Position Summary:  This position reports to the Operations Team Lead for Transition Services.  This position is responsible for the administrative functions necessary for the scheduling and enrollment of eLearning courses and student accounts for SEI retained technologies via the SEI Learning Management System (LMS) and for special projects in the area of eLearning, internet research, process documentation, quality assurance, writing and editing.  This position requires the ability to interact with clients and staff of all levels in a highly professional and competent manner.  Administrative details will include: communication with SEI licensed retained technology partners and instructors regarding course set up and enrollment of students; overseeing the flow of paper and work through the office, drafting correspondence, reports, interpreting and implementing SEI and university policies/procedures. Responsibilities include but are not limited to:  logistical administration of SEI blended learning course offerings; must be able to act/react quickly, efficiently and appropriately to changes and additions to course deliveries; must be able to troubleshoot problems and questions regarding blended learning courses; work with Transition Services Operations Team Lead to determine improvement strategies for administration of blended learning courses; support the public Course Registration Team as needed as well as back-up for Course Registration Associate handling public course registration, processing payments, responding to inquiries to course registration and CERT STEPfwd email alias; Customer and technical support for customer inquiries, respond to questions submitted to BL-Attendees mail list and inquiries from PSP instructors during the VLS upgrade process; set up blended learning in LMS; enroll learners in eLearning and blended learning course offerings; respond to SEI licensed retained technology partners regarding additions/deletions/changes to blended learning course offerings and enrolled students; responding to the PSP team inquiries regarding SEI licensed retained technology partners requests; perform routine quality checks of blended learning course and enrollment data; report generation and analyses as directed by the Transition Services Team Leads; member of quality assurance and testing team for eLearning products and online registration system; manage special projects assigned by Operations Team Lead; Document processes related to eLearning, course registration, sales and product strategy; review, update and electronically archive learning help response templates; assist with maintenance of eLearning account inventory; write, edit, and format print documents and web pages for technical audiences, non-technical audiences, and sponsors. The person in this position must be able to take into account usability, readability, and the needs of these audiences, perform quality assurance activities on documents and web pages, work collaboratively with a wide variety of people, follow various internal procedures and standards, and meet deadlines.

Minimum Qualifications and Requirements: 

Education/Training: High school diploma or equivalent combination of training and experience.

Experience:  At least two (2) years administrative /secretarial experience and experience in the training environment and event planning or other related area.   

Skills/Abilities: Advanced knowledge of Microsoft Office products and related software. Organizational, dependable, analytic, collaborative, problem solving and negotiation skills.  Excellent oral and written communication, strong customer interface skills, ability to interact diplomatically with other entities within the SEI, campus community and external customers; the ability to function competently in a team environment. Complex multi-dimension reasoning ability; ability to organize blended learning courses under tight deadlines; detail oriented, ability to maintain accurate records, ability to compose letters, memos and other correspondence; ability to proof various documents for spelling, punctuation and grammatical errors; ability to work with and maintain confidential information.  Strong copyediting and proofreading skills.

Physical / Mobility:  Normally sedentary position with some mobility; i.e., able to travel to other campus locations; requires bending, stretching, pushing as well as lifting. Required to walk to areas within SEI building, to interface with instructors, access records, use copiers.

Environmental Conditions: Usual office setting; close contact with computer for extended periods of time.     

Mental:   Ability to direct others, pay close attention to details, meet inflexible deadlines, remain calm during difficult situations, work under pressure and work with frequent interruptions.        

Other: Successful candidate must be able to pass a background investigation.

Preferred Qualifications and Requirements:            

Education/Training: Associates degree or equivalent business school certification.           

Experience: Experience in an academic setting as well as experience using a learning management system and online registration system.  

Accountability:  Ensures smooth coordination of all work involved with blended learning course offerings, including public blended learning courses as well as SEI licensed retained technology partners. Provides administrative assistance; assists with the workflow within the departments; supports budget and other related processes; may represent department on campus wide projects and initiatives; function as resource to less experience staff.  Blended learning instructors, customers and administrative staff rely on this individual to make independent judgments to ensure course preparations and logistics are completed correctly and on time.  Ensure all projects are completed accurately, on time and meet the needs of the project manager.

Direction:  Expected to work independently in most instances; works with supervisor to manage changing workload or priorities; reviews and documents procedures for improving workflow within department. 

Decisions:  Makes decisions requiring specialized knowledge and understanding of the practices, policies and procedures of department, and demonstrates general knowledge in areas outside of department.  Required to make independent decisions with regard to identifying and offering solutions to discrepancies and problems with blended learning courses and enrollment for these courses.  Recognizes the opportunity for process improvement and participates in the implementation.

Supervisory Responsibilities:  May oversee support staff or student workers through distribution of work and review of work progress. Assist in the training of newly hired staff and students.

JOB FUNCTIONS OR RESPONSIBILITIES:

40%                  Blended Learning Administration:   Administer user accounts in both SEI eLearning and CERTSTEP fwd.   Enroll learners in eLearning and blended learning course offerings. Set up blended learning eLearning courses.  Provide technical support for blended learning customer inquiries.  Generate reports as directed by the Transition Services Team Lead.

40%                  Special projects: Complete projects in the area of eLearning, internet research, process documentation, quality assurance, writing and editing.  Perform eLearning product testing, monitor eLearning account inventory, write and edit documents, templates and presentations, perform quality assurance checks on documents and web pages before release.  Generate reports and analyses as directed by Sales and Product Strategy managers and Transition Services team leads.  Administer SharePoint site content for process development, collaboration, review and retention. 

20%                  Course Registration:  Support the Course Registration team backing up Course Registration  Associate when needed.  Assist with workload from other positions in the department when needed.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  Director, OCOS > Deputy Director, OCOS > Manager, Transition Services > Operations Team Lead > Administrator / SEI Learning Management Systems

Position Summary: We are staffing a small team that is responsible for developing secure coding practices, techniques, and tools. We work with software developers and software development organizations to eliminate vulnerabilities resulting from coding errors before they are deployed. The individual in this position will be responsible for developing analyzable secure coding rules for Java, C, and other programming languages. The individual will be researching and developing advanced software static and dynamic analysis techniques and methods for mobile platforms including Android. The individual will work directly with customers to: develop and provide training in secure coding practices, develop source code analysis, and enhance and extend organizational capabilities to produce secure software systems.

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science with eight (8) years applicable experience or equivalent combination of training and experiences.

Experience: Candidates should have at least five (5) years of experience in developing Java software analysis techniques in one or more of the following areas; static analysis; dynamic analysis; data flow analysis; compiler development, including understanding the impact of optimization techniques on security issues; knowledge of analysis techniques that may be useful in security analysis but might not have been applied to security yet; computer architecture, including understanding the impact of security techniques on application and system performance for various architectures.

