performance improvement and risk management; DoD, Intelligence Community or Civilian Agency software systems acquisition experience on major programs   (For the purposes of this announcement, our definition of major is at least 100K SLOC of custom developed code, and/or significant integration of COTS/GOTS products); strong business acumen; high comfort level with ambiguity; success at building consensus within a matrixed organization; excellent oral, written and presentation skills; experience in organizational change management would be considered a plus.  Able to make decision and recommendations that significantly change important public policies or scientific programs.   Ability to influence, work with and manage technical staff.  Able to respond quickly and effectively to changing priorities.  Excellent analytical, organizational, supervisory, reasoning and problem solving skills. Able to interact effectively with diverse constituencies internally and externally to the SEI.
 
Mobility: Sedentary in an office setting with some mobility.  Will be required to travel on day or overnight assignments to various locations.

Environmental Conditions: Normal office conditions; close contact with computer display for extended periods of time. 

Mental: Ability to play close attention to details, meet inflexible deadlines, remain calm during difficult situations, work under pressure with frequent interruptions.

Other: Successful candidate must be able to pass a background investigation, be a US citizen and be eligible for a security clearance.   Must be able to travel frequently and adjust to a schedule that requires weekend and evening hours. 

Preferred Qualifications and Requirements:

Accountability:  Directly accountable for understanding DoD acquisition needs, technology gaps, researching, applying integrating and innovating new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community in a research and services context. 

Direction:  He/she will be expected operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions:  Will be required to work with ASP Leadership Team, CMU/SEI/ASP personnel, and government entities to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  May supervise others.

JOB FUNCTIONS OR RESPONSIBILITIES:

30%      Primary advocate for the research component of ASP.  Formulates the research strategy and works with ASP management to implement that strategy.   Leads strategic research planning and execution process and contributes to the development of the ASP strategic plan and program plan in conjunction with the ASP Leadership team.  Reviews feasibility of plan, oversees plan execution, identifies risks and defines risk mitigation strategy.   Articulates research vision and roadmap for internal and external audiences.  Consults with ASP Leadership Team on organizational effectiveness and evaluation of impact of research contributions.   Identifies operational success measures and performance improvement activities.   Leads corrective action.  Serves as a liaison between ASP and other R&D activities at the SEI and between ASP and other R&D entities external to the SEI including CMU. Identifies and engages in potential areas of collaboration. 

20%       Works with ASP Leadership Team to guide technical direction of ASP.   Works in collaboration with ASP Leadership team and technical leads during project start-ups and project execution to develop and implement prioritized, executable phased implementation plans addressing client strategic and tactical goals and objectives.    Identifies technical trends, performs gap analysis and assists with staffing as well as training and development planning.       

40%      Participates as a member or leader of technical teams in support of government acquisition organizations including program offices and independent review teams. Participates as a member of a technical team performing research.  Identifies and supports the implementation of strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries)

5%      Serves in an advisory capacity to other SEI technical programs on acquisition or technical issues.   Identify and engage in potential areas of collaboration. 

5%      Other duties as assigned by the Acquisition Support Program Executive Director

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  SEI Director’s Office < Executive Director – Acquisition, Interagency and Cyber < ASP Chief Scientist

Position Summary:  The individual in this position will work as a member of the ITS staff as the Unix Team Lead for Systems Engineering.  The primary responsibility of this position is the oversight and technical leadership of all Unix and Linux engineers and administrators in the ITS Systems Group.   This position is responsible for setting vision and technical engineering direction for the SEI’s entire Linux and UNIX infrastructure.

Minimum Qualifications and Requirements:

Education/Training:  BS in Computer Science, Information Science, Information Technology or similar program with at least eight (8) experience as a systems engineer or senior systems administrator.  Candidates with a degree in other technical fields (e.g. engineering) and years of relevant experience as described above will be considered as well.

Experience: Extensive experience operating and maintaining production Linux-based ITS services at scale (at least 50 Linux servers providing core business functions) or a heterogeneous environment of at least 100 servers with a significant portion of the systems running Linux; in-depth detailed working knowledge of system administration scripting languages (e.g. Perl, Bourne shell scripting, Python) and a functional knowledge of one or more Unix-related programming languages (e.g. C, C++); must have a history participating in the entire lifecycle (engineering, deployment, maintenance) of critical IT services; demonstrates technical and thought leadership on Linux operating systems and services (such as e-mail, DNS, and other services that are traditionally Unix-based services); detailed engineering and administrative familiarity with various common open-source technologies (e.g. Sendmail, BIND, MySQL, Apache). Demonstrates aptitude in working in an integrated multi-platform environment and some knowledge of Microsoft Windows-related services (e.g. Active Directory, DFS); prior experience as a technical lead or manager of a similarly-sized engineering or administration team. 

Skills/Abilities: Candidate must be capable of setting direction and thought leadership for a team of 4-8 engineers and administrators.  Candidate must be capable of reviewing and managing team and individual performance on a routine basis.  Candidate must be capable in the tracking, charging, reviewing, and projecting of staff effort.  Candidate should be capable of engineering complex inter-related Linux systems and their applications with no technical oversight.  Manage overall workload and prioritization of the Unix Team efforts in collaboration with the ITS Systems Group Manager. Temperament to serve as the top-tier escalation point for issues from the helpdesk, second level support and other team members and to function as a liaison between customer groups, the helpdesk and other systems administrators for large enterprise-wide issues is required to perform well in this role.

Mobility:  Some business travel required, primarily to the SEI’s DC offices and to the U.S. Capitol region to meet with sponsors and partners. Computer hardware installation and configuration required on an infrequent basis, sometimes involving transport of heavy objects (typically under 100 lbs.) short distances, use of hand tools, et cetera. Carrying of light objects (< 20 lbs.) for longer distances (intra-campus; 2-3 city blocks) may also be required.  This position will require travel to other campus locations (walking distances) on a daily basis.

Environmental Conditions: Close contact with CRT/LCD screens for extended periods; periodic work in a computer datacenter environment.

Mental:  Ability to work under pressure and meet deadlines; ability to prioritize, track and review tasks for themselves and other team members in line with organizational objectives; strong learning capability; ability to interact effectively with others of varying technical competency, vendors, managers, and other technical research staff; ability to work effectively with all levels of staff within the SEI and Carnegie Mellon. Excellent technical problem-solving skills. Strong information organization skills as well as good oral and written communication skills are required.

Other:  Evening/weekend hours will be periodically required in order to perform service outside of normal operating hours. There is a rotating on-call component to this position. Candidate must respond to outage events via remote access (in appropriate circumstances) within 30 minutes.  Some situations in this role will demand an on-site response; on-site response to the local SEI facility must be achieved within 60 minutes barring extreme adverse weather conditions.  Candidate must be able to pass a background investigation to obtain a United States DoD Top Secret clearance and must be a U.S. citizen.

Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science, Information Science, or Information Technology with five (5) years of experience; or PhD in Computer Science, Information Science, Information Technology with two (2) years of experience.

Licenses:  CISSP, RHCE

Experience: Experience leading and coordinating staff effort in conjunction with an organization’s IA staff to meet internal and sponsor requirements.  Experience in the technical aspects of designing and managing systems that must conform to DoD operational requirements (e.g. DISA STIGs and checklists, DoD 8500-series requirements) or similar requirements (e.g. DHS 4300A and related series documents). At least 48 months of said relevant experience served in the same organization evolving a single infrastructure is preferred. Experience in engineering and operating Linux-based systems in a virtualized environment (e.g. VMware ESX). Experience with Linux host configuration using tools such as Puppet, cfengine, etc. 

Skills/Abilities:  Experience at assisting staff with developing goals and objectives and measuring performance.  Experience in project management of multiple simultaneous efforts using shared resources.  Experience with compiling, packaging and debugging software packages. 

Other: Clearances: United States DoD Top Secret that is transferrable to the SEI.

Accountability:  Employee will be accountable for their team meeting deadlines and fulfilling organizational objectives.  Employee is accountable for designing and maintaining an efficient, reliable and secure configuration of computing services in support of the SEI’s initiatives and/or a sponsor/client.  Employee will be responsible for the proper handling/destruction of confidential, sensitive or classified information.  Employee will be responsible, in conjunction with ITS management, for tracking and reporting staff effort time.  Employee will be responsible, in conjunction with ITS management, for specifying and purchasing capital equipment required to fulfill ITS objectives.

Direction:  Employee is expected to act independently and lead their team in support and fulfillment of the organizational goals and objectives with no technical oversight and within the defined scope of authority and in accordance with SEI and ITS operating guidelines.

Decisions:  Under management direction, the employee will decide the appropriate course of action and apportion work to team members regarding production computing services for programs within the SEI. Employee will determine, in conjunction with the Systems Group Manager, how best to allocate and/or acquire resources necessary to implement and evolve information services.  Employee will determine the appropriate courses of action to solve problems and evolve systems with input from team members.

Supervisory Responsibilities:  Employee, with oversight from the Systems Group Manager, will task and supervise employees in completion of work product.  Employee, in conjunction with the Systems Group Manager, will hire staff, set goals and objectives for staff and regularly review staff performance.

JOB FUNCTIONS OR RESPONSIBILITIES:

50%    Provides technical and thought leadership in the design, engineering and operation of Linux and Unix services for the SEI.

40%    Manages the daily operation of the Systems Engineering Unix Team.  Sets deadlines and ensures they are met to accomplish  organizational goals.  Reviews and manages team performance in conjunction with the Systems Group Manager.

5%      Drafts documents to describe the proper configuration/use of such services from an ITS perspective when necessary.

5%      Training and professional development.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  SEI ITS Director < Systems Group Manager < Unix Systems Team Lead < Linux/Unix Engineers and Administrators

Position Summary:  The individual in this position will work as a member of the ITS staff as the Unix Team Lead for Systems Engineering.  The primary responsibility of this position is the oversight and technical leadership of all Unix and Linux engineers and administrators in the ITS Systems Group.   This position is responsible for setting vision and technical engineering direction for the SEI’s entire Linux and UNIX infrastructure.

Minimum Qualifications and Requirements:

Education/Training:  BS in Computer Science, Information Science, Information Technology or similar program with at least three (3) experience as a systems engineer or senior systems administrator.  Candidates with a degree in other technical fields (e.g. engineering) and years of relevant experience as described above will be considered as well.

Experience: Extensive experience operating and maintaining production Linux-based ITS services at scale (at least 50 Linux servers providing core business functions) or a heterogeneous environment of at least 100 servers with a significant portion of the systems running Linux; in-depth detailed working knowledge of system administration scripting languages (e.g. Perl, Bourne shell scripting, Python) and a functional knowledge of one or more Unix-related programming languages (e.g. C, C++); must have a history participating in the entire lifecycle (engineering, deployment, maintenance) of critical IT services; demonstrates technical and thought leadership on Linux operating systems and services (such as e-mail, DNS, and other services that are traditionally Unix-based services); detailed engineering and administrative familiarity with various common open-source technologies (e.g. Sendmail, BIND, MySQL, Apache). Demonstrates aptitude in working in an integrated multi-platform environment and some knowledge of Microsoft Windows-related services (e.g. Active Directory, DFS); prior experience as a technical lead or manager of a similarly-sized engineering or administration team. 

Skills/Abilities: Candidate must be capable of setting direction and thought leadership for a team of 4-8 engineers and administrators.  Candidate must be capable of reviewing and managing team and individual performance on a routine basis.  Candidate must be capable in the tracking, charging, reviewing, and projecting of staff effort.  Candidate should be capable of engineering complex inter-related Linux systems and their applications with no technical oversight.  Manage overall workload and prioritization of the Unix Team efforts in collaboration with the ITS Systems Group Manager. Temperament to serve as the top-tier escalation point for issues from the helpdesk, second level support and other team members and to function as a liaison between customer groups, the helpdesk and other systems administrators for large enterprise-wide issues is required to perform well in this role.

Mobility:  Some business travel required, primarily to the SEI’s DC offices and to the U.S. Capitol region to meet with sponsors and partners. Computer hardware installation and configuration required on an infrequent basis, sometimes involving transport of heavy objects (typically under 100 lbs.) short distances, use of hand tools, et cetera. Carrying of light objects (< 20 lbs.) for longer distances (intra-campus; 2-3 city blocks) may also be required.  This position will require travel to other campus locations (walking distances) on a daily basis.

Environmental Conditions: Close contact with CRT/LCD screens for extended periods; periodic work in a computer datacenter environment.

Mental:  Ability to work under pressure and meet deadlines; ability to prioritize, track and review tasks for themselves and other team members in line with organizational objectives; strong learning capability; ability to interact effectively with others of varying technical competency, vendors, managers, and other technical research staff; ability to work effectively with all levels of staff within the SEI and Carnegie Mellon. Excellent technical problem-solving skills. Strong information organization skills as well as good oral and written communication skills are required.

Other:  Evening/weekend hours will be periodically required in order to perform service outside of normal operating hours. There is a rotating on-call component to this position. Candidate must respond to outage events via remote access (in appropriate circumstances) within 30 minutes.  Some situations in this role will demand an on-site response; on-site response to the local SEI facility must be achieved within 60 minutes barring extreme adverse weather conditions.  Candidate must be able to pass a background investigation to obtain a United States DoD Top Secret clearance and must be a U.S. citizen.

Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science, Information Science, or Information Technology with one (1) year of experience; or PhD in Computer Science, Information Science, Information Technology with two (2) years of experience.

Licenses:  CISSP, RHCE

Experience: Experience leading and coordinating staff effort in conjunction with an organization’s IA staff to meet internal and sponsor requirements.  Experience in the technical aspects of designing and managing systems that must conform to DoD operational requirements (e.g. DISA STIGs and checklists, DoD 8500-series requirements) or similar requirements (e.g. DHS 4300A and related series documents). At least 48 months of said relevant experience served in the same organization evolving a single infrastructure is preferred. Experience in engineering and operating Linux-based systems in a virtualized environment (e.g. VMware ESX). Experience with Linux host configuration using tools such as Puppet, cfengine, etc. 

Skills/Abilities:  Experience at assisting staff with developing goals and objectives and measuring performance.  Experience in project management of multiple simultaneous efforts using shared resources.  Experience with compiling, packaging and debugging software packages. 

Other: Clearances: United States DoD Top Secret that is transferrable to the SEI.

Accountability:  Employee will be accountable for their team meeting deadlines and fulfilling organizational objectives.  Employee is accountable for designing and maintaining an efficient, reliable and secure configuration of computing services in support of the SEI’s initiatives and/or a sponsor/client.  Employee will be responsible for the proper handling/destruction of confidential, sensitive or classified information.  Employee will be responsible, in conjunction with ITS management, for tracking and reporting staff effort time.  Employee will be responsible, in conjunction with ITS management, for specifying and purchasing capital equipment required to fulfill ITS objectives.