Skills/Abilities: Successful candidates will: ability to develop and implement advanced analysis techniques; be expert in Java and have extensive knowledge of the second language; be expert in Android platform development; interact effectively with customers and teammates; have strong written and verbal communications skills; take a leadership role in technical projects.

Mobility: Primarily sedentary in an office setting with some mobility. Ability to travel to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions: Normal office conditions; however, close contact with computer for prolonged periods of time.

Mental: The ability to work well under pressure of deadlines and with confidential information.

Other: Candidate must be a U.S. Citizen, must be eligible to obtain a DoD TS Clearance, and must be able to successfully complete a background investigation.

Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science with five (5) years experience or PhD in Computer Science with two (2) years experience or equivalent combination of training and experiences.

Experience: Ideal candidates will have experience in the following areas: model checking; abstract interpretation; use of assertions in program code; using mathematical techniques such as denotational semantics, axiomatic semantics, operational semantics, and abstract interpretation.

Skills/Abilities: Preferred candidates will: possess excellent technical problem-solving skills; learn quickly and have a history of producing creative and innovative solutions; be motivated to tackle challenging problems.

Direction: Performs under minimal supervision, independent judgment is encouraged. Most normal duties and responsibilities are handled independently with the use of established procedures and policies. Difficult or unique situations are referred to the supervisor.

Supervisory Responsibilities: This position has no supervisory responsibilities, although mentoring of junior staff is expected.

JOB FUNCTIONS OR RESPONSIBILITIES:

20% Develop analyzable secure coding rules for Android apps.

40% Research and development of software analysis techniques for validating compliance of source code.

20% Directly support customer work in secure coding, verification and validation techniques, and technical training.

20% Contribute to conferences and meetings; participate in international standards development; participate in strategy discussions; contribute to customer presentations; stay up to date in analysis methods and tools.

100% TOTAL EFFORT

ORGANIZATIONAL CHART: CERT Program Director > SSS Technical Director > Secure Coding Team Lead > Senior Software Security Engineer

Position Summary:  We are staffing a small team that is responsible for developing secure coding practices, techniques, and tools. We work with software developers and software development organizations to eliminate vulnerabilities resulting from coding errors before they are deployed. The individual in this position will be responsible for performing static and dynamic analysis on software systems developed in C, C++, Java, and other popular programming languages. The individual will work directly with customers to: develop and provide training in secure coding practices, evaluate, extend, and use tools to automate source code analysis, and enhance and extend organizational capabilities to produce secure software systems.


Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science or Software Engineering with three (3) years of applicable experience;  MS in Computer Science or Software Engineering with one (1) year of applicable experience or equivalent combination of training and experiences.

Experience: Candidates should have at least three (3) years of experience in developing C, C++, or Java software analysis techniques in one or more of the following areas:  Static analysis; dynamic analysis; fuzz testing; data flow analysis; compiler development, including understanding the impact of optimization techniques on security issues; computer architecture, including understanding the impact of security techniques on application and system performance for various architectures.

Skills/Abilities: Successful candidates will:  ability to develop and implement advanced analysis techniques; be expert in C++, C, or Java and have extensive knowledge of the second language; interact effectively with customers and teammates; have strong written and verbal communications skills; take a leadership role in technical projects.

Mobility:  Primarily sedentary in an office setting with some mobility.  Ability to travel to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions: Normal office conditions; however, close contact with computer for prolonged periods of time.

Mental:  The ability to work well under pressure of deadlines and with confidential information.

Other:  Candidate must pass a background investigation, be eligible to obtain a United States DoD Secret Clearance, and be a U.S. citizen.


Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science or Software Engineering with one (1) year of applicable experience or equivalent combination of training and experiences.

Experience: Ideal candidates will have experience in the following areas:  Model checking; abstract interpretation; use of assertions in program code; using mathematical techniques such as denotational semantics, axiomatic semantics, operational semantics, and abstract interpretation; developing and analyzing code for mobile devices.

Skills/Abilities: Preferred candidates will:  possess excellent technical problem-solving skills; learn quickly and have a history of producing creative and innovative solutions; be motivated to tackle challenging problems.
 

Direction:  Performs under minimal supervision, independent judgment is encouraged.  Most normal duties and responsibilities are handled independently with the use of established procedures and policies.  Difficult or unique situations are referred to the supervisor.

Supervisory Responsibilities:  This position has no supervisory responsibilities, although mentoring of junior staff is expected.


JOB FUNCTIONS OR RESPONSIBILITIES:

30%    Analysis and testing of C, C++, and Java programs developed for Windows, Linux, and Android platforms.

25%    Develop, evaluate, extend, customize, and deploy new analysis into existing enterprise processes.

25%    Directly support customer work in secure coding, verification and validation techniques, and technical training.

20%    Contribute to conferences and meetings; participate in strategy discussions; contribute to customer presentations; stay up to date in analysis methods and tools.

100% TOTAL EFFORT


ORGANIZATIONAL CHART: CERT Director < CERT Deputy Director < CERT Chief Scientist < Technical Director, Secure Software and Systems < Software Security Engineer
 

Position Summary:  We are staffing a small team that is responsible for developing secure coding practices, techniques, and tools. We work with software developers and software development organizations to eliminate vulnerabilities resulting from coding errors before they are deployed. The individual in this position will be responsible for performing static and dynamic analysis on software systems developed in C, C++, Java, and other popular programming languages. The individual will work directly with customers to: develop and provide training in secure coding practices, evaluate, extend, and use tools to automate source code analysis, and enhance and extend organizational capabilities to produce secure software systems.


Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science or Software Engineering with eight (8) years of applicable experience;  MS in Computer Science or Software Engineering with five (5) year of applicable experience or or equivalent combination of training and experiences.

Experience: Candidates should have at least eight (8) years of experience in developing C, C++, or Java software analysis techniques in one or more of the following areas:  Static analysis; dynamic analysis; fuzz testing; data flow analysis; compiler development, including understanding the impact of optimization techniques on security issues; computer architecture, including understanding the impact of security techniques on application and system performance for various architectures.

Skills/Abilities: Successful candidates will:  ability to develop and implement advanced analysis techniques; be expert in C++, C, or Java and have extensive knowledge of the second language; interact effectively with customers and teammates; have strong written and verbal communications skills; take a leadership role in technical projects.

Mobility:  Primarily sedentary in an office setting with some mobility.  Ability to travel to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions: Normal office conditions; however, close contact with computer for prolonged periods of time.

Mental:  The ability to work well under pressure of deadlines and with confidential information.

Other:  Candidate must pass a background investigation, be eligible to obtain a United States DoD Secret Clearance, and be a U.S. citizen.


Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science or Software Engineering with five (5) year of applicable experience or equivalent combination of training and experiences.

Experience: Ideal candidates will have experience in the following areas:  Model checking; abstract interpretation; use of assertions in program code; using mathematical techniques such as denotational semantics, axiomatic semantics, operational semantics, and abstract interpretation; developing and analyzing code for mobile devices.

Skills/Abilities: Preferred candidates will:  possess excellent technical problem-solving skills; learn quickly and have a history of producing creative and innovative solutions; be motivated to tackle challenging problems.


Direction:  Performs under minimal supervision, independent judgment is encouraged.  Most normal duties and responsibilities are handled independently with the use of established procedures and policies.  Difficult or unique situations are referred to the supervisor.

Supervisory Responsibilities:  This position has no supervisory responsibilities, although mentoring of junior staff is expected.


JOB FUNCTIONS OR RESPONSIBILITIES:

30%    Analysis and testing of C, C++, and Java programs developed for Windows, Linux, and Android platforms.

25%    Develop, evaluate, extend, customize, and deploy new analysis into existing enterprise processes.

25%    Directly support customer work in secure coding, verification and validation techniques, and technical training.

20%    Contribute to conferences and meetings; participate in strategy discussions; contribute to customer presentations; stay up to date in analysis methods and tools.

100% TOTAL EFFORT


ORGANIZATIONAL CHART: CERT Director < CERT Deputy Director < CERT Chief Scientist < Technical Director, Secure Software and Systems < Software Security Engineer
 

Position Summary: We are building a small team responsible for researching next generation secure mechanisms, approaches, practices, techniques, and tools. This team will work with current and emerging technologies to research potential improvements in approaches for identifying and/or mitigating security weaknesses in embedded and network based software and systems. We are seeking an individual with experience in embedded systems security to grow the team, lead the research, and build the technical and research agenda. The individual in this position will be responsible for planning, proposing and accomplishing research on innovative approaches to securing systems and components based on new approaches to software, hardware, or system composition. We are seeking candidates with a mix of expertise in computing and systems analysis, design, development and operations to support identification of areas with potential for innovative approaches to improving security.

Minimum Qualifications and Requirements:

Education/Training: PhD degree in computer science and five (5) years of experience or MS in computer science and eight (8) years of experience.

Experience: Fifteen plus (15+) years of progressively responsible experience in a technology- or research-based organization in government, industry or higher education. At least ten years of successful information security operations and/or research experience including hands-on research, research team leadership and project management. Possesses comprehensive knowledge across the mission area of the SEI and is able to apply that knowledge in new and unusual environments. Demonstrated success in formulating and delivering successful research programs and projects. Demonstrated management experience with responsibility for projects, people, budgets and contracts.

Skills/Abilities: Mastery and broad understanding of computer systems, computer security practices and information security evaluation methods. Mastery of information security field in order to apply experimental theories and new developments to problems not susceptible to accepted methods. Ability to manage diverse areas and large, complex projects; ability to influence, work with and manage technical staff; able to respond quickly and effectively to changing priorities; excellent analytical, organizational, supervisory, reasoning and problem solving skills; ability to interact effectively with diverse constituencies internally and externally; excellent verbal and written communication skills. Able to synthesize solutions in new and different domains, cultures, and environments from available technologies, publications, and events.

Mobility: Normally sedentary with some mobility; i.e. ability to travel to other locations on and off campus. May require some bending, stretching, pushing, as well as lifting up to several reams of paper, etc.

Environmental Conditions: Work is performed in an office setting. Close contact with CRT for long periods of time.

Mental: Ability to meet inflexible deadlines, remain calm during difficult situations, work under pressure and work with frequent interruptions.

Other: Candidate must be able to successfully complete a background check and obtain a Top Secret security clearance.

Preferred Qualifications and Requirements:

Experience: Research management experience in higher education, government, military, and/or Fortune 100 technology-based organizations is preferred. Embedded computing systems design and security evaluation is desirable. The ideal candidate will have demonstrated successful planning and directing/executing specialized programs of marked difficulty, responsibility, and national significance in information security which has provided leadership and accomplished marked attainments in professional, scientific, or technical research.

Skills/Abilities: Has the ability to bring about strategic change, both within and outside the organization. Has the ability to establish and organizational vision and to implement it in a continuously changing environment. Leads people toward meeting the organization’s research vision, mission, and goals.

Accountability: This position is accountable to the Secure Software and Systems Technical Director for work content, quality, and schedule.

Direction: Performs under minimal supervision; all normal duties and responsibilities are handled independently. Functions within broad precedents and policies as defined by the SEI, Carnegie Mellon, the CERT director, and the SSS technical director.

Decisions: Plan and carry out research on novel approaches to information security. Program planning, development of program management strategies, and risk management. Design and implementation of systems that demonstrate innovative approaches to information security.

Supervisory Responsibilities: The position will be responsible to lead the creation and direction of a team and their technical and research agenda. Responsibilities will include hiring, appraising performance, distributing work assignments and reviewing results.

JOB FUNCTIONS OR RESPONSIBILITIES:

40%        Participating with team and client organizations to research, investigate, demonstrate and mature innovative approaches to improved approaches to cyber security.

30%        Writing reports, papers and presentations describing research findings.

30%        Working with collaborators and customers.

100% TOTAL EFFORT

ORGANIZATIONAL CHART: CERT Director < Deputy Director < Chief Scientist < Secure Software and Systems Technical Director < Next Generation Security Mechanisms Technical Manger < Secure Software and Systems Senior Researcher

Position Summary:  The CERT Program is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Network Situational Awareness (NetSA) group supports government customers by developing cutting-edge, network analysis tools and techniques for operational use in high-impact environments.  The CERT Network Situational Awareness (NetSA) group develops analysis techniques for some of the largest networks in the world. These network monitoring grids store billions of records per day for analysis. NetSA’s cutting-edge analysis techniques are deployed for operational use in several high-impact environments. The analyst will develop new analysis techniques and prototype their software implementation, support customers by preparing analytic reports, prototype new analysis approaches, present training on new analysis techniques and take a lead role in preparing research for publication. The successful candidate will have some combination of academic training and real world network or network security experience. As a member of the staff, the individual will be expected to serve as technical lead for the overall design, execution, and documentation of one or more tasks, as well as to serve as a liaison with customers, potential customers, vendors, and the Internet community as a whole.

Minimum Qualifications and Requirements:

Education/Training: Bachelor’s Degree in Computer Science or scientific/technical field with eight (8) years’ experience, Master’s Degree in Computer Science or scientific/technical field with five (5) years’ experience, or equivalent combination of training and experiences.

Experience: Professional experience listed above is in network security research and/or operations—the successful applicant will likely have both. Applicants should have a record of contribution to the security community, such as academic publication or involvement in open source security tool projects.