Direction:  Employee is expected to act independently and lead their team in support and fulfillment of the organizational goals and objectives with no technical oversight and within the defined scope of authority and in accordance with SEI and ITS operating guidelines.

Decisions:  Under management direction, the employee will decide the appropriate course of action and apportion work to team members regarding production computing services for programs within the SEI. Employee will determine, in conjunction with the Systems Group Manager, how best to allocate and/or acquire resources necessary to implement and evolve information services.  Employee will determine the appropriate courses of action to solve problems and evolve systems with input from team members.

Supervisory Responsibilities:  Employee, with oversight from the Systems Group Manager, will task and supervise employees in completion of work product.  Employee, in conjunction with the Systems Group Manager, will hire staff, set goals and objectives for staff and regularly review staff performance.

JOB FUNCTIONS OR RESPONSIBILITIES:

50%    Provides technical and thought leadership in the design, engineering and operation of Linux and Unix services for the SEI.

40%    Manages the daily operation of the Systems Engineering Unix Team.  Sets deadlines and ensures they are met to accomplish organizational goals.  Reviews and manages team performance in conjunction with the Systems Group Manager.

5%     Drafts documents to describe the proper configuration/use of such services from an ITS perspective when necessary.

5%     Training and professional development.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  SEI ITS Director < Systems Group Manager < Unix Systems Team Lead < Linux/Unix Engineers and Administrators

Position Summary: The vulnerability Analysis Team within the CERT Program’s CERT Coordination Center (CERT/CC) is a group of internet security experts that serve as a trusted and neutral coordination body, dedicated to remediating software vulnerabilities and providing practical guidance for customers, system administrators, security researchers, and the global internet security community to reduce the amount of time software systems are vulnerable.  The primary roles of the Vulnerability Analysis Team include:  Software vulnerability analysis including black box testing, source code examination and attach reproduction; customer, vendor and reporter correspondence; publication of technical documents and remediation information; tool specific and development.  The individual in this position must be self-motivated and will have the opportunity to serve as a strong contributor and technical leader in the analysis, coordination and remediation of software vulnerabilities.  The intent is for this position to be primarily located in Washington D.C., but this position could be located in Pittsburgh, PA with travel to Washington D.C. area on a regular basis.

Minimum Qualifications and Requirements:

Education/Training: Bachelor of Science in Computer Science, Information Science, Information Management with three (3) years applicable experience as a system or network administrator, software developer, database administrator or similarly technical occupation.  We will consider other educational backgrounds in a technical discipline with experience as described.

Experience: Candidates should have experience working with the government community; at least three years of experience in a Windows and Unix/Linux environment and be able to demonstrate substantial knowledge of at least four of the following: various internet protocols (e.g., TCP/IP, DNS, BGP, SMTP, HTTP); computer system and Internet security issues; various security technologies (e.g., encryption, firewalls, and anti-virus products); software runtime analysis, debugging, and security testing techniques; security auditing practices; underlying software defects that routinely result in security vulnerabilities (e.g., input validation errors); understanding of intruder techniques and software exploitation methods; system, database, and/or network administration; operational details of multiple operating systems; cryptographic principles and common cryptographic protocols; one or more programming languages (e.g., C/C++, Perl, or Java); vulnerability management concepts and tools.

Skills/Abilities: Successful candidates will: have an interest in and have extensive knowledge of network and computer security issues; have the ability to analyze software to discover vulnerabilities; be able to develop and explain technical decisions; be able to separate fact from opinion and speculation; have excellent work prioritization, planning, and organizational skills; interact effectively with vulnerability reporters, system and network administrators, vendors, experts, Internet users, sponsors, policy makers, news reporters, managers and staff (i.e., stakeholders in the vulnerability disclosure process); be able to work with closely coordinated team during emergencies; excellent analytical, reasoning, and creative problem solving skills; excellent written, oral communication skills; recognize and deal appropriately with confidential and sensitive information; be able to work meticulously with careful attention to detail; be able to collaborate effectively and work closely within a coordinated team environment; be able to quickly learn new procedures, techniques, and approaches; maintain composure while dealing with difficult people; communicate and work effectively under normal and stressful situations; meet inflexible deadlines; possess strong leadership and mentoring abilities; be motivated to tackle challenging problems.

Mobility: Primarily sedentary, long periods of sitting. Ability to travel to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions: Normal office conditions; however close contact with computer for prolonged periods of time.

Mental: The ability to work well under pressure of deadlines.

Other:  Candidate must be able to pass a background check, obtain a security clearance, and be a U.S. citizen.

Preferred Qualifications and Requirements:

Education/Training: Master of Science in Computer Science, Information Science or equivalent with one (1) year applicable experience. We will consider other educational backgrounds in a technical discipline with experience as described.

Experience: Ideal candidates will have substantial experience in two or more of the following areas: industrial/process control systems; web application development; computer and network architecture; reverse engineering; software development; computer and network architecture; network security and survivability issues, to include knowledge of and experience with information security concepts, information security best practices and bodies of knowledge, computer security incident response management.Other: Fluent oral and written communication in Spanish or other foreign language.

Accountability:  Develop and implement project technical results.  Contribute to program objectives and plans development.  Keep in confidence sensitive information such as security, vulnerability, and site-specific information.

Direction:  Regular interaction with supervisor.  Expected to act in accordance with SEI and NSS program procedures and policies, such as those involving product development, team interaction, and confidentiality.

Decisions:  Must accurately represent the program in interactions with customers, sponsors, and the public.  Participate in conferences and workshops where security-related issues are discussed as required.

Supervisory Responsibilities:  Contributes to hiring decisions of program staff; appraises performance of support staff.

JOB FUNCTIONS OR RESPONSIBILITIES:

40%   Analyze vulnerability reports using tools, processes, and techniques designed to provide fact-based analysis to other stakeholders in the vulnerability disclosure process.

20%  Research, specify, and develop new tools, processes and techniques to improve vulnerability analysis methodology and to support interaction with stakeholders.

10%   Correspond with software vendors, vulnerability researchers, sponsors, and other stakeholders.

5%     Communicate analytical results in various technical communities to promote collaboration and shared understanding of vulnerability preconditions and impacts.

5%      Write and publish short to medium-length documents describing vulnerability mitigation strategies and root-cause analyses.

5%      Represent CERT/CC in other forums (e.g. conferences, workshops, etc.).

5%      Provide assistance and input to other teams and projects within the SEI.

5%      Be on call to respond to Internet emergencies (outside of normal business hours).

5%      Review work of and act as a mentor to other team memebrs.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  Networked Systems Survivability Program, Manager > CERT/CC, Technical Manager > Vulnerability Analyst

Position Summary:  The goal of the Enterprise Threat and Vulnerability Management (ETVM) team is to assist organizations in improving their security posture and incident response capability by researching technical threat areas; developing information security assessment methods and techniques; and providing information, solutions and training for preventing, detecting, and responding to illicit activity. ETVM team members are domain experts in insider threat and incident response, and team capabilities include threat analysis and modeling; development of security metrics and assessment methodologies; and creation and delivery of training, courses, and workshops.  The selected individual will participate in two principal areas of work in ETVM: insider threat applied research and cybersecurity validation assessments for US Government agencies and industry representatives. The position will design, prototype, and transition tools, solutions, and exercises for internal use by the ETVM team, for external use by government agencies and other assessment customers, for operational implementation for insider threat risk mitigation, and for use in training workshops and exercises. The database and application development activities include the design, construction and maintenance of custom database-driven solutions, technical support and training for application end-users and frequent communication and close cooperation with project members and sponsor. In addition, the position will participate in examination, analysis, documentation, and assessment of insider threat and electronic crime activity and information security risks to critical infrastructure systems.  The individual may also participate in the compliance validation effort by conducting on-site assessments, pre- and post-assessment analysis, and preparation of technical reports and briefings to customers.

Minimum Qualifications and Requirements:

Education/Training:  BS in computer science, software engineering, information systems, or a related technical field with five (5) years experience or equivalent.

Experience:  Professional experience in most of the following areas:  Windows/Linux systems administration; large dataset storage architectures; database-driven web applications development; interfacing with application customers/users on regular basis; database administration.

Skills/Abilities:  System administration and network administration skills and familiarity with Windows, UNIX, LINUX operating systems; software/application development in Java, Perl, Python, C, C++, C# and the .NET Framework; secure database-driven web applications development using technologies such as Javascript, HTML, XML, ASP.NET, XSLT, JSON, SOAP, LDAP, X.509, and SSL under Apache and/or IIS; applied understanding of large dataset storage architectures, such as MySql, SQL Server or Oracle; knowledge of core Internet protocols (TCP/IP, UDP, ICMP, DNS, FTP, SMTP, HTTP, SNMP, etc.); broad understanding of network, host, and application security issues, knowledge of common attack methodologies and security vulnerabilities; software / systems development lifecycle, QA testing, revision control, and change management practices; proven ability to innovate, develop, implement, and effectively document complex technical systems and approaches; proven ability to deliver concrete, high quality, and timely results while working on multiple projects; planning and organizational skills, ability to work independently and with teams, ability to interact effectively with technical and non-technical audiences both written and verbally; ability to work independently with limited supervision; ability to recognize and deal appropriately with confidential and sensitive information; participate in conferences and meetings; contribute to customer presentations and technology transfer activities; strong interest in security analysis R&D; ability to create instructional materials and conduct training.

Mobility:  Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites & various critical infrastructure sites.

Environmental Conditions:  Close contact with computer display for extended periods of time.

Mental:  Ability and interest in addressing security issues in a holistic manner, addressing both organizational and technical policies and practices; as well as behavioral and organizational issues; ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; work meticulously with careful attention to detail; ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; take leadership role in technical projects.

Other: Candidate must be a US citizen, have the ability to pass a background investigation, and obtain a Top Secret / SCI security clearance.

Preferred Qualifications and Requirements: 

Education/Training:  MS in computer science, software engineering, information systems, or a related technical field with at least five (5) years’ experience preferred or BS in computer science, software engineering, information systems, or a related technical field with eight (8) years’ experience or equivalent.

Experience:  Experience working in or with the DOD, intelligence community, or law enforcement in a classified environment; experience in SEI’s CMMI; experience in both physical and cyber security; experience in auditing or conducting assessments; working in a team environment on collaborative projects in critical infrastructure sectors involving network, system or data security; experience employing software engineering techniques in designing and developing distributed, secure software, and experience with / knowledge of any of the following:  system administration, networking, firewalls, intrusion detection systems, and other security technologies; application development/programming; relational databases; experience leading technical project teams and interfacing with customers; experience making presentations to large or high level audiences.

Skills/Abilities:  Working knowledge of network security/survivability; knowledge of and experience with sound software engineering practices and best practices for information security; working knowledge of systems dynamic modeling techniques and modeling applications and tools; experience with statistics; project management experience; leadership and mentoring skills.

Accountability: The individual will implement and participate in the planning and execution of projects leading to technical results (this may include the detailed examination and analysis of law enforcement, federal agency, or classified casefiles).  The individual will also contribute to project, department, or program objectives and planning document development.  The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction:  The individual is expected to act independently using CMU, SEI, and NSS defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual must make sound technical decisions with little supervision.  The individual must accurately represent the program in interactions with customers, sponsors, and the public.  The individual is expected to perform analysis on-site at critical infrastructure locations and immediately assess potential vulnerabilities requiring further investigation. 

Supervisory Responsibilities: This position could be responsible for leading projects as assigned, and could involve the training and supervision of graduate students. 

JOB FUNCTIONS OR RESPONSIBILITIES:  

75%          Database and application development activities including the design, construction and maintenance of custom database-driven solutions, technical support and training for application end-users and frequent communication and close cooperation with project members and sponsor.

15%          Participate in other ETVM project work, including threat analysis, cybersecurity assessments and validations, or incident handling.

10%          Contribute to conferences and meetings; participate in marketing calls on clients; give talks and lectures as appropriate

100% TOTAL EFFORT

ORGANIZATIONAL CHART: Networked Systems Survivability Program, Director < Cyber Enterprise and Workforce Management, Technical Director < Enterprise Threat and Vulnerability Management, Technical Manager < Cybersecurity Assessments and Validation, Team Lead < Cybersecurity Solutions Developer

Position Summary:  The goal of the Enterprise Threat and Vulnerability Management (ETVM) team is to assist organizations in improving their security posture and incident response capability by researching technical threat areas; developing information security assessment methods and techniques; and providing information, solutions and training for preventing, detecting, and responding to illicit activity. ETVM team members are domain experts in insider threat and incident response, and team capabilities include threat analysis and modeling; development of security metrics and assessment methodologies; and creation and delivery of training, courses, and workshops.

The selected individual will participate in the examination, analysis, documentation, modeling, and assessment of insider threat and electronic crime activity and information security risks to critical infrastructure systems. The selected individual will analyze technical and behavioral issues of insiders, and examine privacy concerns regarding organizational practices for identifying and mitigating insider threats.  The individual will work as a member of collaborative project teams in researching and implementing one or more projects composing these studies. This position will involve close work with customers from a variety of organizations, including government agencies and critical infrastructure providers.

Minimum Qualifications and Requirements:

Education/Training:  BS in computer science, software engineering, information systems, or a related technical field with five (5) years experience or equivalent; MS in computer science, software engineering, information systems, or a related technical field.

Experience:  Experience in research in a field relevant to insider threat or experience as a system/network administrator or information systems analyst..

Skills/Abilities:  Basic knowledge of scientific research and design methodologies; broad understanding of network, database and application security issues; knowledge of privacy, intellectual property, technology, and legal issues; ability to apply reasoning and problem-solving skills to conduct analytical studies and investigations; understanding of information technology and telecommunications systems; strong oral and written communications skills and ability to interact effectively with technical and non-technical audiences, as well as present in front of small and large groups; participate in external customer and sponsor meetings; reasoning and problem-solving skills; ability to work independently with limited supervision; ability to recognize and deal appropriately with confidential and sensitive information; participate in conferences and meetings; contribute to customer presentations and technology transfer activities; strong interest in security analysis R&D; ability to create instructional materials and conduct training; effective time management skills; and strong problem solving skills.

Mobility:  Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites & various critical infrastructure sites.

Environmental Conditions:  Close contact with CRT for extended periods of time.

Mental:  Ability and interest in addressing security issues in a holistic manner, addressing both organizational and technical policies and practices; as well as behavioral and organizational issues; ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.

Other:  Candidate must be a US citizen, have the ability to pass a background investigation, and obtain a Top Secret / SCI security clearance.

Preferred Qualifications and Requirements:

Education/Training:  MS in computer science, software engineering, information systems, or a related technical field with at least three (3) years experience preferred;  Knowledge of intellectual property or technology law. Certified Information Systems Security Professional (CISSP) or similar certification is desired.

Experience:  Experience working in or with the DOD, intelligence community, or law enforcement in a classified environment; experience in both physical and cyber security; experience in auditing or conducting assessments; working in a team environment on collaborative projects in critical infrastructure sectors involving network, system or data security; experience employing software engineering techniques in designing and developing distributed, secure software, and experience with / knowledge of any of the following: system administration; networking; firewalls, intrusion detection systems, and other security technologies; application development/programming; relational databases; experience working with law enforcement and the intelligence community.

Skills/Abilities: Working knowledge of network security/survivability; demonstrated ability to prepare papers and presentations for technical and non-technical audiences; knowledge of and experience with sound software engineering practices and best practices for information security; working knowledge of systems dynamic modeling techniques and modeling applications and tools; experience with statistical techniques; project management experience; leadership and mentoring skills.

Other: Current TS or TS/SCI clearance preferred.

Accountability:  The individual will implement and participate in the planning and execution of projects leading to technical results (this may include the detailed examination and analysis of law enforcement or classified case files). The individual will also contribute to project, department, or program objectives and planning document development. The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction:  The individual is expected to act independently using CMU, SEI, and NSS defined policies, practices, and procedures – within the scope of assigned work, and to adhere to any additional sponsor-specified requirements related to the projects involved.

Decisions: The individual must make sound technical decisions with little supervision. The individual must accurately represent the program in interactions with customers, sponsors, and the public. The individual is expected to perform analysis on-site at critical infrastructure locations and immediately assess potential vulnerabilities requiring further investigation.

Supervisory Responsibilities:  This position could involve the training and supervision of graduate students as well as serve in a mentor role for new employees. 

JOB FUNCTIONS OR RESPONSIBILITIES:

60%    Participate in the examination, analysis, documentation, modeling, and assessment of insider threat and electronic crime activity (in the form of criminal case files, media reports, court transcripts, and other); examine cases and data on secure information technology risks and problem areas and propose mitigation alternatives.

30%    Participate in the development and delivery of security analysis and risk assessment approaches with customers and partners; participate in research, analysis, and documentation of physical/cyber security vulnerabilities at critical infrastructure sites.

10%    Contribute to conferences and meetings; participate in marketing calls on clients; give talks, lectures and workshops as appropriate.
100% TOTAL EFFORT

ORGANIZATIONAL CHART: Networked Systems Survivability Program, Director < Cyber Enterprise Workforce Management (CEWM)t, Technical Director < Enterprise Threat & Vulnerability Management (ETVM), Technical Manager < Enterprise Threat & Vulnerability Management (ETVM), Technical Team Lead < Enterprise Threat & Vulnerability Management (ETVM), Insider Threat Researcher
 

Position Summary: The goal of the Enterprise Threat and Vulnerability Management (ETVM) team is to assist organizations in improving their security posture and incident response capability by researching threat areas; developing information security assessment methods and techniques; and providing information, solutions and training for preventing, detecting, and responding to illicit activity. ETVM team members are domain experts in threat analysis, cybersecurity assessments and incident response. Team capabilities include threat analysis and modeling; development of security metrics and assessment methodologies; and creation and delivery of training, courses, and workshops. The selected individual will participate in two principal areas of work in ETVM: performing security assessments for US Government agencies and industry representatives, and researching and developing new assessment tools. Security assessments entail conducting on-site technical assessments, pre- and post-assessment analysis, preparation of technical reports and briefings to customers. Research includes development of tools, scripts, methodologies and other assessment products for vulnerability assessment, penetration testing, and assessing operational threats.

Minimum Qualifications and Requirements:

Education/Training: BS in computer science, software engineering, information systems, or a related technical field with eight (8) years’ experience or equivalent.

Experience: Experience as a system or network security tester, software engineer, information systems security analyst or similarly technical occupation.

Skills/Abilities:  System administration and network administration skills and familiarity with Windows, UNIX, LINUX operating systems; knowledge of TCP/IP networking and standard protocols (FTP, SMTP, HTTP, SNMP, etc.); knowledge of common attack methodologies; common types of security vulnerabilities; proficiency in the use of manual and automated techniques for scanning and enumeration, vulnerability discovery, and penetration testing of networks, applications, operating systems, databases, and email systems; proficiency in the use of spreadsheets and word processing; proficiency in the use of relational databases, web servers, web app platforms and web services; development using Java, Python, Ruby, Perl, SQL (MySQL, Oracle), XML, C/C++, Javascript and/or other scripting languages; working knowledge of network security and survivability/resiliency issues; ability to conduct analytical studies on large amounts of data; outstanding written and oral communication skills; demonstrated ability to prepare papers and presentations for technical and non-technical audiences; reasoning and problem-solving skills; ability to work independently with limited supervision; ability to recognize and deal appropriately with confidential and sensitive information; participate in conferences and meetings; contribute to customer presentations and technology transfer activities; strong interest in vulnerability assessment R&D; ability to create instructional materials and conduct training.

Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites & various critical infrastructure sites.

Environmental Conditions: Close contact with CRT for extended periods of time.

Mental:  Ability and interest in addressing security issues in a holistic manner, addressing both organizational and technical policies and practices; as well as behavioral and organizational issues; ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; ability to understand information security risks associated with vulnerability and penetration testing; ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.

Other: Candidate must have the ability to pass a background investigation, obtain a Top Secret security clearance, and be a US citizen.

Preferred Qualifications and Requirements:

Education/Training: MS in computer science, software engineering, information systems, or a related technical field with at least five (5) years’ experience preferred or BS in computer science, software engineering, information systems, or a related technical field with five (5) years’ experience or equivalent.

Licenses: Technical certifications such as CEH, ISRM, OSCP, GPEN or CPT.

Experience:  Experience working in or with the DOD, intelligence community, or law enforcement in a classified environment; experience in both physical and cyber security; experience in auditing, conducting assessments, or penetration testing; experience assessing the security of databases, web applications, wireless, DLP, SCADA and/or network infrastructure; working in a team environment on collaborative projects in critical infrastructure sectors involving network, system or data security; experience employing software engineering techniques in designing and developing distributed, secure software; experience leading technical project teams and interfacing with customers; experience making presentations to large or high level audiences.

Skills/Abilities:  Working knowledge of network security/survivability; knowledge of and experience with sound software engineering practices and best practices for information security; working knowledge of systems dynamic modeling techniques and modeling applications and tools; experience with statistics; project management experience; leadership and mentoring skills; working knowledge of social engineering techniques.

Accountability: The individual will implement and participate in the planning and execution of projects leading to technical results (this may include the detailed examination and analysis of law enforcement, federal agency, or classified casefiles). The individual will also contribute to project, department, or program objectives and planning document development. The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction: The individual is expected to act independently using CMU, SEI, and NSS defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual must make sound technical decisions with little supervision. The individual must accurately represent the program in interactions with customers, sponsors, and the public. The individual is expected to perform analysis on-site at critical infrastructure locations and immediately assess potential vulnerabilities requiring further investigation.

Supervisory Responsibilities: This position could be responsible for leading projects as assigned, and could involve the training and supervision of graduate students.

JOB FUNCTIONS OR RESPONSIBILITIES:

50%      Perform onsite security assessments. Travel to customer sites is required.

40%      Participate in the development and delivery of security analysis and risk assessment approaches with customers and partners; participate in research, analysis, and documentation of physical/cyber security vulnerabilities at critical infrastructure sites.

10%      Contribute to conferences and meetings; participate in marketing calls on clients; give talks and lectures as appropriate.

100% TOTAL EFFORT

ORGANIZATIONAL CHART: Networked Systems Survivability Program, Director < Cyber Enterprise and Workforce Management, Technical Director < Enterprise Threat and Vulnerability Management, Technical Manager < Cyber Security Assessments and Validation, Team Lead < Risk & Vulnerability Assessment Security Analyst

This position is located in Pittsburgh, PA or Arlington, VA.

Position Summary:  The goal of the Enterprise Threat and Vulnerability Management (ETVM) team is to assist organizations in improving their security posture and incident response capability by researching threat areas; developing information security assessment methods and techniques; and providing information, solutions and training for preventing, detecting, and responding to illicit activity.  ETVM team members are domain experts in threat analysis, cyber security assessments and incident response.  Team capabilities include threat analysis and modeling; development of security metrics and assessment methodologies; and creation and delivery of training, courses, and workshops. 
 
The Senior Solution Architecture Specialist will be considered a deep subject matter expert within the solutions architecture discipline. The selected individual will be assisting in the creation of multiple reference architecture solutions designated for implementation with the federal civilian agency community.  The reference architectures will conform to architecture security standards, federal regulations, and industry best practices. The work is multidimensional in nature and the selected individual needs both understanding in the technology, and the government needs behind the technology. The ability to work in a small group environment with other architects, as well as understand and critique designs from commercial venders and government agencies is critical.  The selected individual will also participate in other team projects which entail conducting on-site technical assessments, pre- and post-assessment analysis, preparation of technical reports and briefings to customers.  Research includes development of tools, scripts, methodologies and other assessment products for insider threat, vulnerability assessment, penetration testing, and assessing operational threats.

Minimum Qualifications and Requirements:

Education/Training:  MS in computer science, software engineering, information systems, or a related technical field with eight (8) years of experience or BS in computer science, software engineering, information systems, or a related technical field with ten (10) years’ experience or equivalent.

Experience:  Proven work experience as well as demonstrated success in designing, implementing, and deploying applications level Infrastructure solutions to support global and substantial practical experience as well as applied knowledge of general infrastructure components and techniques. Must be more than capable of providing professional advice and guidance to other government agencies.

Skills/Abilities: Possess the ability to integrate existing technology, as well as drive new technologies into an architectural design for a given system or systems; familiar with general architecture, operations, and deployment methodologies and techniques (e.g.: TOGAF, Zachman, ITIL, MOF, etc.); system administration and network administration skills and solid understanding of Windows, UNIX, LINUX operating systems; knowledge of TCP/IP networking and standard protocols (FTP, SMTP, HTTP, SNMP, etc.); solid understanding of networking technologies, including switches, routers, firewalls, proxy servers, etc.; proficiency in the use of  spreadsheets and word processing; working knowledge of network security and survivability/resiliency issues; ability to conduct analytical studies on large amounts of data; outstanding written and oral communication skills; demonstrated ability to prepare papers and presentations for technical and non-technical audiences; reasoning and problem-solving skills; ability to work independently with limited supervision; ability to recognize and deal appropriately with confidential and sensitive information; participate in conferences and meetings ; contribute to customer presentations and technology transfer activities; strong interest in emerging technologies research and development; ability to create instructional materials and conduct training.

Mobility:  Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites & various critical infrastructure sites.

Environmental Conditions:  Close contact with CRT for extended periods of time.

Mental: Ability and interest in addressing security issues in a holistic manner, addressing both organizational and technical policies and practices; as well as behavioral and organizational issues; ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; ability to understand information security risks associated with vulnerability and penetration testing; ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.

Other:  Candidate must have the ability to pass a background investigation, obtain a Top Secret security clearance, and be a US citizen.

Preferred Qualifications and Requirements:

Education/Training:  MS in computer science, software engineering, information systems, or a related technical field with at least eight (8) years’ experience preferred or BS in computer science, software engineering, information systems, or a related technical field with ten (10) years’ experience or equivalent.

Licenses:  CISSP

Experience:  Experience working in or with the DOD, intelligence community, or law enforcement in a classified environment; experience in both physical and cyber security; comprehensive experience in auditing, conducting assessments, or penetration testing; ability to translate technical findings into risk assessments and suggest mitigations via technology, policy or business process; working in a team environment on collaborative projects in critical infrastructure sectors involving network, system or data security; experience employing software engineering techniques in designing, developing and testing distributed, secure software; experience leading technical project teams and interfacing with customers; publications or presentations that improve the state of the practice of information security; experience making presentations to large or high level audiences.

Skills/Abilities:  Working knowledge of network security/survivability; knowledge of and experience with sound software engineering practices and best practices for information security; working knowledge of systems dynamic modeling techniques and modeling applications and tools; experience with statistics; project management experience; leadership and mentoring skills; working knowledge of social engineering techniques.

Other: Current TS or TS/SCI clearance preferred.

Accountability:  The individual will implement and participate in the planning and execution of projects leading to technical results (this may include the detailed examination and analysis of law enforcement, federal agency, or classified case files).  The individual will also contribute to project, department, or program objectives and planning document development.  The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction:  The individual is expected to act independently using CMU, SEI, and NSS defined policies, practices, and procedures – within the scope of assigned work.

Decisions:  The individual must make sound technical decisions with little supervision.  The individual must accurately represent the program in interactions with customers, sponsors, and the public.  The individual is expected to perform analysis on-site at critical infrastructure locations and immediately assess potential vulnerabilities requiring further investigation. 

Supervisory Responsibilities:  This position could be responsible for leading projects as assigned, and could involve the training and supervision of graduate students. 

JOB FUNCTIONS OR RESPONSIBILITIES:
50%   Creation of reference architecture solutions designed for implementation within the federal civilian agency community.

25%    Perform onsite cyber security assessments; participate in the development and delivery of assessment methodology, participate in research, analysis, and provide technical validation of physical/cyber security vulnerabilities contained within ETVM assessment reports.

15%     Develop in a virtual lab environment reference architectures used to validate critical security technical controls and best practices.

10%     Contribute to conferences and meetings; participate in marketing calls on clients; give talks and lectures as appropriate.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  Networked Systems Survivability Program, Director < Cyber Enterprise and Workforce Management, Technical Director < Enterprise Threat and Vulnerability Management, Technical Manager < Cyber Security Assessments and Validation, Team Lead < Senior Solution Architecture Specialist    

Position Summary:  As a member of CERT’s Workforce Development Program, the candidate will work with other team members in developing cyber-security and cyber-forensics training exercises and simulations—largely for US Government customers. This involves interacting directly with customers, gathering training requirements and objectives, producing and executing creative and engaging exercise scenarios, and building supporting physical and virtualized systems and network topologies. As such, the candidate will work regularly with a wide range of software and hardware technologies within CERT Labs. The candidate will also assist in developing and teaching cyber security and cyber forensics training content to external customers. He/she will be expected to work well in a collaborative team environment, while also being self-directed and motivated in accomplishing tasks and solving problems. Additionally, the position requires the candidate to have effective leadership/management abilities as he/she will oversee and direct the activities of graduate student assistants.