Skills/Abilities: Capable of conducting analytical studies and investigations of network security data and performing original research in network security analysis; experience with scripting and/or programming in a high level language, including participation in sound software engineering (e.g. version control, documentation, etc.); deep understanding of and practical experience with various Internet protocols (e.g., TCP/IP, DNS, SMTP, BGP, TLS); deep knowledge of at least one modern operating system (e.g., Linux, Solaris, Windows 2000/2003/XP/7/8); understanding of network security issues at all protocol layers; understanding of host/operating system security issues; familiarity with and deep understanding of: IDS, firewalls, SIM/SEM, network and vulnerability scanning, routing; ability to set strategic direction and agenda for a diverse group of developers and researchers; ability to function in the role of a consultant; planning and organizational skills; strong problem solving skills; excellent oral and written communication skills; ability to work both independently and with teams; experience with mathematical programming systems (e.g. R, Mathematica, Matlab); experience with statistics.

Physical Mobility:  Primarily sedentary in an office setting with some mobility. Flexibility to travel to various locations within the SEI and CMU community, including sponsor sites, conferences, and meetings.  Environmental Conditions: Normal office conditions; loose contact with computer display for extended periods of time.

Mental: Ability to work meticulously with careful attention to detail; ability to meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort, ability to develop and communicate innovative ideas; ability to take leadership role in technical projects; ability to quickly learn new procedures, techniques, approaches, etc.

Other:  Candidate must have the ability to pass a background check investigation, obtain a DOD TS/SCI security clearance, and be a US citizen.

Preferred Qualifications and Requirements:

Education/Training: Ph.D. in Computer Science or scientific/technical field with two (2) years’ experience or equivalent combination of training and experiences.

Experience: Experience working:  in a team environment leading collaborative projects with diverse skills and roles; in the public forum of the broader information security community; directly with customers from government and/or industry (multiple critical infrastructure); in exploratory data analysis; in data visualization; in human-computer interface (HCI) design; technical writing; to develop and present training sessions.

Accountability:  The individual is accountable for:  Active participation in the overall NetSA R&D effort; producing original publications in network security analysis; mentoring junior analysts and researchers; participating in public speaking engagements, including at remote locations.

Direction:  The individual is expected to act independently using CMU, SEI, and NetSA defined policies, practices, and procedures – within the scope of assigned work.

Decisions:  The individual is expected to participate in the decision-making and problem-solving processes of strategic research direction and strategy of transition of research to engineered technology.

Supervisory Responsibilities:  This position does not formally supervise others. However, the individual will act in a technical leadership (non-supervisory) role in regard to specific work products and activities, or in regard to student interns, etc.

JOB FUNCTIONS OR RESPONSIBILITIES:

60% Perform and publish original work in network security analysis, including work leading to academic publications.

10% Contribute to overall strategic direction for a diverse security R&D team.

10% Presentation of training materials to customers.

10% Mentor and guide junior network security analysts.

10% Participate in and/or lead presentations to customers, analyst jam sessions and public speaking engagements.

100% TOTAL EFFORT

ORGANIZATIONAL CHART: Manager CERT Program < Network Situational Awareness Technical Manager < Network Defense Analyst

Position Summary:  The Research Director (RD) of CERT’s Cyber Security Foundations Directorate is responsible to manage, lead and grow a team of 25 technical staff focused on the science, engineering and transition of foundational cyber/security concepts for research-oriented customers (e.g, DARPA, IARPA, NSA-R, NSF, ASD(R&E), AFRL, NRL, ARL, ONR, AFOSR, etc.). The Foundations Directorate is a cornerstone of CERT’s strategy of being a respected thought leader in the cyber security research community. In coordination with the CERT Division’s Director’s Office, the RD will: develop business; manage staff, strategy, resources and priorities; collaborate with other CERT and SEI directorate-level managers; engage and support CERT’s customers and stakeholders. This position will provide backup and support for CERT’s Chief Scientist’s roles of engaging stakeholders, the research community and customers on research-focus topics such as specific technical work, tech transition, emerging challenges and policy.

Minimum Qualifications and Requirements:

Education/Training: PhD degree in a technical field such as computer science, mathematics, electrical engineering, information technology or equivalent combination of training and experience or related field with ten (10) years of experience.

Experience: Ten (10) years of experience performing, managing and transitioning research in cyber security science/engineering or a related technical field.

Skills/Abilities: Able to work closely and negotiate agreements with senior managers and officials both internally and externally. Able to work effectively with all levels of CERT, SEI and CMU personnel. Demonstrated capability in managing senior level researchers and engineers and setting research and development agendas. Able to develop plans, manage projects (budget and schedules) in an integrated team environment. Able to develop and deliver products and projects on schedule and on budget. Have strong organization/team building/mentoring skills.

Physical Mobility: Moderate domestic travel (25%).

Environmental Conditions: Normal office setting with continuous usage of computers.

Mental: Ability to work under pressure with frequent interruptions and meet inflexible deadlines.

Other: Pass a background investigation and be eligible for a U.S. DoD Clearance.

Preferred Qualifications and Requirements:

Experience: Diverse management experience. Personally published academic quality research or broadly disseminated technical artifacts (books, software, patents, etc.). Experience with research, development and operations in cyber security and software engineering. Experience with proposals and contracts for federally funded R&D and efficiently accommodating the dynamics of such funding.

Skills/Abilities: Ability to create and sustain academic, industrial and international research collaborations.

Accountability:  Manages directorate staff, work, customers, contracts, collaborators and budgets to support current work and grow related new work.

Direction:  Performs under minimal supervision; all normal duties and responsibilities are handled independently. Functions within broad precedents and policies as defined by the SEI, Carnegie Mellon and the CERT Director’s Office.

Decisions:  Makes all non-strategic decisions for directorate work, staff and resources. Works with the CERT Director’s Office on strategic planning and business development for the directorate.

Supervisory Responsibilities:  Determines overall staffing needs for areas of responsibility and manages the supervision of MTS, professional and support staff, including hiring and training new staff employees; conducts performance appraisals; approves recommendations for salary increases and promotions. Coaches, develops and motivates staff.

JOB FUNCTIONS OR RESPONSIBILITIES

60%        Manage the staff, resources, customers, subcontractors and collaborators to perform the funded work of the directorate.

25%        Develop new work/funding with customers for the research, development and transition of critical security foundations.

5%          Support CERT Director’s office to develop, manage and communicate CERT’s work to the SEI’s sponsor, customers, stakeholders and staff.

10%        Perform personal research and technical work directly related to the directorate’s priorities.