The successful candidate must be self-directed, have an interdisciplinary approach to problem solving, and work well communicating technical information to technical and non-technical users. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner.

Minimum Qualifications and Requirements:

Education/Training:  BS in Computer Science, Information Science, or related discipline with eight (8) years applicable working experience in information technology.

Licenses:  CISSP, Network+, Security+ and/or other industry standard certifications are highly desirable.

Experience:  Successful candidates must possess “hands-on” experience with Computer/Network Security and I.T. system and network administration. Additionally, he/she must have practical experience with Windows server and desktop platforms and Linux/Unix operating systems. The individual must possess knowledge/experience in network design and troubleshooting and have deep knowledge of standard networking protocols. Additionally, demonstrated practical experience working with common commercial and open-source cyber security tools is required. The candidate should have experience teaching technical content to students, peers, and non-technical individuals and must enjoy doing so.

Skills/Abilities: Candidate must be able to prioritize workload and complete deliverables on time, have good technical problem-solving skills, strong analytical and information organization skills, excellent oral and written communication skills, and strong technical teaching skills. Candidate must be able to multitask and work effectively with multiple project teams and sponsors/customers. Experience with virtualization technologies, particularly VMWare ESX server is highly desired. Programming experience in C, C++, C#, and Java is also desirable but not required.

Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel to customer sites.

Environmental Conditions: Close contact with computer for long periods of time.

Mental: Ability to pay close attention to detail, meet deadlines, work under pressure, and communicate effectively.

Other:  Candidate must be able to pass a background investigation, obtain a security clearance, and be a U.S. citizen.

Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science, Information Science with at least five (5) years of applicable working experience in information technology with emphasis in cyber security.

Experience: Strong teaching or direct delivery training experience; proficiency with a variety of operating systems and detailed technical experience with large networks and telecommunications.

Skills/Abilities: Strong presentation/platform skills and excellent writing skills.

Accountability: The incumbent is accountable for the definition, creation, and maintenance of final deliverables and products.

Direction: The incumbent is expected to act independently using CMU and SEI defined policies, practices, and procedures.

Decisions: Required to design, develop, pilot and deliver products. Required to accurately represent NSS and its technical work in interactions with customers, sponsors, and the public.

Supervisory Responsibilities:  Supervises student interns.

JOB FUNCTIONS OR RESPONSIBILITIES:

35%  Design and develop technical documents and instructional materials.

35%  Install/configure hardware and software including promising new technologies that require examination for information security and assurance research and development.

15%  Deliver technical and management training to customers.

10%  Mentor, guide and interact with team and other staff.

5%    Contribute to transition planning and strategy.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  Manager, Networked Systems Survivability Program > Technical Director, Enterprise Workforce Development > Technical Manager, Workforce Development > MTS C Team
 

Position Summary:  The CERT® Program is part of the Software Engineering Institute (SEI), a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. CERT engages in cutting-edge research and development in computer security. The CERT Digital Investigation and Intelligence Directorate (DIID) group help forensic incidents; develop tools and techniques and supply training for law enforcement community. As a member of DIID team, the selected candidate will be responsible for design, deploy and administering commodity systems as well as operating specialized networking equipment and hardware. The candidate will also support operational users and developers by using the test-bed to verify engineering scenarios, prepare data-sets, and creating automation infrastructure for testing and deploying applications and mobile network appliances.

Minimum Qualifications and Requirements:

Education/Training: BS in computer science, software engineering, computer engineering, or a related quantitative field of study with eight (8) years of applicable experience.

Experience: Experience as a network/system administrator for a heterogeneous Windows and various UNIX TCP/IP networked infrastructure in a professional environment required. At least four of the eight years relevant experience maintaining and evolving a network for the same organization. Hands on experiences on switches, firewalls routers and virtualized environments.

Skills/Abilities: Ability to deal with software and network systems integration at various levels (service design, deployment, maintenance). Strong hands-on knowledge in the configuration, securing, and troubleshooting of network devices, LAN switching technologies, firewalls, VPNs, routing protocols, Linux/UNIX based network services, and monitoring/maintaining all of these to ensure their continued secure operation is required. Excellent written and verbal communication skills. Ability to work effectively without close supervision. Capable to  attend customer meetings and respond to customer requirements.

Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel up to 20% to customer sites.
   
Environmental Conditions: Close contact with computer for extended periods.

Mental: Ability to work meticulously with careful attention to detail; ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort; ability to quickly learn new procedures, techniques, approaches, etc.

Other:  Candidate must be able to pass a background investigation, obtain a TS security clearance, and be a US citizen.

Preferred Qualifications and Requirements:

Education/Training: MS in computer science, software engineering, computer engineering, or a related quantitative field of study with five (5) years of applicable experience.

Accountability:  Develop and implement project technical documentation.  Contribute to program objectives and plans development.  Keep in confidence sensitive information such as security, and site-specific information.

Direction:  Regular interaction with supervisor.  Expected to act in accordance with SEI and NSS program procedures and policies, such as those involving product development, team interaction, and confidentiality.

Decisions:  Must accurately represent the program in interactions with customers, sponsors, and the public.  Participate in conferences and workshops where security-related issues are discussed as required.

Supervisory Responsibilities:  May supervise students.

JOB FUNCTIONS OR RESPONSIBILITIES:

40%    Install/configure hardware and software including promising new technologies that require examination for information security and assurance research and development.

40%    Design and Deploy Networking infrastructure physical or virtual environment deployment.

10%    Design and develop technical documents and instructional materials.

10%    Deliver technical and management training to customers.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  Forensic Engineering Technical Manager, THIS POSITION

Position Summary:  The person in this position is a member of CERT Information Services, which develops and disseminates information, in a variety of forms, about internet security and the work of the CERT® Program. The position is primarily responsible for the development and production of information for both technical and non-technical audiences and for sponsors. The individual must work effectively in a team environment to design, write, edit, and format high-quality print documents and web pages that take into account usability, readability, and the needs of our audiences. The responsibilities lean toward editing for and advising technical authors, closely followed by updating several websites. The person in this position must be able work collaboratively with a wide variety of people both inside and outside the SEI, including major CERT customers and staff of other SEI programs. The individual must respond quickly and with composure to rapidly changing priorities, manage multiple projects concurrently, and follow various internal procedures and standards, as well as use a variety of desktop publishing applications, and accommodate various technologies when updating websites.

CERT Information Services is part the Technical Communications group at the Software Engineering Institute (SEI), which is operated by Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Program engages in cutting-edge research and development in internet security. The program also engages in a variety of activities to  ensure that software developers, internet security experts, network and system administrators, and others are able to resist, recognize, and recover from attacks on networked systems.

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s degree or equivalent in a communications-related major and eight (8) years of experience, training in online communication and technical document development; or an equivalent combination of training and work.

Experience:  Five (5) years of experience working collaboratively on publications in a technical field, including self-managing multiple writing tasks simultaneously, acting as a consultant and/or co-writer with technical authors, substantive editing, copyediting, desktop publishing, and web page development. Experience with Microsoft Office applications.

Skills/Abilities:  Strong writing, rhetorical analysis, document planning, substantive editing, and copyediting skills; strong organizational, time management, and interpersonal skills. Proven ability to work effectively in a team environment with technical experts, professional writers, graphic designers, managers, and support staff. Proven ability to handle multiple tasks, respond to shifting priorities, meet deadlines, and pay attention to details. Ability to work with minimal supervision and participate in team decision-making. Problem-solving ability. Poise while interacting with a variety of individuals. Ability to remain calm under pressure.

Mobility:  Normal sedentary position with some mobility, i.e., able to travel throughout the SEI facilities and to various campus locations.

Environmental Conditions: Office setting, possibly shared with another staff member. Contact with CRT and use of keyboard for prolonged periods. Occasional need to be available for editorial and web support outside of regular business hours.

Mental:   Discretion - the ability to keep sensitive information confidential. Flexibility - the ability to adapt quickly to changes in the work environment, new computing environment, and shifting and competing priorities. Problem-solving ability. Poise while interacting with a variety of individuals. Commitment to quality and to customer service, and a willingness to be a strong advocate for the reader.

Other:  Must be able to pass a background check investigation and be a U.S. citizen.

Preferred Qualifications and Requirements: 

Education/Training:  Master’s degree in technical writing-related degree program and training or five (5) years experience in the use of the UNIX operating system and Microsoft products. Substantial experience in web page design and development. Ability to troubleshoot formatting problems in Word, PowerPoint, and HTML files. Familiarity with basic principles of document layout and online communication.

Experience:  Experience with print and online documents. Experience working in a team environment, in particular collaborating on communication pieces with content experts and editors, preferably the software engineering or internet security domains in an academic or technical research setting.

Skills/Abilities:  Expertise in technical communication principles for print and for online reading and understanding of the differences. Ability to recast materials for web audiences. Familiarity with linguistic principles and basic principles of document design. Ability to perform substantive editorial reviews of technical material. Ability to estimate and track effort for communication products and to manage small-scale projects.

Accountability:  Responsible for the clarity, usability, and readability of reports, other technical and non-technical documents, and web pages. Responsible for planning and tracking work and meeting competing/changing deadlines. Responsible for eliciting and managing required information, negotiating schedules with collaborators, and managing review and revision activities.  Responsible for ensuring that documents, web pages, and presentations meet the needs of the audience, that they meet usage and style standards set by style guides and policy, that they conform to current templates, and that they have no formatting or typographical errors. Expected to troubleshoot problems with minimal supervision. Responsible for ensuring that content is consistent among presentations and documents on similar topics, revising as necessary and propagating revisions to appropriate information archives.

Direction:  Expected to act independently, with minimal supervision, while following policies and general guidelines of the SEI and CERT. Policies and procedures that must be followed include those for keeping sensitive information confidential.

Decisions:  Sets priorities based on project requirements. Makes audience-related and editorial decisions regularly. Participates in team planning and decision-making activities. Determines and manages schedule. Expected to adjust project plans to meet special requests from management, and to meet communication needs resulting from an internet security emergency.

Supervisory Responsibilities:  Contribute to hiring decisions about work-study students and temporary employees who assist the Information Services Team. May be called upon to supervise students and to cover the responsibilities of the team leader in the leader’s absence.

JOB FUNCTIONS OR RESPONSIBILITIES:

70%      Writing, editing, formatting, and proofreading publicly available information and restricted-access information about Internet security and the activities of the CERT Program. These responsibilities also include collaborating with subject matter experts or other technical communicators on document development and editing, understanding audience needs and the author’s goals, eliciting and clarifying content, and performing reviews. Information may be in print or online.

20%      Writing and updating procedures relating to work of the Information Services Team. Desktop
publishing, web page updates, web page and document quality reviews, file conversion.

10%      Participating in Information Services activities, including team planning, scheduling, tracking, and decision making. Meet with authors, collaborators, and colleagues in SEI Communication and the larger Program Development and Transition group.

100%      TOTAL EFFORT

ORGANIZATIONAL CHART:  Program Development and Transition Director < SEI Technical Communications Manager < Senior Editor

Position Summary:  Responsible to the Director, Program Development Transition (PDT), through the Government Program Development Team Lead, for identifying, qualifying and developing opportunities for the Federal Government customer portfolio, including:  Establish strategic business development goals and objectives for the SEI's Government Program including customers from DoD, Intelligence Community and non-DoD Federal agencies; establishment of prioritized multi-year targets for business development; development and implementation of action plans to achieve business development goals and objectives; represent SEI products and services at relevant forums, seminars, technical programs and trade shows; participate in technical and professional associations; keep informed about developments in the government, military, and economic, scientific, political, and industrial fields as they apply to SEI products and services as well as future marketing plans; coordination of business development action plan implementation with program development teams to ensure achievement of business development goals and objectives consistent with initiative program plans and technical objectives.

As a Government Business Manager for specifically assigned DoD, Intel and Civil Agency customers, responsible to the Director, PDT through the Government Program Development Team Lead for:  Management of all customer life-cycle activities for specifically assigned customers, including initial contact, customer qualification, proposal development, contract negotiations, work plan development, budget management, and deliverables; all marketing and contractual issues as the primary SEI point of contact for assigned customers, including understanding assigned customers, their organizations, associated culture, and their technical needs and funding status for the effective management and delivery of current work, development of additional work scope, and, when necessary, resolution of customer related problems; building teams whose impact is far greater than the sum of their parts, and creating a confident and winning atmosphere while energizing and motivating others; interfacing with the SEI technical programs to ensure their understanding of customer requirements, objectives, delivery time lines and customer expectations; interfacing with the SEI financial and business operations to provide oversight, control and management of customer funding; achieving established annual SEI funding objectives. 

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s Degree in Engineering, Science, Business or equivalent work experience.

Experience: Ten (10) years of progressively responsible experience in business development, acquisition and/or project management activities relating to technical products and services areas across the Federal Government. The successful candidate must have a proven and successful track record of creating and building business in a high-technology area, working with established business processes. The candidate must also understand the customer-related issues and know how to handle the typical problems of Federal Government and contractor base organizations.

Skills/Abilities: Must have management skills and the ability to work with government programs and industrial organizations at the senior leadership level. Must have a broad-based understanding of Federal Government organizations and have current and extensive contacts including key decision makers and influencers; must possess the ability to work and influence at all levels within the management hierarchy.  The successful candidate must possess the ability to combine technical aptitude with a business perspective, be comfortable with understanding technical products and services and able to interact effectively with technical staff at the SEI and in customer organizations.  Must have strong written and oral communications skills as well as good interpersonal skills; ability to convey sense of purpose and mission that motivates others.  Essential that the candidate be a solid presenter and very capable of communicating with and in front of internal and external customers including audiences from diverse military, Governmental and academic backgrounds.  Must respond quickly and effectively to changing priorities and possess the ability to work simultaneously on multiple projects.  Must possess excellent analytical, organizational, supervisory, reasoning and problem solving skills.

Physical/Mobility: Normally sedentary with some mobility; i.e. ability to travel to other locations on and off campus. Frequent travel is required. Also must adjust to a work schedule that requires weekend and evening hours.

Environmental Conditions: Position is located in Pittsburgh, PA, or Washington DC SEI offices.

Mental: Must thrive under pressure to meet business development goals and objectives. Must be flexible, have the ability to multi task and meet inflexible deadlines.

Other: Successful candidate must be able to pass a background investigation and qualify to obtain a Top Secret/SCI security clearance. Must be willing to undergo government directed polygraph to maintain clearance.
 

Preferred Qualifications and Requirements:

Education/Training:  Masters Degree in Engineering, Science, Business or equivalent work experience.

Experience:  Fifteen (15) or more years of progressively responsible experience in business development and project management activities relating to technical products and services of large industrial organizations and experience in related areas across the Federal Government specifically as it relates to establishing and growing business opportunities and interfacing with customers.  

Accountability:  Responsible for the development of a balanced portfolio of customers to contribute proportionately to the annual Industry and Government Program Development Team total funding and ceiling objectives.

Direction:  Expected to act in support of the Program Development Transition (PDT) goals and objectives and to coordinate and communicate appropriately with the Directorate Management, Team Leads, and other PDT Business Managers and SEI Technical Staff.  Models, leads and is committed to the SEI mission to advance software engineering and related disciplines to ensure the development and operation of systems with predictable and improved cost, schedules and quality.

Decisions:  Customer qualification for technical work consistent with the SEI Mission and funding objectives with the ability to monitor multiple large scale engagements that bring needed SEI and customer resources to bear when there are exceptions to the project plan.  Customer negotiations for work scope, delivery schedule and cost estimates including working with the technical programs to develop new products and new business opportunities.

Supervisory Responsibilities:  Supervises assigned project support personnel.  Interfaces with SEI Technical Programs, and Business and Financial Services.

JOB FUNCTIONS OR RESPONSIBILITIES:

60%  Strategic planning and business development:  Responsible for managing the life-cycle activities for assigned customers, including but not limited to customer qualifications, proposal development, contract negation, work plan development, budget management, on time commitments, and follow-up to ensure customer satisfaction.

20%  Contract Administration / Program Management:  Work with appropriate SEI staff, responsible for developing appropriate contracting mechanisms and management of contract requirements; tracking and monitoring funding.

10%  Professional Development:  Will be required to expand knowledge to better understand SEI policies, processes, products and services, as well as expanding the Federal Government customer base.

10%  Administration/Travel:  Extensive travel required to customer sites and other venues to meet with current and prospective government clients and collaborators.  Travel may be domestic or international.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  Director, PDT < Team Lead, Government Program Development < Federal Government Business Manager THIS POSITION

Position Summary:  Responsible to the Director, Program Development Transition (PDT), through the Government Program Development Team Lead, for identifying, qualifying and developing opportunities for the Federal Government customer portfolio, including:  Establish strategic business development goals and objectives for the SEI's Government Program including customers from DoD, Intelligence Community and non-DoD Federal agencies; establishment of prioritized multi-year targets for business development; development and implementation of action plans to achieve business development goals and objectives; represent SEI products and services at relevant forums, seminars, technical programs and trade shows; participate in technical and professional associations; keep informed about developments in the government, military, and economic, scientific, political, and industrial fields as they apply to SEI products and services as well as future marketing plans; coordination of business development action plan implementation with program development teams to ensure achievement of business development goals and objectives consistent with initiative program plans and technical objectives.

As a Government Business Manager for specifically assigned DoD, Intel and Civil Agency customers, responsible to the Director, PDT through the Government Program Development Team Lead for:  Management of all customer life-cycle activities for specifically assigned customers, including initial contact, customer qualification, proposal development, contract negotiations, work plan development, budget management, and deliverables; all marketing and contractual issues as the primary SEI point of contact for assigned customers, including understanding assigned customers, their organizations, associated culture, and their technical needs and funding status for the effective management and delivery of current work, development of additional work scope, and, when necessary, resolution of customer related problems; building teams whose impact is far greater than the sum of their parts, and creating a confident and winning atmosphere while energizing and motivating others; interfacing with the SEI technical programs to ensure their understanding of customer requirements, objectives, delivery time lines and customer expectations; interfacing with the SEI financial and business operations to provide oversight, control and management of customer funding; achieving established annual SEI funding objectives. 

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s Degree in Engineering, Science, Business or equivalent work experience.

Experience: Ten (10) years of progressively responsible experience in business development, acquisition and/or project management activities relating to technical products and services areas across the Federal Government. The successful candidate must have a proven and successful track record of creating and building business in a high-technology area, working with established business processes. The candidate must also understand the customer-related issues and know how to handle the typical problems of Federal Government and contractor base organizations.

Skills/Abilities: Must have management skills and the ability to work with government programs and industrial organizations at the senior leadership level. Must have a broad-based understanding of Federal Government organizations and have current and extensive contacts including key decision makers and influencers; must possess the ability to work and influence at all levels within the management hierarchy.  The successful candidate must possess the ability to combine technical aptitude with a business perspective, be comfortable with understanding technical products and services and able to interact effectively with technical staff at the SEI and in customer organizations.  Must have strong written and oral communications skills as well as good interpersonal skills; ability to convey sense of purpose and mission that motivates others.  Essential that the candidate be a solid presenter and very capable of communicating with and in front of internal and external customers including audiences from diverse military, Governmental and academic backgrounds.  Must respond quickly and effectively to changing priorities and possess the ability to work simultaneously on multiple projects.  Must possess excellent analytical, organizational, supervisory, reasoning and problem solving skills.

Physical/Mobility: Normally sedentary with some mobility; i.e. ability to travel to other locations on and off campus. Frequent travel is required. Also must adjust to a work schedule that requires weekend and evening hours.

Environmental Conditions: Position is located in Pittsburgh, PA, or Washington DC SEI offices.

Mental: Must thrive under pressure to meet business development goals and objectives. Must be flexible, have the ability to multi task and meet inflexible deadlines.

Other: Successful candidate must be able to pass a background investigation and qualify to obtain a Top Secret/SCI security clearance. Must be willing to undergo government directed polygraph to maintain clearance.
 

Preferred Qualifications and Requirements:

Education/Training:  Masters Degree in Engineering, Science, Business or equivalent work experience.

Experience:  Fifteen (15) or more years of progressively responsible experience in business development and project management activities relating to technical products and services of large industrial organizations and experience in related areas across the Federal Government specifically as it relates to establishing and growing business opportunities and interfacing with customers.  

Accountability:  Responsible for the development of a balanced portfolio of customers to contribute proportionately to the annual Industry and Government Program Development Team total funding and ceiling objectives.

Direction:  Expected to act in support of the Program Development Transition (PDT) goals and objectives and to coordinate and communicate appropriately with the Directorate Management, Team Leads, and other PDT Business Managers and SEI Technical Staff.  Models, leads and is committed to the SEI mission to advance software engineering and related disciplines to ensure the development and operation of systems with predictable and improved cost, schedules and quality.

Decisions:  Customer qualification for technical work consistent with the SEI Mission and funding objectives with the ability to monitor multiple large scale engagements that bring needed SEI and customer resources to bear when there are exceptions to the project plan.  Customer negotiations for work scope, delivery schedule and cost estimates including working with the technical programs to develop new products and new business opportunities.

Supervisory Responsibilities:  Supervises assigned project support personnel.  Interfaces with SEI Technical Programs, and Business and Financial Services.

JOB FUNCTIONS OR RESPONSIBILITIES:

60%     Strategic planning and business development:  Responsible for managing the life-cycle activities for assigned customers, including but not limited to customer qualifications, proposal development, contract negation, work plan development, budget management, on time commitments, and follow-up to ensure customer satisfaction.

20%     Contract Administration / Program Management:  Work with appropriate SEI staff, responsible for developing appropriate contracting mechanisms and management of contract requirements; tracking and monitoring funding.

10%     Professional Development:  Will be required to expand knowledge to better understand SEI policies, processes, products and services, as well as expanding the Federal Government customer base.

10%     Administration/Travel:  Extensive travel required to customer sites and other venues to meet with current and prospective government clients and collaborators.  Travel may be domestic or international.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  Director, PDT < Team Lead, Government Program Development < Federal Government Business Manager THIS POSITION

Position Summary:  The CERT Program is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Program engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems.

The CERT Network Situational Awareness (NetSA) group supports internal and external government customers by developing cutting-edge analysis techniques and tools for operational use in high-impact environments. This position will help drive customer architecture and system engineering efforts, including system requirements development, system engineering approaches, technology evaluation, prototyping, tool development, deployment guidance and other support to customer network security initiatives. The candidate should have experience providing strategic technical guidance in a network security technology area.

Minimum Qualifications and Requirements:

Education/Training: Bachelor of Science in Information Systems, Information Systems Management or related field with ten (10) years experience, or equivalent; Masters Degree in Information Systems, Information Systems Management or related field with eight (8) years experience, or equivalent.

Experience: Professional experience should include supporting technical decision-making, acquisition and management of large-scale enterprise deployment of network security technologies, including two (2) or more years experience in a technical leadership role. This experience should also include hands-on technical experience as a system administrator, operational security analyst, systems integrator or related role.

Skills/Abilities:  Ability to function in the role of a consultant; planning and organizational skills; strong problem solving skills; excellent oral and written communication skills; ability to work both independently and with teams ; proven ability to research, compare, test and evaluate alternative technical solutions, and communicate the results; broad understanding of network, host and application security issues; expertise in one major network security or network engineering areas: incident handling, network traffic analysis, forensics, vulnerability assessment, network auditing, capacity planning, network architecture, etc; theoretical knowledge of and practical experience with various Internet protocols (e.g., TCP/IP, DNS, SMTP, BGP, TLS); user or implementation level experience with a subset of the following classes of technologies: IDS (e.g., Snort, RealSecure), Networking Monitoring, IPS, SIM/SEM (e.g, ArcSight, eSecurity), network mapping, vulnerability scanners (e.g., Nessus), firewalls, and routers (Cisco).

Mobility: Primarily sedentary in an office setting with some mobility. Flexibility to travel to various locations within the SEI and CMU community, sponsor sites, conferences, and offsite meetings potentially with routine frequency.

Environmental Conditions: Normal office conditions; close contact with computer display for extended periods of time.

Mental: The ability to: work meticulously with careful attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort; develop and communicate innovative ideas; take leadership role in technical projects; and quickly learn new procedures, techniques, and approaches.

Other:  Candidates must be able to pass a background investigation, obtain a DoD TS/SCI security clearance, and be a US citizen.

Preferred Qualifications and Requirements:

Education/Training: Masters Degree in Information Systems, Information Systems Management or related field with eight (8) years experience, or equivalent.

Experience: Practical network security training (e.g. SANS GIAC Level 2 courses, CCNP, CCIE Security).

Skills/Abilities:  Experience working with the government, or within a critical infrastructure sector; experience developing briefing materials for senior leadership within government or industry; history of contributions to the broader information security community; experience deploying or supporting large-scale network security monitoring infrastructures; experience in a variety of network security areas; C/Java/Python development experience in the Unix environment with the ability to apply sound software engineering practices (e.g., documenting code; version control and configuration management; code reviews; and testing); experience in conducting studies analyzing network event streams including quantitative and visual approaches; user and implementation level experience with all of the following classes of technologies: IDS (e.g., Snort, RealSecure), IPS, SIM/SEM (e.g, ArcSight, eSecurity), network mapping, vulnerability scanners (e.g., Nessus), firewalls, and routers (Cisco).

Accountability:  The individual is accountable for capturing the requirements of network security analysts at customer sites, technical papers and non-technical papers for potential customers and technology transition.

Direction:  The individual is expected to act independently using CMU, SEI, NSS, and NetSA defined policies, practices, and procedures – within the scope of assigned work.

Decisions:  The individual is expected to participate in the decision-making and problem-solving processes of designing, building, and operating systems for network security; suggesting and implementing policies and procedures to support these activities; and creating prototype implementations of tools and approaches for situational awareness.

Supervisory Responsibilities:  This position does not formally supervise others. However, the individual will act in a technical leadership or project lead role in regard to specific work products and activities both at CMU and at the customer site.

JOB FUNCTIONS OR RESPONSIBILITIES:

65% Provide direct support to the customer program office in the areas of strategy; process/policies; requirements elicitation; design and architecture; operations; outreach; and training.

20% Enable the transition and appropriate focus of NetSA analysis approaches and tools into operational environments.

15% Design, prototype, and transition tactical analysis studies and tools appropriate for operational use in situational awareness.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  Program Director, CERT < Technical Director, CTVA < Network Situational Awareness (NetSA) Technical Manager < NetSA Senior Security Solutions Engineer

Position Summary: The selected candidate will be primarily responsible for creating or extending high quality Android applications. Design and implement mobile applications for the Android OS based platforms.

 
Minimum Qualifications and Requirements:

Education/Training: Bachelors Degree in Computer Science, Engineering or a related technical discipline with eight (8) years of progressive experience.

Experience: Minimum of 2 years experience developing software for the Android platform. Minimum of 5 years Java programming experience. In-depth familiarity with web-related technology such as J2EE, JSP, SQL, XML, SOAP and HTML. Experience using and manipulating the Android SDK.  Experience in several of the following areas: mobile phone development, socket-level network programming, multi-threaded programming, wired and wireless network protocols, Android GUI design.  Experience with communication protocols, graphics, location-based services.  Experience using Eclipse SDE, ADB shell, deployment and generation of APKs on handsets and emulators.

Skills/Abilities: Demonstrable portfolio of mobile apps (preferably Android).  Must have strong technical skills, and should have very strong Java development experience.  Reasonable grounding in software engineering practices.  Experience architecting and coding C/C++/Java mobile applications.  Familiarity with one or more relational database systems including SQLite, SQL Cipher, and MySQL.  Ability to design, develop, test, analyze, document, and demonstrate software. Experience using programming languages/applications such as C, C++, HTML, 4GL, and DBMS. Demonstrated ability to formulate test plans:  Ability to stay current and provide leadership in the use of the new and emerging technologies and techniques. Ability to resolve complex programming bugs. Considerable knowledge of architecture.  Must have very good knowledge about network protocols: TCP, UDP, HTTP/HTTPS, RTSP.  Proven knowledge and experience with data driven applications and web-based APIs: SOAP, REST, or RSS, and structured data such as XML or JSON. 
 
Mobility: The ability and willingness to travel is required.
 
Environmental Conditions: Usual office setting with extended use of CRT.

Mental: The ability to: work meticulously with careful attention to detail; meet deadlines while working on multiple tasks -- sometimes under pressure and with shifting priorities; work collaboratively, professionally, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort; quickly learn new procedures, techniques, and approaches.
 
Other: US citizenship required; successful candidates must be able to pass a background investigation for a DoD security clearance.

Preferred Qualifications and Requirements:

Education/Training: Masters Degree in Computer Science, Engineering or a related technical discipline with five (5) years of related experience.
 
Experience: Experience with JSR 135 (MMAPI), JSR-75; JSR-234; Android C NDK coding experience; Experience with multimedia and Audio/Video processing.