ORGANIZATIONAL CHART:  SEI Director’s Office < Director of CERT Division < Research Director for Cyber Security Foundations

Position Summary:  This position is with the Digital Intelligence and Investigations Directorate (DIID) at the Software Engineering Institute (SEI) of Carnegie Mellon University.  The person in this position will serve as a Project Manager providing oversight across major customer areas and/or critical program segments for which both the scope and effect of the work have a strategic SEI impact and government-wide impact. This position will report to the Technical Director for the Digital Intelligence and Investigations Directorate in the CERT Program.  Working closely the DIID Director, Business Managers, and Technical Leads, the Project Manager will have oversight of technical tasking across several projects and be responsible for working closely with and reporting to the government program managers funding the tasking.  The person in this position will plan, organize, coordinate, control, and evaluate the activities of technical tasking required to execute the funded program of work. The person will develop a project management tracking system that supports the government program managers’ requirements and SEI requirements and determine goals and objectives that need additional emphasis; develop measures that evaluate performance; make recommendations for program improvement; and track resources and assets.  The position includes the day to day interface with customer program managers and CERT technical managers and requires demonstrated project management experience and technical skills in software and systems engineering. Successful candidates will possess a strong understanding of the work of the SEI, excellent communications and interpersonal skills, and the ability to diagnose problem situations and develop effective solutions for the customer.

Minimum Qualifications and Requirement:

Education/Training: MS in computer science, software engineering, information systems, or a related technical field with five to seven (5-7) years’ experience or equivalent combination of training and experiences.

Licenses: Project Management Professional (PMP).

Experience: At least five (5) years of project management experience with customer-focused technology projects such as product or service development. Software, internet, and/or government industry experience preferred; demonstrated performance in prior roles, with increasing levels of responsibility and independence; experience should have some relation to information security operations or research.

Skills/Abilities: Understanding of information technology and telecommunications systems; working knowledge of information assurance, network security, risk management, and software and systems development and procurement; assess initiatives against programmatic, technical, and operational goals; develop project management tracking and reporting systems; prepare and conduct management briefings with senior government leaders and customers; excellent written and oral communication and interpersonal skills; work independently with strong reasoning and problem-solving skills; recognize and deal appropriately with confidential and sensitive information; ability to contribute to technical presentations and technology transfer activities; knowledge of challenges and threats faced by the United States Government (USG) network security and intelligence organizations.  It is expected that this individual will have competency in industry standard project management software and platforms to include Microsoft Project Desktop and Server.

Mobility: Primarily sedentary in an office setting with some mobility. Requires travel to various domestic locations within the SEI and CMU community to include the SEI DC office; sponsor sites; conferences; and offsite meetings with routine frequency (1-2 trips a month).

Environmental Conditions: Normal office conditions; close contact with computer display for extended periods of time.

Mental: The ability to: Work meticulously with careful attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort; structure complex, ambiguous, and potentially charged business issues for CERT management.

Other: Candidate must be able to pass a background investigation, have a current DoD TS security clearance, be a US citizen, and be able to obtain a DoD TS/SCI security clearance. Candidate must also be able to work full-time at a customer site in the Baltimore/Washington, DC metro area.

Preferred Qualifications and Requirements:

Education/Training: MS Degree with six (6) years of related experience or equivalent combination of training and experiences.

Experience: Designing, developing, and implementing information technology projects within the government; exceptional interpersonal and technical writing skills; working on an incident response or security operations team; experience working with the government or within a critical infrastructure sector.

Skills/Abilities: Knowledge of USG policies, and missions in cyber security.

Accountability:  This position is accountable for ensuring that the DIID delivers on the execution of the statement of work for customer projects. The individual is accountable for aligning DIID projects with customer needs and re-prioritizing efforts as appropriate. The individual will also contribute to project, department, or program objectives and planning document development. The individual will keep in confidence sensitive information such as customer processes, risks, vulnerabilities, and internal work products, whether for eventual public or private distribution.

Direction:  The individual is expected to act independently using CMU, SEI, and NSS defined policies, practices, and procedures – within the scope of assigned work. Additionally, this position will assist in setting DIID direction based on an understanding of customer needs.

Decisions:  Individual must make sound technical and business decisions; negotiate with customers; and monitor and control deliverables, budget, and schedules.  The individual must accurately represent the SEI in interactions with customers, sponsors, and the public.

Supervisory Responsibilities:  This position does not formally supervise others.

JOB FUNCTIONS OR RESPONSIBILITIES:

70% Plan, organize, coordinate, control, and evaluate the activities of technical tasking required to execute the funded tasking for customer projects. Travel to customer sites and interaction with government program managers is required.

15% Develop a project management tracking system that supports the government program managers’ requirements and SEI requirements; develop measures that evaluate performance; make recommendations for program improvement; develop processes to allocate and track resources and assets.

10% Prepare and conduct reports and briefings to customer senior management.

5% Contribute to strategic and operational planning activities.

100% Total Effort

ORGANIZATIONAL CHART:  CERT Director < CERT Deputy Director < DIID Technical Manager < DIID Operations Manager < Program Manager

Position Summary: This position is part of team developing software systems and services to support the larger computer security community and federal sponsors.  Primary responsibilities will include conceiving and developing software in Java, Perl, and other programming languages and integrating open source and commercial packages to provide new capabilities in managing computer security issues and incidents.  Responsibilities also include direct support in operating and deploying those services and supporting sponsors for sponsor needs.

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science, Information Science, Computer Engineering  with eight (8) years of applicable experience, MS in Computer Science, Information Science, Computer Engineering  with five (5) years of applicable experience, or Ph.D. in Computer Science, Information Science, with two (2) years of applicable experience or equivalent combination of training and experiences.

Experience: Two (2) years of experience developing software systems, with specific experience or substantial knowledge of the following areas: full life-cycle development from conceptual design to deployment; system integration; the creation of mission-critical information storage and retrieval systems; use of source code control, configuration managements, and artifact tracking tools; apply sound software engineering practices to system design and development (e.g., systematic approach to system specification, architecture, design, development and documentation of code, configuration management, inspections and testing, packaging and deployment); be expert in Java/JEE at an enterprise level; have significant experience Perl, Python or other dynamic languages; possess excellent technical problem-solving skills; develop, document, and explain technical decisions; be strongly self-motivated to tackle challenging problems; learn quickly and have a history of producing creative and innovative solutions; prioritize work effectively; interact effectively with technical and non-technical audiences via both written and verbal communications; collaborate and work effect; timely within a closely coordinated team environment; maintain composure while dealing with difficult people; recognize and deal appropriately with confidential and sensitive information; handle shifting priorities; meet inflexible deadlines; possess mentoring/training skills.

Skills/Abilities: Must possess: Ability to manage heavy workload and effectively manage priorities; Strong problem solving skills; Excellent oral and written communications skills; Ability to work both independently and with teams; Ability to effectively manage multiple projects; Ability to elicit technical requirements from management and staff.

Physical Mobility:  Primarily sedentary, long periods of sitting, some bending, stretching and lifting up to several reams of paper. Ability to travel to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions: Normal office conditions; however close contact with CRT for prolonged periods of time. Also occasional work in machine room (loud and extreme office temperatures  55F-90F).

Mental: Ability to work under pressure and meet deadlines; ability to prioritize tasks; strong learning capability; ability to assist users of varying competency; ability to interact effectively with vendors, managers, and technical staff. Good technical problem-solving skills; strong information organization skills; good oral and written communication skills. Maintain confidentiality of sensitive information.