Skills/Abilities: Knowledge of Scalable UI concepts.

Other: DoD clearance

Accountability: This position is accountable to the System of Systems Practice Initiative Lead and the Mobile Aps Project Lead for work content, quality, and schedule.

Direction: This position operates within broad guidelines from the Project Lead and is expected to exercise reasonable discretion on technical solutions.

Decisions: Technical decisions to support specific research or customer needs. Software design choices and tradeoff decisions among technical alternatives.  Code debugging.

JOB FUNCTIONS AND RESPONSIBLITIES:

55%   Design, develop, test, analyze, document, demonstrate, and deliver high-quality software.

30%   Architect Android Apps and custom views.

10%   Participate on teams for customer software development specific efforts. 

5%     As a member of the Research, Technology, and System Solutions Systems Program, participate in program and initiative planning, review, and reporting  activities.

100% TOTAL EFFORT

ORGANIZATIONAL CHART: Director of Research, Technology, and System Solutions (RTSS) <- System of System Practice Initiative Lead <- Mobile Aps Project Lead <- Program Android Developer

POSITION SUMMARY: The CERT Program is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Network Situational Awareness (NetSA) group supports government customers by developing cutting-edge, network analysis tools and techniques for operational use in high-impact environments.
The NetSA group develops analysis techniques for some of the largest networks in the world. These network monitoring grids store billions of records per day for analysis. NetSA’s cutting-edge analysis techniques are deployed for operational use in several high-impact environments. The analyst will develop new analysis techniques and prototype their software implementation, support customers by preparing analytic reports, prototype new analysis approaches, and take a lead role in preparing research for publication. The successful candidate will have some combination of academic training and real world network or network security experience and be committed to making a global improvement in computer network security. As a member of the technical staff, the individual will be expected to serve as technical lead for the overall design, execution, and documentation of one or more tasks, as well as to serve as a liaison with customers, potential customers, vendors, and the Internet community as a whole.

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s Degree in Computer Science or scientific/technical field with eight (8) years experience. Masters Degree in Computer Science or scientific/technical field with five (5) years experience.

Experience: Professional experience listed above is in network security research and/or operations—the successful applicant will likely have both. Applicants should have a record of significant contribution to the security community, such as academic publication, involvement in open source security tool projects or speaking events at well known security venues.

Skills/Abilities: Capable of conducting analytical studies and investigations of network security data; the ability to work with extremely large data sets; capable of performing original research in network security analysis; experience with scripting and/or programming in a high level language, including participation in sound software engineering (e.g. version control, documentation, etc.); deep understanding of and practical experience with various Internet protocols (e.g., TCP/IP, DNS, SMTP, BGP, TLS); deep knowledge of at least one modern operating system (e.g., Linux, Solaris, Windows 2000/2003/XP/7) ; understanding of network security issues at all protocol layers; understanding of host/operating system security issues; familiarity with all and deep understanding of at least one of the following: IDS, firewalls, SIM/SEM, network and vulnerability scanning, routing; ability to set strategic direction and agenda for a diverse group of developers and researchers; ability to function in the role of a consultant; planning and organizational skills; strong problem solving skills; excellent oral and written communication skills; ability to work both independently and with teams; experience with mathematical programming systems (e.g. R, Mathematica, Matlab); experience with statistics

Mobility: Primarily sedentary in an office setting with some mobility. Flexibility to travel to various locations within the SEI and CMU community, including sponsor sites, conferences, and meetings.

Environmental Conditions: Normal office conditions; loose contact with computer display for extended periods of time.

Mental: Ability to work meticulously with careful attention to detail; ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort, ability to develop and communicate innovative ideas; ability to take leadership role in technical projects; ability to quickly learn new procedures, techniques, approaches, etc.

Other:  Candidate must have the ability to pass a background check investigation, obtain a DOD TS/SCI security clearance, and be a US citizen.

Preferred Qualifications and Requirements:

Education/Training: Ph.D. in Computer Science or scientific/technical field with two (2) years experience.

Experience: Experience working: In a team environment leading collaborative projects with diverse skills and roles; in the public forum of the broader information security community; directly with customers from government and/or industry (multiple critical infrastructure); in exploratory data analysis; in data visualization; in human-computer interface (HCI) design; technical writing 

Skills/Abilities: Statistical hypothesis testing with heterogeneous data; development of analytical methods for large data sets; security-related traffic analysis at the enterprise level or above

Accountability: The individual is accountable for active participation in the overall NetSA R&D effort, producing original publications in network security analysis, mentoring junior analysts and researchers and participating in public speaking engagements, including at remote locations

Direction: The individual is expected to act independently using CMU, SEI, NSS, and NetSA defined policies, practices, and procedures – within the scope of assigned work.

Decisions: The individual is expected to participate in the decision-making and problem-solving processes of strategic research direction and the strategy of transition of research to engineered technology

JOB FUNCTIONS OR RESPONSIBILITIES:

70%  Perform and publish original work in network security analysis, including both work leading to academic publications and focused work to support sponsors.

10%  Contribute to overall strategic direction for a diverse security R&D team

10%  Mentor and guide junior network security analysts

10%  Participate in and/or lead presentations to customers, analyst technical exchanges, training sessions and public speaking engagements

100% TOTAL EFFORT

ORGANIZATIONAL CHART: Manager, Networked Systems Survivability Program > Network Situational Awareness Technical Manager > NetSA Analyst (this position)

POSITION SUMMARY:

The mission of the SEI is to improve the practice of software engineering worldwide. One of the areas that the Research, Technology, and System Solutions (RTSS) Program focuses on is creating and applying methods that increase development efficiency of large-scale software and systems engineering projects.

The successful candidate will be a member of the Architecture Practices team and will contribute to the development and application of approaches that combine architecture-driven and agile practices. The team is responsible for conducting applied research and developing practical methods and materials for improving the rapid, incremental software and system engineering practices. Individual responsibilities include: contributing to development and application of software and system architecture practices, with a current focus on blending agile, testing, and architecture-centric practices; participating on teams for customer-specific efforts; and contributing to publications and presentations as part of the defined technical work plan.
 

Minimum Qualifications and Requirements:

Education/Training: MS degree in software engineering, computer science, or information systems or an equivalent combination of training and experience.

Experience: Five (5)years of experience in software and systems development, including experience in several of the following areas: applying agile practices in a large-scale software development project; applying with first and second generation agile development techniques, such as Scrum or Kanban development; using software architecture as part of system development activities; automated and integration testing activities; and familiarity with system of systems and enterprise architecture concepts.

Skills/Abilities: Knowledge of agile practices, including iteration planning (e.g., sprint and backlog management), unit and acceptance testing, continuous integration, and technical spikes. Ability to architect software-intensive systems. Knowledge of modern software development languages and platforms. Ability to understand the characteristics of different kinds of systems (e.g., embedded systems, systems of systems, and information management systems) and how this influences development approaches. Ability to work effectively with team members, collaborators, and customers. Effective written and oral communication skills.

Physical Mobility: The ability and willingness to travel is required.

Environmental Conditions: Usual office setting, including extended work at a computer screen.

Mental: Ability to meet deadlines and function productively as a team member.

Other:  Successful candidate must be able to pass background investigation.

Preferred Qualifications and Requirements:

Education/Training: PhD degree in software engineering, computer science, or information systems or an equivalent combination of training and experience.

Experience: Experience as listed above, plus: work experience in embedded systems, systems of systems, and/or information management systems; knowledge of lean software development; experience formulating and prosecuting research agendas; and experience working with industry and DoD stakeholders.

Direction: Expected to act independently, with little day-to-day guidance. Expected to also work collaboratively in teams with minimal needed outside facilitation.

Decisions: Determine architecture-centric solution techniques for practical system development problems.  Determine and recommend appropriate technology to use at a customer site in order to solve specific problems. Determine appropriate technical content for published report.

Supervisory Responsibilities: Direct support activities to enable technical work. May direct the activities of work study or graduate student. Lead or co-lead customer efforts or transition project teams.

JOB FUNCTIONS OR RESPONSIBILITIES:

40%  Contribute to technology development in software architecture, with current work focus on blending agile and architecture-centric practices.
  
35%  Participate on teams for customer specific efforts in architecture-centric life cycle practices.

20%  Author publication-quality technical reports and deliver presentations as part of the defined technical work plan.

5%    As a member of the RTSS Program, provide input to the program goals, strategies, and technical direction.

100% TOTAL EFFORT

ORGANIZATIONAL CHART: RTSS Director > Architecture Practices manager > this position

Position Summary:  The mission of the SEI is to improve the practice of software engineering worldwide. One of the areas that the Research, Technology, and System Solutions (RTSS) Program focuses on is creating and applying practices that support the cost-effective use of architecture to develop and evolve systems at all scales.

The successful candidate will be a member of the Architecture Practices team and will contribute to the development of software, system, and system of system architecture practices and their application in real-world settings.  Individual responsibilities include: working in teams to advise customers in the use of architecture practices to identify and solve large-scale development problems; analyzing customer needs throughout the development lifecycle and recommending courses of action; contributing to the development and improvement of architecture practices; using customer experiences to inform and advance an architectural research agenda; and contributing to the technical community through publications and presentations.

The successful candidate will analyze DoD and commercial needs to formulate and prosecute a technical agenda that addresses these needs and will interact extensively with DoD and commercial stakeholders. He or she will have the opportunity to have a seminal and lasting influence on an emerging body of technical research and practice.
 

Minimum Qualifications and Requirements:

Education/Training: MS degree in software engineering, computer science, or information systems or an equivalent combination of training and experience.

Experience: Five years of experience in software and systems development of substantial DoD, government, or industrial systems.

Skills/Abilities: Experience architecting software-intensive systems that includes managing quality attribute concerns (e.g., performance, modifiability, and scalability). Ability to assist with activities across the development lifecycle (including requirements, design, integration, and testing activities) and to effectively leverage architecture concepts in these activities. Ability to analyze customer problems, determine needs, and recommend a course of action. Ability to quickly learn and adapt to new technologies, platforms, and environments. Knowledge of modern software development languages and platforms. Ability to work effectively with team members, customers, and collaborators. Effective written and oral communication skills.

Physical Mobility: The ability and willingness to travel is required.

Environmental Conditions: Usual office setting, including extended work at a computer screen.

Mental: Ability to meet deadlines and function productively as a team member.

Other: US citizenship required; successful candidate must be able to pass background investigation for a DoD security clearance.

Preferred Qualifications and Requirements:

Education/Training: PhD degree in software engineering, computer science, or information systems or an equivalent combination of training and experience.

Experience: Experience as listed above, plus: knowledge of SEI architecture work such as the Architecture Trade-off Analysis Method, Quality Attribute Workshop, and documentation with the Views and Beyond Approach; experience with the design and development of software-intensive systems, systems of systems, or mission-critical systems; and experience working with industry and DoD stakeholders.

Accountability: Estimation and tracking of time for technical tasks.

Direction:  Expected to act independently, with little day-to-day guidance. Expected to also work collaboratively in teams with minimal needed outside facilitation.

Decisions:  Determine architecture-centric solution techniques for practical system development problems.  Determine and recommend appropriate technology to use at a customer site in order to solve specific problems. Determine appropriate technical content for published report.

Supervisory Responsibilities:  Direct support activities to enable technical work. May direct the activities of work study or graduate student. Lead or co-lead customer efforts or transition project teams.

JOB FUNCTIONS OR RESPONSIBILITIES:

55%     Participate on teams for customer specific efforts in architecture-centric life cycle practices.

20%     Contribute to development of architecture practices.
  
20%     Author publication-quality technical reports and deliver presentations as part of the defined technical work plan.

5%       As a member of the RTSS Program, provide input to the program goals, strategies, and technical direction.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  RTSS Director > Architecture Practices manager > this position

Position Summary  The CERT Program is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT® Program engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems. The CERT Malicious Code (MC) group supports government customers by developing cutting-edge, malware analysis tools and techniques for operational use in high-impact environments.

The Senior Malware Solutions Engineer position is a member of the CERT MC team and based in the SEI Ballston office (in the Washington DC area). This position will provide technical leadership to malware analysis systems projects or ongoing malware analysis ops. This support would include system requirements development, technology evaluation, prototyping, tool development, and deployment guidance.

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science, Mathematics, Information Systems, Information Systems Management or related field with ten (10) years experience, or equivalent; or MS with eight (8) years experience.
 
Experience: Professional experience should include experience supporting technical decision-making, acquisition and management of large-scale malware analysis system. Experience with full life-cycle management, from costing, design, deployment, operation, maintenance, and retirement for large-scale systems is desired.

Skills/Abilities:  Ability to function in the role of a consultant; planning and organizational skills; strong problem solving skills; excellent oral and written communication skills; ability to work both independently and with teams; proven ability to research, compare, test and evaluate alternative technical solutions, and communicate the results; broad understanding of network, host and application security issues; expertise in malware analysis; experience in enterprise level transaction systems; experience in enterprise scale storage with a focus on performance; familiarity with various Internet protocols (e.g., TCP/IP, DNS, SMTP, BGP, TLS).

Mobility: Primarily sedentary in an office setting with some mobility. Flexibility to travel to sites in Northern VA (Tysons Corner, Arlington) and Southern Maryland (Fort Meade); locations within the SEI and CMU community, sponsor sites, conferences, and offsite meetings with routine frequency.

Environmental Conditions: Normal office conditions; close contact with computer display for extended periods of time.

Mental:  Work meticulously with careful attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort; develop and communicate innovative ideas; take leadership role in technical projects; and quickly learn new procedures, techniques, and approaches.

Other: Candidates must be able to pass a background investigation, obtain a DoD TS/SCI security clearance, and be a US citizen.

Preferred Qualifications and Requirements:

Education/Training: PhD with five (5) years experience.

Skills/Abilities:  Experience working with the government, or within a critical infrastructure sector; experience developing briefing materials for senior leadership within government or industry; history of contributions to the broader industry or research community; xperience deploying or supporting malware analysis infrastructures; experience in a variety of host and/or network security areas; C/Java/Python development experience in the Unix environment with the ability to apply sound software engineering practices (e.g., documenting code; version control and configuration management; code reviews; and testing); experience in reverse engineering of malware, using disassemble, e.g., IDA pro.

Accountability:  The individual is accountable for:  Capturing the requirements of malware analysts at customer sites and technical papers and non-technical papers for potential customers and technology transition.

Direction:  The individual is expected to act independently using CMU, SEI, NSS, and CERT MC defined policies, practices, and procedures – within the scope of assigned work.

Decisions:  The individual is expected to participate in the decision-making and problem-solving processes of designing, building, and operating systems for malware analysis; suggesting and implementing policies and procedures to support these activities; and creating prototype implementations of tools and approaches for situational awareness.

Supervisory Responsibilities:  This position does not formally supervise others. However, the individual will act in a technical leadership or project lead role in regard to specific work products and activities both at CMU and at the customer site.

JOB FUNCTIONS OR RESPONSIBILITIES:

75%       Provide direct support to the customer program office in the areas of strategy; process/policies; requirements elicitation; design and architecture; operations; outreach; and training.

15%       Enable the transition and appropriate focus of CERT MC analysis approaches and tools into operational environments.

10%       Design, prototype, and transition tactical analysis studies and tools appropriate for operational use in situational awareness.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  Program Director, CERT < Technical Director, CTVA < Malicious Code (MC) Technical Manager < MC Senior Malware Solutions Engineer

Position Summary: We are staffing a small team responsible for researching next generation secure mechanisms, approaches, practices, techniques, and tools.  This team will work with current and emerging technologies to research potential improvements in approaches for identifying and/or mitigating security weaknesses in software and network based systems. 

The individual in this position will be responsible for planning, proposing and accomplishing research on innovative approaches to securing systems and components based on new approaches to software, hardware, or system composition.  We are seeking candidates with a mix of expertise in computing and systems analysis, design, development and operations to support identification of areas with potential for innovative approaches to improving security.

Minimum Qualifications and Requirements:

Education/Training: MS in computer science and eight (8) years of experience.  PhD degree in computer science and five (5) years of experience.

Experience:  Fifteen plus years of progressively responsible experience in a technology- or research-based organization in government, industry or higher education.  At least ten years of successful information security operations and/or research experience including hands-on research, research team leadership and project management.  Possesses comprehensive knowledge across the mission area of the SEI and is able to apply that knowledge in new and unusual environments.  Demonstrated success in formulating and delivering successful research programs and projects.  Demonstrated management experience with responsibility for projects, people, budgets and contracts. 

Skills/Abilities:  Mastery and broad understanding of computer systems, computer security practices and information security evaluation methods.  Mastery of information security field in order to apply experimental theories and new developments to problems not susceptible to accepted methods.  Ability to manage diverse areas and large, complex projects; ability to influence, work with and manage technical staff; able to respond quickly and effectively to changing priorities; excellent analytical, organizational, supervisory, reasoning and problem solving skills; ability to interact effectively with diverse constituencies internally and externally; excellent verbal and written communication skills. Able to synthesize solutions in new and different domains, cultures, and environments from available technologies, publications, and events.
 
Mobility: Normally sedentary with some mobility; ie., ability to travel to other locations on and off campus.  May require some bending, stretching, pushing, as well as lifting up to several reams of paper, etc. 

Environmental Conditions: Work is performed in an office setting.  Close contact with CRT for long periods of time. 

Mental: Ability to meet inflexible deadlines, remain calm during difficult situations, work under pressure and work with frequent interruptions.

Preferred Qualifications and Requirements:

Experience: Research management experience in higher education, government, military, and/or Fortune 100 technology-based organizations is preferred.  Planning and directing/executing specialized programs of marked difficulty, responsibility, and national significance in information security which has demonstrated leadership and unusual attainments in professional, scientific, or technical research.

Skills/Abilities: Has the ability to bring about strategic change, both within and outside the organization.  Has the ability to establish and organizational vision and to implement it in a continuously changing environment.  Leads people toward meeting the organization’s research vision, mission, and goals.

Accountability: This position is accountable to the Technical Director for work content, quality, and schedule.

Direction:  Performs under minimal supervision; all normal duties and responsibilities are handled independently.  Functions within broad precedents and policies as defined by the SEI, Carnegie Mellon, the NSS director, and the SSS technical director. 

Decisions: Plan and carry out research on novel approaches to information security.  Program planning, development of program management strategies, and risk management.  Design and implementation of systems that demonstrate innovative approaches to information security.

Supervisory Responsibilities: May lead teams.

JOB FUNCTIONS OR RESPONSIBILITIES:

50%    Participating with team and client organizations to research, investigate, demonstrate and mature innovative approaches to improved approaches to cyber security

30%    Writing reports, papers and presentations describing research findings

20%    Working with collaborators and customers

100% TOTAL EFFORT

ORGANIZATIONAL CHART: NSS Director < Deputy Director < Chief Scientist

Position Summary:  This position is with the CERT Coordination Center (CERT/CC) at the Software Engineering Institute (SEI) of Carnegie Mellon University. You will support our work with the DoD-DIB Collaborative Information Sharing Environment (DCISE) program at DC3. The DCISE program is a new, innovative, collaborative program developed by the DoD to strengthen the capability of defense contractors to protect contractor networks containing DoD information.

Role: As a Computer Security Information Analyst, you will work closely with DCISE partners, technical analysts, and DoD agencies to strengthen the capability of defense contractors to protect contractor networks containing DoD information. Your primary responsibility will be to review, triage, and analyze incident reports submitted by DCISE partners and provide technical analysis feedback. This feedback may include remediation information, correlation with other known intruder activity, or indicators partners can use to look for similar activity on their network.

In addition, you will have an opportunity to explore new and innovative ways in which SEI's technical competencies and capabilities can be applied to current and future technical challenges faced by the DCISE program. This includes, but is not limited to areas such as malicious code, vulnerability, network traffic, and incident analysis.

Responsibilities:  Review, prioritize, and analyze incident reports from DCISE partners; develop and distribute technical analysis and other feedback; work closely with DCISE partners, technical analysts, and the DoD and other U.S. Government agencies; explore new ways to leverage and apply SEI's expertise to protect the infrastructure of defense contractor and other critical infrastructure; evaluate analytic needs of organization and work to continually improve the tools, processes, and systems used to support the DCISE program.

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science Information Science, Information Systems Management with eight (8) years applicable experience.
 
Experience: Candidate should have strong technical, communication, and problem solving skills.  Candidate should have advanced computer security incident handling and analysis in Windows and Unix/Linux environments and be able to demonstrate knowledge in the following areas: core Internet protocols (e.g., IP, TCP, UDP, BGP, DNS, HTTP, SMTP); common attack methodologies; common types of security vulnerabilities; basic computer security forensics; basic understanding of security vulnerabilities; administering and maintaining a small network; theoretical underpinnings of computer security; communicating complex technical issues to non-technical audiences; understanding and managing risk in large enterprise infrastructures; developing strategies to defend systems and networks from attacks.

Skills/Abilities: Successful candidates will:  possess excellent analytical and technical problem-solving skills; have a strong interest in and possess basic knowledge of network and computer security issues; be able to make decisions independently and in a self-directed manner in support of the goals of the team and organization; be motivated to tackle challenging problems; have excellent organizational skills; be able to work meticulously with careful attention to detail; strong customer service skills; ability to work in a team environment with other team members with variety of skills; ability to work remotely at a customer site with minimal direct supervision; be able to communicate effectively within a team environment; be able to effectively prioritize work; be able to develop and explain technical decisions; recognize and deal appropriately with confidential and sensitive information; interact effectively with technical and non-technical audiences via both verbal and written communications (e.g., technical writing, user guide development, requirements analysis); be able to quickly learn new procedures, techniques, and approaches.

Mobility: Primarily sedentary, long periods of sitting; ability to travel to various locations within the SEI and Carnegie Mellon community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions: Normal office conditions; however close contact with computer for prolonged periods of time.

Mental: Ability to work under pressure and changing priorities; pay attention to detail; meet inflexible deadlines; deal with difficult individuals while maintaining composure.

Other: Candidate must be able to pass a background investigation, obtain a TS/SCI security clearance, be a US citizen, and work full-time at a customer site in the Baltimore/Washington, DC metro area. Candidate will be required to travel on overnight assignments.

Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science Information Science, Information Systems Management with five (5) years applicable experience.

Licenses: Current Information System Security Profession (CISSP) or similar certification is desired.

Experience: Ideal candidates will have experience or substantial knowledge in many of the following areas: Candidates should have 3-5 of experience in security aspects of system and/or network administration in a U.S. government agency or U.S. Defense Contractor environment and/or 5 years of experience as a cyber (technical) analyst in an intelligence, counterintelligence or law enforcement role; experience drafting and formatting technical threat intelligence reports and conduct correlating research using multiple formatted and unformatted data sources; experience developing materials for senior leadership in government or industry; experience developing and implementing information security policies and standard operating procedures; advanced understanding of security vulnerabilities; practical network security training (e.g. SANS GIAC Level 2 courses, CCNP, CCIE Security); advanced forensic or digital media analysis experience.

Skills/Abilities: Preferred candidates will: Manipulate large amounts of data into valuable metrics, trends, and findings; identify patterns and associations between open/closed source data; experience with programming languages such as, but not limited to, Python, Perl, PHP; knowledge of Software Development best practices and SDLC methodology; familiar with databases (plus for distributed databases); have the ability to adjust quickly to shifting priorities and make quick decisions with limited information.

Accountability:  Contributes to program objectives and plans development.  Individual must maintain confidentiality of sensitive information such as security, vulnerability, and site information.

Direction:  Performs under minimal supervision, independent judgment is encouraged. Most normal duties and responsibilities are handled independently with the use of established procedures and policies. Difficult or unique situations are referred to the supervisor. Ability to work directly on-site at a customer location with minimal direct supervision from direct supervisor.

Decisions:  Must accurately analyze data from multiple sources, generate defensible results, and represent them in interactions with customers, sponsors, and the public. Participate in conferences and workshops where security-related issues are discussed as required.

Supervisory Responsibilities:  This position has no supervisory responsibilities.

JOB FUNCTIONS OR RESPONSIBILITIES:

80%    Perform duties as a cyber intelligence technical fusion analyst, incident analyst and technical liaison between CERT and DC3. Review threat data from various sources, including appropriate Intelligence databases, and review incident reports from DIB partners to establish identity modus operandi, and credible threat picture of hackers active in DoD and defense industrial base networks. Correlate data into standardized reports. Develop cyber threat profiles. Produce cyber threat assessments based on entity threat analysis. Coordinate cyber threat tracking with partner and counterpart organizations. Recommend courses of action to DIB partners based on analysis of both general and specific threats, specifically advising DIB partners on steps to take to appropriately defend their networks, detect advanced persistent threat activity, and recover from compromises.. Deliver reports, briefings, and assessments to leadership, facilitating understanding of cyber threat entities and environments. Support information assurance and cyber threat mitigation decision-making.

15%    Working directly with SEI staff supporting the DIB program with incident, vulnerability, or malicious code analysis work.

5%      Developing knowledge and understanding of SEI capabilities; learning how SEI capabilities can be applied to customer problems.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  NSS Program Director < Cyber Threat and Vulnerability Analysis Tech Director < CERT/CC Technical Manager < reports to - DC3 Director of DCISE Operations < liasion to - MTS C Internet Security Analyst

Position Summary: The Senior Member of the Technical Staff of the Intelligence Community Team will be responsible for enabling the Intelligence Community and other organizations to enhance the predictable performance and mission assurance in the acquisition, evolution and operations of software-reliant systems.   Key activities include understanding requirements and key challenge problem;  applying, adapting, integrating, verifying and transitioning the SEI body of knowledge and other bodies of knowledge to maximize impact; creating, applying and codifying new approaches to support customer needs and advance the software engineering state of the practice; and maintaining situational awareness in technical and DoD domains.  The candidate will coordinate closely with technical staff in ASP and other SEI programs to deliver software engineering technical expertise throughout the lifecycle.  The technical staff member will be able to lead and participate in multi-discipline teams in support of the ASP vision and mission.  


Minimum Qualifications and Requirements:

Education/Training: Bachelor's degree in Computer Science, Information Systems, systems engineering, software engineering, acquisition management or equivalent combination of experience and training

Experience: The candidate must have at least ten (10) years experience in software engineering, development or management and/or systems engineering.  Must be knowledgeable of the software engineering and system engineering disciplines as well as understanding the DoD, Intelligence Community or Civilian Agency acquisition processes.   The candidate should have experience building, leading, managing and participating on cross-functional, high technology teams, should be able to operate effectively with all organizations within the software and acquisition communities and be able to interact diplomatically with partners, customers and sponsors.   

Skills/Abilities: Detailed knowledge in at least one core competency of risk management, architecture, performance improvement,  assurance or security

Experience in five or more of the following:  DoD or Civilian Agency software systems acquisition on major programs   (For the purposes of this announcement, our definition of major is at least 100K SLOC of custom developed code, and/or significant integration of COTS/GOTS products); major DoD, Intelligence Community, or Civilian Agency software acquisition policies and directives; enterprise architecture; software architecture development and evaluation; service-oriented architectures; DoD Architecture Framework (DoDAF) or Federal Enterprise Architecture Framework (FEAF); Information Assurance/survivability; risk management; systems engineering on software intensive systems; COTS product integration; definition and application of goals, measurements and metrics; system of systems engineering; requirements development and management; software integration and test and software/hardware integration; deployment of software intensive systems, especially including transition from legacy systems; strong written and verbal communications skills and the ability to present to small and large audiences; proven team leader; experience in organizational change management would be considered a plus; completion of DoD acquisition accreditation levels (SPRDE, Program Management, and/or Test) and attendance at DAU courses   would be considered a plus; intelligence Community Domain knowledge considered a plus.
    
Mobility:  Will be required to travel on overnight assignments.

Environmental Conditions: Usual office setting with extended use of CRT.

Other: Successful candidate must be able to pass a background investigation, be a US citizen and be eligible for a security clearance.


Preferred Qualifications and Requirements:

Education/Training: Master's degree in Computer Science, Information Systems, systems engineering, software engineering, or acquisition management with eight (8) years of experience.

Licenses: Certified DoD Acquisition Professional.  Certified PMP.

Accountability:  The member will be directly accountable for understanding DoD acquisition needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the acquisition community.

Direction:  As a technical staff member, he/she will be expected operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.

Decisions:  Will be required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and encourage the strengths.

Supervisory Responsibilities:  May supervise others.

 

JOB FUNCTIONS OR RESPONSIBILITIES:

85%     Participate as a member or leader of technical teams in support of government acquisition program offices or participate as a member of a technical team performing LENS or line-funded research.  Identify and support the implementation of strategies for the capture and application of learning and knowledge transfer from assignments (e.g. dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries)

10%     Other duties as assigned by the Acquisition Support Program Executive Director, Deputy Director or Chief Engineer.