Other:  Candidate must pass a background investigation and obtain a United States DoD Top Secret Clearance and must be a U.S. citizen.

Preferred Qualifications and Requirements:

Education/Training: MS in Computer Science, Information Science, Computer Engineering with five (5) years of applicable experience, or Ph.D. in Computer Science, Information Science, with two (2) years of applicable experience or equivalent combination of training and experiences.

Experience: Ideal candidates will have extensive working experience with significant number of the following technologies:  interested in researching, learning, evaluating and reporting on various new technologies or implementations; experience with “big data” and associated systems such as Hadoop, Column-oriented data stores, and similar; developing web services and related technologies (e.g., XML, WSDL, SOAP, REST, XSLT),applications using RPC mechanisms (e.g., XML-RPC); messaging (e.g.,  JMS); creating web-based applications and services in security-sensitive environments (e.g., familiarity with x.509 certificates, PKI, encryption, defense-in-depth concepts); leading small team development efforts; capability as a database (DBA) or system administrator; packaging and deploying server-side applications on Linux and/or UNIX systems (e.g.,  RPM, WAR, EAR); developing content management systems and related technologies (e.g., Alfresco, Bricolage); developing web-based user interfaces (e.g., XHTML, CSS, JavaScript, AJAX).

Skills/Abilities: Fluent in a language other than English.

Accountability: Responsible for developing new and enhancing existing software systems tracked by both team members and management.   

Direction: The person in this position will work closely with the existing development team, acting as part of the team and independently.  Team process and procedures will need to be followed during the development of software systems.

Supervisory Responsibilities: This position mentors and provides technical direction to other employees.

JOB FUNCTIONS OR RESPONSIBILITIES:

70% Gather requirements, write code, and test software and systems.

10% Produce documentation and write technical documents for sponsors and conferences.

10% Work within the development team and CERT/CC at large to improve software development process and practices.

5% Travel to customers and conferences, presenting SEI work and understanding sponsor and community needs.

5% Participate in the broader security community through collaboration, papers, and     presentations.

100% TOTAL EFFORT

ORGANIZATIONAL CHART: SEI Director < CERT Program Manager < CERT Coordination Center Director < CERT/CC Engineering Manager < Software Developer

Position Summary:  This position will lead a team of systems engineering in the operation of various IT infrastructure to accomplish the missions of CERT/CC: malware collection, incident collection and analysis, large scale network data collection and analysis, along with research systems related to those functions.  The team performs value added operations support when standard institute wide IT support is insufficient or inappropriate.  The successful candidate will combine the ability to master complex technological solutions to aid development and provide engineering solutions while also having the ability to forge complementary relationships with both peer team leads and organizational peers supporting the mission.  The team lead position also plays a critical role as a primary interface for a large number of developers in complicated IT requests, both to the CERT/CC team and to institute wide resources.  The successful candidate will be capable of managing engineering diagnosis, frequently changing and short term project efforts, and general IT requests, as well as working with both institute wide IT for planning and integration and peer team leads for planning.

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science, Information Science, Computer Engineering with ten (10) years of applicable experience, MS in Computer Science, Information Science, Computer Engineering with eight (8) years of applicable experience, or Ph.D. in Computer Science, Information Science,  with five (5) years of applicable experience or equivalent combination of training and experiences.

Experience: Six (6) years of progressive responsibility managing information technology.  This must include experience supervising, leading, and managing and direct management of information technology.  Previous experience with and the ability to demonstrate substantial knowledge of:  leading technical teams, managing technical assets, and managing operational capabilities; both Windows and Linux operating systems; debugging and diagnosing complex IT problems to root causes and developing solutions; leveraging IT automation technologies to manage large number of assets per team member; enterprise or distributed file systems; programming in at least one programming or scripting language; logging and monitoring infrastructure. 

Skills/Abilities:  Ability to: collaborate with internal and external stakeholders to determine requirements, and translate those needs into enabling technologies; work with other internal and external IT organizations to design, deploy, operate, and refresh IT capabilities; communicate complex designs to executive staff, sponsors, project managers and technical staff in clear concise language tailored to the audience; depict IT infrastructure information conceptually, logically and physically; mentor and provide training and development to system engineers; achieve a high-level understanding of the business and business priorities, challenges, and current capabilities.

Physical Mobility:  Primarily sedentary, long periods of sitting, may have to travel to other campus locations, as well as, travel to customer sites, some bending, stretching and lifting up to 50 lbs above head. Moving and setting up computer equipment. Ability to travel to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings.

Environmental Conditions:  Normal office conditions; however close contact with CRT for prolonged periods of time. Occasional work in machine room (loud and extreme office temperatures 55F-90F).

Mental: Ability to work under pressure, take initiative, and set priorities for multiple competing initiatives.  The ability to work with various peers of varying motivations and capabilities while stile advancing initiatives.  The ability to work with vendors, specify and refine components and maintain schedules.  Excellent communication skills.

Other: Candidate must pass a background investigation and obtain a United States DoD Top Secret Clearance and must be a U.S. citizen.

Preferred Qualifications and Requirements:

Licenses: PMP

Experience:  Experience with:  intrusion detection, honeypots, forensics analysis, and malware operation; provisioning and operating tape backup solutions; applying FISMA controls and USG certification and accreditation.

Skills/Abilities:  Ability to build tools in various scripting and programming languages.  Fluent in a language other than English.

Accountability:  This position will be responsible for the operation of a multi-million dollar IT infrastructure distributed across multiple efforts and subnets with varying policy rules while meeting the reporting and monitoring requests from management and sponsors.

Direction:  This position will operate with a large degree of independence taking loosely specified goals and initiatives from management and across the program and turning those into implementations and reality using their own initiative.  A high degree of independent action with the ability to put requests in context and act accordingly is critical.

Decisions:  Example: A user needs to test a vulnerability in a specific piece of software.  A test environment needs to be developed to allow for testing at the required version/patch level. The equipment needs to be prepared and configured appropriately to provide a suitable test environment.

Supervisory Responsibilities:  This position will have supervisory responsibility for a team of systems engineers.  This position will also aid in the selection of team members and provide tasking and guidance to members.

JOB FUNCTIONS OR RESPONSIBILITIES:

20% Work with the SEI IT staff to manage CERT/CC user issues and issues across system boundaries.

50% Lead an infrastructure team in the operation of the various CERT/CC compute resources, ensuring continuous operation of collection systems, monitoring resource usage, and performing system maintenance.

15% Handle user requests across all types of IT resources and monitor SLA’s for user effectiveness.

10% Perform system engineering, IT plant planning, and handle quotes and purchasing for CERT/CC IT infrastructure.

5% Participate in the broader security and sponsor community through collaboration, papers, and     presentations.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  SEI Director < CERT Program, Director < CERT Coordination Center, Technical Director < CERT/CC Engineering, Technical Manager < CERT/CC Engineering Operations, Systems Engineering Team Lead

Position Summary: We are staffing a small team that is responsible for developing secure coding practices, techniques, and tools. We work with software developers and software development organizations to eliminate vulnerabilities resulting from coding errors before they are deployed. The individual in this position will be responsible for developing analyzable secure coding rules for Java, C, and other programming languages. The individual will be researching and developing advanced software static and dynamic analysis techniques and methods for mobile platforms including Android. The individual will work directly with customers to: develop and provide training in secure coding practices, develop source code analysis, and enhance and extend organizational capabilities to produce secure software systems.

Minimum Qualifications and Requirements:

Education/Training: BS in Computer Science, with ten (10) years applicable experience; MS in Computer Science, with eight (8) years of applicable experience; or PhD in Computer Science or related discipline with five (5) years applicable experience.
 

Experience: Candidates should have at least five (5) years of experience in developing Java software analysis techniques in one or more of the following areas; static analysis; dynamic analysis; data flow analysis; compiler development, including understanding the impact of optimization techniques on security issues; knowledge of analysis techniques that may be useful in security analysis but might not have been applied to security yet; computer architecture, including understanding the impact of security techniques on application and system performance for various architectures.

Skills/Abilities: Successful candidates will: ability to develop and implement advanced analysis techniques; be expert in Java and have extensive knowledge of the second language; be expert in Android platform development; interact effectively with customers and teammates; have strong written and verbal communications skills; take a leadership role in technical projects.

Mobility: Primarily sedentary in an office setting with some mobility. Ability to travel to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions: Normal office conditions; however, close contact with computer for prolonged periods of time.

Mental: The ability to work well under pressure of deadlines and with confidential information.

Other: Candidate must be a U.S. Citizen, must be eligible to obtain a DoD TS Clearance, and must be able to successfully complete a background investigation.

Preferred Qualifications and Requirements:
 

Education/Training: PhD in Computer Science or Software Engineering with five (5) years applicable experience.

Experience: Ideal candidates will have experience in the following areas: model checking; abstract interpretation; use of assertions in program code; using mathematical techniques such as denotational semantics, axiomatic semantics, operational semantics, and abstract interpretation.

Skills/Abilities: Preferred candidates will: possess excellent technical problem-solving skills; learn quickly and have a history of producing creative and innovative solutions; be motivated to tackle challenging problems.

Direction: Performs under minimal supervision, independent judgment is encouraged. Most normal duties and responsibilities are handled independently with the use of established procedures and policies. Difficult or unique situations are referred to the supervisor.

Supervisory Responsibilities: This position has no supervisory responsibilities, although mentoring of junior staff is expected.

JOB FUNCTIONS OR RESPONSIBILITIES:

20% Develop analyzable secure coding rules for Android apps.

40% Research and development of software analysis techniques for validating compliance of source code.

20% Directly support customer work in secure coding, verification and validation techniques, and technical training.

20% Contribute to conferences and meetings; participate in international standards development; participate in strategy discussions; contribute to customer presentations; stay up to date in analysis methods and tools.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:

CERT Division Director < Secure Software and Systems Technical Director < Secure Coding Initiative Technical Manager < Software Security Engineer

Position Summary:  The SEI Emerging Technology Center is focused on matching state-of-the-art software capabilities with critical U.S. Government (USG) needs.  This position will support the Center’s mission by capturing government needs and identifying, shaping, and guiding research that matches these needs and operationalizing research concepts in a realistic USG environment. If you are a researcher passionate about big data, cloud computing, human information interaction, analytics/machine learning/data mining/knowledge discovery, or scalability, and you are committed to bringing innovation to government and beyond, then this is the position for you.  Duties include:  The SEI Emerging Technology Center Senior Research Scientist will: Work with the Center’s leadership team to plan, develop and implement an overall research strategy, initiate and conduct novel research in-line with the Center’s broad technical focus of “data-intensive scalable computing,” and lead and collaborate with other research and development technical staff in the Center and across the SEI; Directly participate in the formation of a research agenda and assist the SEI Emerging Technology Center in establishing a national agenda in future technology; Develop research ideas in collaboration with sponsors and customers, collaborate with world leaders in the academic community, lead and conduct hands-on research, and direct research staff to advance ideas in support of Center’s current and future customer needs; Work closely with the SEI Emerging Technology Center Director to define near-term and strategic research approach and agenda, as well as lead, conduct, and direct research projects for the Center. This position will afford the opportunity to participate in strategic planning for the whole of the Center along with an interdisciplinary team of highly talented visionaries. The work requires a deep understanding of technical challenges and emerging trends in computing and information science and awareness of the potential opportunities in industry and government. It also requires effective formulation and presentation of forward looking ideas. While deep technical knowledge in one or more fields is desirable, a demonstrated track record of research contributions across multiple fields is preferred. The SEI Emerging Technology Center and the Center customers are inherently interdisciplinary.  Specific responsibilities include:  Interface directly with USG customers to identify, capture, and articulate critical software-related capability needs, specifically in the domain of data-intensive scalable computing; Identify, shape, and guide research activities directed at filling critical USG computing and information needs; Leverage research ideas to design, document, and oversee the development of solutions relevant to critical government needs; Oversee interdisciplinary development teams from problem definition to solution concept to solution development, test and evaluation, and technology transition; Develop and operationalize novel transition strategies for taking solutions from research concept to operational capability; Promote and practice user-centered design methodologies throughout the solution life-cycle, from research concept to operational capability; Publish and promote Center research to contribute to raising awareness and impact of the Center and the SEI; and Mentor other Center staff and collaborators on research methods, technical areas of expertise, user-centered design concepts, and solution design principles.

Minimum Qualifications and Requirements:

Education/Training: Bachelors of Science in Computer Science, Information Systems, or related field with ten (10) years’ experience, or equivalent Masters of Science in Computer Science, Information Systems, or related field with eight (8) years’ experience, or equivalent.

Experience:  Professional experience listed above to include the following areas:  Leading research and research teams; capturing and documenting user/customer needs and requirements in complex technical areas under uncertainty and changing requirements and priorities; conducting research and applying scientific methods; basic and applied research; facilitating participatory design and innovation sessions for all aspects of software, solutions, and research design concepts; software development in support of research and taking software capabilities from the lab to operations; hands on modeling and simulation, data analysis/analytics, and large-scale computing; proven capabilities in the visual communications of complex ideas and concepts; preparing and delivering technical proposals, papers, and presentations; conducting user-centered design activities including user studies, novel prototyping capabilities, and exploring multiple solution concepts in parallel; design of information architectures for complex human-centered software systems; experience working with DARPA, IARPA, Service Labs, or other government research sponsors is a plus. Ideal candidates have: Three to five years of progressively responsible experience in a technology- or research-based organization in government, industry or higher education; three to five years’ experience in researching, developing, or applying data-intensive scalable computing in a commercial or DoD/government-related environment; experience in building and managing high technology research teams. The candidate should have in-depth knowledge of software and systems engineering.  Demonstrated success in formulating and delivering successful research proposals to the federal government and in leading the resulting projects. Demonstrated record of publications and contributions to the science and technology community. Demonstrated management experience with responsibility for projects, people, budgets and contracts.