5%       Serve in an advisory capacity to other SEI technical programs on acquisition or technical issues.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  SEI Director’s Office < Acquisition Support Program Executive Director < Intelligence Community Chief Engineer < Intelligence Community Team: Senior Engineer

Position Summary:  The CERT Program is part of the Software Engineering Institute (SEI), a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. CERT engages in cutting-edge research and development in computer security. The CERT Network Situational Awareness (NetSA) group helps large network operators; and security organizations in the USG distill actionable insights from networks of interest through strategic analysis; and tool and system development.

As a member of the Deployment Team in the CERT NetSA group, the selected candidate will be responsible for assisting users install, operate, and accredit NetSA technology in their environment. The selected candidate will participate in software testing, packaging, and release management. Additionally, the selected candidate will participate and support the development of software tools by developing system level packaging, tests, and documentation. Further, the individual will assist in the management of sponsor related test labs and prototype environments. The candidate will assist in the infrastructure management for these environments and interact with the sponsor to transition projects in and out, and provide project related support as needed.

Minimum Qualifications and Requirements:

Education/Training: BS in computer science, software engineering, or a related quantitative field of study with eight (8) years of applicable experience.

Experience: Applicable experience in the design and implementation of complex, secure, mission critical systems, including experience with; Unix system administration tasks; Unix software packaging systems (e.g. RPM, DEB) and deployment and management of software using Unix software packaging systems; scripting in Unix Shell, especially for automating system administration and software testing tasks; experience with relational database management systems such as Oracle, Postgres or MySQL; experience managing switches, firewalls, and router; xperience managing network security systems; experience providing remote or on-site technical support to external customers.

Skills/Abilities:  Deep familiarity with general Unix operating system concepts, tools, etc.; ability to author technical documentation; ability to apply sound software engineering practices to software quality assurance; excellent written and verbal communication skills; excellent reasoning and problem-solving skills; and ability to work effectively without close supervision.
 
Mobility: Sedentary in an office setting with some mobility, i.e., able to travel to various locations within the SEI and CMU community as well as travel up to 30% to customer sites.

Environmental Conditions: Close contact with computer for extended periods of time.

Mental: Ability to work meticulously with careful attention to detail; ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort; ability to quickly learn new procedures, techniques, approaches, etc.

Other: Candidate must be able to pass a background investigation, obtain a TS/SCI security clearance, and be a US citizen.

Preferred Qualifications and Requirements:

Education/Training: MS in computer science, software engineering, or a related quantitative field of study with five (5) years of applicable experience.

Experience:  Knowledge of Sourcefire IDS, Arcsight, Bivio, and Cloudshield technologies; experience with automated software testing tools; experience with automated software build management tools; experience with scripting in Python, Perl or equivalent scripting environment; experience developing in C; experience with website administration; experience administering security software; experience conducting certification and accreditations for US Government systes; experience with development tools such as: gcc, gdb, automake, autoconf and subversion.

Accountability:  The individual is accountable for the testing and release of software produced by the engineering team, the packaging of that software for deployment at NetSA customer sites, and support of the deployment of that software at NetSA customer sites.

Direction:  The individual is expected to act independently using CMU, SEI, and NSS defined policies, practices, and procedures – within the scope of assigned work.

Decisions:  The individual is expected to participate in the decision-making and problem-solving processes of software testing and supporting the deployment of NetSA software and systems deployed at sponsor sites.

Supervisory Responsibilities:  This position does not formally supervise others. However, the individual may will act in a technical leadership (non-supervisory) role in regard to specific work products and activities, or in regard to student interns, etc.

JOB FUNCTIONS OR RESPONSIBILITIES:

15%    Design, implement, and execute of tests of NetSA software and systems prior to their release; Create and maintain hardware and software platforms to support this activity.

20%    Package and deliver NetSA software and systems to sponsors to include authoring of additional document; building platform-specific packages; and operating of the NetSA tools website.

35%    Assisting the users with the installation; configuration; troubleshooting; provisioning; accreditation; and operation of NetSA technologies to include on-site support; and developing documentation and integration solutions for specific environments.

20%    Provide support to NetSA managed prototype and test lab environments. Interact with sponsor to maintain environment and transition projects in and our of the lab(s). Assist with lab related project work as needed.

5%      Contribute to the broader security community.

5%      Support to SEI IT in managing NetSA production systems.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  Director, Networked Systems Survivability Program < Technical Director, Cyber Threat and Vulnerability Analysis <  NetSA Technical Manager < Network Security Deployment Engineer

Position Summary:The successful candidate will be a member of the Research, Technology, and System Solutions (RTSS) Program and will be assigned to the Edge-Enabled Tactical Systems Research Project in Pittsburgh. This project identifies technical approaches for the use of smart phones and technologies associated with mobile computing in constrained environments – for example, environments with intermittent operation and limited network bandwidth. The project develops and pilots research prototypes that focus on emerging uses of these technologies and their application in DoD contexts. Current research addresses technical challenges associated with user-directed adaptation of applications in the field, filtering large volumes of data, adaptation based on context, and resource optimization. This position will have a major role in setting technical direction, analyzing DoD needs, and formulating and prosecuting a research agenda to address the needs. Because the research will be applied in practical settings, the position will involve extensive interaction with DoD stakeholders. 

Minimum Qualifications and Requirements:

Education/Training: PhD degree in software engineering, computer science, electrical and computer engineering, or information systems or equivalent combination of training and experience.

Experience: Five years of software engineering research with a substantiating publication record; Software architecture and software development experience; Experience with technologies that are relevant for edge enabled systems, such as mobile computing, cloud-based systems, and service-oriented systems; Experience in understanding user needs and transitioning technology to users.

Skills/Abilities: Ability to formulate and prosecute research to address these needs; Ability to collaborate with research team members; Ability to lead research teams; Demonstrated ability to work effectively with external collaborators,  customers, and sponsors; Superior  written, verbal and presentation skills in research, customer,  and instructional settings; Ability to quickly understand new technologies and to refine technical strategies accordingly.

Mobility: The ability and willingness to travel is required.
 
Environmental Conditions: Office setting with extended use of CRT.

Mental: Ability to work under pressure, meet deadlines, work on multiple tasks, and function productively as a team member.

Other: US citizenship required; successful candidates must be able to pass a background investigation for a DoD security clearance.

Preferred Qualifications and Requirements:

Experience: Eight years of research experience, including leadership of a research team in technologies relevant to edge-enabled systems. 

Skills/Abilities: Teching, facilitating, mentoring, and consulting.

Other: DoD clearance.

Accountability: This position is accountable to the Project Lead for work content, quality, cost, and schedule.  

Direction:  This position operates within broad guidelines from the Project Lead and is expected to develop and implement research strategies and plans and act independently.

Decisions:  Technical decisions to support research.  Development of research plans for the architecture, design, development and testing of mobile systems. Design and development of experiments to validate hypotheses. Determination of appropriate statements of work for customer engagements. 

Supervisory Responsibilities:  Will lead teams to accomplish specific technical tasks; may supervise students collaborating on research projects.

JOB FUNCTIONS OR RESPONSIBILITIES:

20%    Defining and developing research strategies and projects.

30%    Leading research teams and/or conducting planned research projects.

20%    Writing and/or presenting research reports, and technical papers.

30%    Working with collaborators and customers applying research outcomes.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  Director of Research, Technology, and System Solutions (RTSS) Program < Edge-Enabled Tactical Systems Project Lead < Research Scientist

Position Summary:  This position is responsible for working with the Software Engineering Process Management (SEPM) Program Director and SEPM leadership/management team to plan, develop and implement research strategies, initiatives, policies and programs that further the mission of SEPM and the SEI.  SEPM enables complex system development through ‘deliberate practice’ directed toward improving measurable performance across the lifecycle.  Successful projects produce secure and reliable products, delivered on time and within budget. The SEPM Chief Scientist/Deputy Program Director will lead the formation of a research agenda for software process performance management and measurement and will help SEPM to establish a national agenda in performance measurement.  The SEPM Chief Scientist/Deputy Program Director will also formulate research goals and objectives, methods, measures, and conditions for superior performance, and then work with appropriate SEI and SEPM initiatives to transition practices for people, teams, and projects in complex systems development environments. 

This position would also require that this candidate serve in the role of a deputy director to the SEPM Director and to the SEPM Program and assist in strategic planning, portfolio management, program management and project management (including but not limited to developing plans/presentations and managing staffing, budgets and schedules) in an integrated team environment.  The SEPM Chief Scientist/Deputy Program will also work closely with the Director of SEPM  to define the SEI’s body of work in performance management and measurement and map it to government customers’ priorities for today and in the future – providing a strategic framework and corresponding prioritized phased execution plan.  The SEPM Chief Scientist/Deputy Program Director will also work closely with the Director of SEPM to team across the SEI to link as appropriate all performance management and measurement related discussion, work, and knowledge and customer deliverables, to ensure leadership world-wide leadership and consistency of approach in this core competency area of work for the SEI.

The position requires an understanding of the technical challenges and emerging trends as well as the potential research opportunities in process and performance management and measurement for industry and government.  Effective formulation and presentation of forward looking ideas will shape a research and development agenda that influences and changes the world of software engineering.

Minimum Qualifications and Requirements:

Education/Training:   PhD degree in a technical field such as computer science, mathematics, information technology, electrical engineering,

Experience: Five years of progressively responsible experience in a technology- or research-based organization in government, industry or higher education.  Five years of experience in the management or development of software intensive projects in a commercial or DOD/government-related environment. Experience in building and managing high technology teams. The candidate must have in-depth knowledge of software and systems engineering.  Demonstrated success in formulating and delivering successful research proposals to the federal government and in leading the resulting projects. Demonstrated record of publications and contributions to the science and technology community.   Demonstrated management experience with responsibility for projects, people, budgets and contracts. 

Skills/Abilities: Mastery and broad understanding of software engineering development and/or management skills as well as experience in measurement approaches and practices.  Able to make decisions and recommendations that significantly change important public policies or scientific programs.  Ability to influence, work with and manage technical staff; able to respond quickly and effectively to changing priorities; excellent analytical, organizational, supervisory, reasoning and problem solving skills; ability to interact effectively with diverse constituencies internally and externally; excellent verbal and written communication skills; computer literacy.

Mobility:  Primarily sedentary in an office setting with some mobility.  Flexibility to travel to various locations within the SEI and CMU community, sponsor sites, conferences, and offsite meetings potentially with routine frequency.

Environmental Conditions:  Normal office conditions; close contact with computer display for extended periods of time.

Mental: Ability to meet inflexible deadlines, remain calm during difficult situations, work under pressure and work with frequent interruptions.

Other:  The candidates must be able to pass a background investigation, obtain a DoD Top Secret security clearance, and be a US citizen.  Must have the ability to travel frequently and to adjust to a work schedule that requires weekend and evening hours.  The work requires originating new techniques and approaches, establishing criteria, and developing new information. 

Preferred Qualifications and Requirements:

Education/Training: Ten years of progressively responsible experience in a technology- or research-based organization in government, industry or higher education. Ten years of experience in the management or development of software intensive projects in a commercial or DOD/government-related environment.

Experience: Research, engineering, and/or management experience in higher education, government, military, and/or Fortune 100 technology-based organizations is preferred.  Planning and directing/executing specialized programs of marked difficulty, responsibility, and national significance in software engineering/performance management & measurement which have demonstrated leadership and unusual attainments in professional, scientific, or technical research, practice, or administration. Nationally known expert in the field of software engineering, software process/performance management/ improvement, or software measurement.

Skills/Abilities:  Has the ability to bring about strategic change, both within and outside the organization.  Has the ability to establish an organizational research vision and to implement it in a continuously changing environment.  Leads people toward meeting the organization’s research vision, mission, and goals.  Able to foster the development of others, facilitate cooperation and teamwork and support constructive resolution of conflicts. Makes decisions that produce high-quality results by applying technical knowledge, analyzing problems, and calculating risks.  Able to build coalitions internally and within government, private sector, academic and international organizations to achieve common goals.

Accountability:  Provides advice and counsel to the SEPM Director and leadership team which significantly influences decisions. 
Supports the SEPM Director in defining a strategic vision for the organization and articulates this vision to SEPM and the SEI.  Responsible to the SEPM Director for the establishment of overall research goals and direction for the organization.  Manages communications across program functions and brokering partnership opportunities for collaboration with other SEI and CMU programs.  Determines research priorities based on overall organizational goals.

Direction:  Performs under minimal supervision; all normal duties and responsibilities are handled independently.  Functions within broad precedents and policies as defined by the SEI, Carnegie Mellon and the NSS director.  Only the most difficult or unique situations are referred to the SEPM Director. 

Decisions:  Responsible for contributing to the long-range strategic plan for SEPM research and devlopment.   Solutions to problems encountered require quick and effective analysis of in-depth research (conducted by others) of circumstances, facts and issues which differ significantly from the norm. 

Supervisory Responsibilities:  Advises the SEPM Director and SEPM leadership/management team on overall staffing needs to successfully accomplish research objectives.  Assist in advising and mentoring MTS, professional staff, including hiring and training new staff ; provides input for performance appraisals and recommendations for salary increases and promotions.  Coaches, develops and motivates peers and subordinates. 

JOB FUNCTIONS OR RESPONSIBILITIES:

30%     Primary advocate for the research portion of the SEPM program.  Formulates the research strategy and works with SEPM Initiative Managers to implement that strategy.   Assists with research team formation and recruiting appropriate talent. Serves as liaison to internal SEI functions and programs in active and potential areas of research. Builds external relationships to foster research collaborations.  Represents the SEPM program to the S&T community by participation in S&T community events and forums.

30%     Leads strategic research planning process and contributes to the development of SEPM strategic plan under the guidance of the Director.  Insures annual update of strategic research plan and the SEPM research report.  Reviews feasibility of plan, identifies risks and defines risk mitigation strategy.  Articulates research vision for internal and external audiences.

15%     Provides guidance to and monitors the success of SEPM Initiative Managers in meeting strategic research goals.  Provides input on performance of internal staff engaged in research. Consults with SEPM Director on organizational effectiveness and evaluation of impact of research contributions.  Identifies operational success measures and process improvements.  Leads corrective actions.

15%     Serves as liaison between SEPM program and other R&D activities on CMU campus and identifies area of possible collaboration.

10%     Works with SEPM Director and technical leadership to identify opportunities for new research projects and serves as interim project leader on start-up of new, high-priority projects.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  SEPM Director < THIS POSITION - SEMP Chief Scientist/Deputy Director < Administration; Capability Maturity Model Integration Initiative; Team Software Process Initiative; Software Engineering Measurement and Analysis Initiative

ADDITIONAL INFORMATION:  Potential for co-appointment with Carnegie Mellon University.