Skills/Abilities: Knowledge of:  Software engineering including design, architecture, development, testing, and deployment; human-computer interaction, Human-machine interaction, and Human-information interaction; modern computing, data, and storage solutions, data processing architectures (MapReduce, Hadoop, NoSQL); cloud Computing; analytics, data mining, machine learning, knowledge discovery; knowledge of information analysis, visualization, and manipulation tools and techniques; must be visionary, with strong sense of purpose; prior academic center research experience; a reputation for applied and/or theoretical research with a track record of valuable publications; track record of accomplishment in leading the research agenda for technology-based organizations; reputation for highest level of integrity; high comfort level with ambiguity; success at building consensus within a matrixed organization; excellent oral, written and presentation skills; able to make decisions and recommendations that significantly change important public policies or scientific programs; understanding and appreciation for the interplay between technology and policy; ability to influence, work and manage technical staff; able to respond quickly and effectively to changing priorities; excellent analytical, organizational, supervisory, reasoning and problem solving skills; ability to interact effectively with diverse constituencies internally and externally; excellent verbal and written communication skills.

Mobility: Primarily sedentary in an office setting with some mobility. Flexible to travel to various locations within the SEI and CMU community, sponsor sites, conferences, and offsite meetings potentially with routine frequency.

Environmental Conditions: Normal office conditions; close contact with computer screen for extended periods of time.

Mental: The ability to:  Design and develop detailed problem formulations and research approaches based on requirements elicitation from internal and external stakeholders; communicate with software developers, analyst, and non-technical experts; work meticulously with attention to detail; remain calm during difficult situations; meet inflexible deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities and frequent interruptions; deal collaboratively, diplomatically, and successfully with customers, co-workers, and other professional colleagues, managers, and staff; grasp the big picture, direction, and goals of an effort; interface with world-class research community; develop and communicate innovative ideas; take leadership role in technical projects; oversee the technical activities of teams of 3-4 researchers, developers, and designers; quickly learn new procedures, techniques, and approaches.

Other:  Candidates must be able to pass a background investigation, obtain a DoD TS/SCI security clearance, and be a US citizen.

Preferred Qualifications and Requirements:

Education/Training: Doctor of Philosophy in Computer Science, Engineering, Mathematics, Information Systems, or related field with five (5) years of experience, or equivalent.

Accountability:  This position will be responsible for transforming vague and uncertain customer needs and requirements into clear problem statements and research programs. Research will always be conducted with a solutions and outcome focus. This includes matching problems to research ideas, technology capabilities, and ultimately solutions.

Direction:  This position is expected to act with minimal supervision in accordance with SEI procedures and policies, such as those involving product development, team interaction, and confidentiality.

Decisions:  This position will conduct research, make decisions about research approaches and ideas, explore and specify solutions and designs and make implementation choices for a wide-range of data-intensive scalable computing problems.

Supervisory Responsibilities:  This position may include supervisory responsibilities for a small (2) to medium (10) sized team of researchers or research programmers.

JOB FUNCTIONS OR RESPONSIBILITIES:

60% Serve as the an interface with USG technical and research customers to understand, capture, and translate USG problems to the research community and other SEI staff focused on developing meaningful research problems, conducting research, and developing solutions. Lead, conduct, and facilitate exploration and innovation sessions and workshops to elicit clear definition of USG challenges and concepts. Craft and conduct research in partnership with USG customers, academic partners, SEI staff, and industry collaborators were appropriate.

15%  Serve as a principal advocate for the research portion of the SEI Emerging Technology Center. Formulate and evolve the research strategy and work with Center management to implement that strategy. Assist with formation and growth of the research team and recruiting appropriate talent.

15%  Serve as liaison to internal CMU/SEI functions and programs in active and potential areas of research. Builds external relationships to foster research collaborations. Represents the Center to the S&T community by participation in S&T community events and forums. Work with Center management to identify critical research areas and research opportunities that support the needs of Center’s current and future customers.

10%  Mentor internal solutions architects and software developers; communicate the design of solutions to internal stakeholders; and provide technical guidance on integration and design to external stakeholders.

100% TOTAL EFFORT

ORGANIZATIONAL CHART:  SEI Emerging Technology Center Director < Senior Research Scientist

Position Summary: This position provides the management and leadership to build organic academic quality research capabilities in the science of cyber security in the CERT Program. This position will manage staff who focus on developing and applying the science of cyber security for government sponsors with research missions in the area of cyber security (E.g, DARPA, IARPA, NSA, NSF, ASD(R&E), AFRL, AFOSR, etc.).  This position will support the Chief Scientist and the CERT Director’s office to develop business, manage strategy, resources and priorities, and interact with the SEI’s sponsor and CERT’s strategic customers.  This position will provide backup and support for the Chief Scientist’s roles for engaging stakeholders, the research community and customers on research and research policy issues.

Minimum Qualifications and Requirements:

Education/Training: MS degree in a technical field such as computer science, information technology, electrical engineering, or equivalent combination of training or experience with eight (8) years applicable experience.

Experience: Fifteen plus years of progressively responsible experience in a technology- or research- based organization in higher education, industry or the government. At least 10 years’ experience with cyber security software development projects including hands-on development, development team leadership & project management. Demonstrated management experience with responsibility for projects, people, budgets & contracts.

Skills/Abilities: Mastery and broad understanding of computer systems, computer security practices and information security evaluation methods as well as broad understanding of organizational goals, management, etc.; ability to manage diverse areas and large, complex projects; ability to influence, work with and manage technical staff; able to respond quickly and effectively to changing priorities; excellent analytical, organizational, supervisory, reasoning and problem solving skills; ability to interact effectively with diverse constituencies internally and externally; ability to interface directly with executives and other senior representatives of the Federal Government and the private sector; excellent verbal and written communication skills; computer literacy; knowledge of CMU and SEI policies and procedures.

Mobility:  Normally sedentary with some mobility; ie., Ability to travel to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings with some frequency; Ability to travel frequently and to adjust to a work schedule that requires weekend and evening hours.

Environmental Conditions:  Work is performed in an office setting.  Close contact with computer for long periods of time.

Mental: Ability to meet inflexible deadlines, remain calm during difficult situations, work under pressure and work with frequent interruptions.

Other:  Candidate must pass a background investigation, be eligible to obtain a United States DoD Top Secret Clearance, and be a U.S. citizen.

Preferred Qualifications and Requirements:

Education/Training:  PhD in a technical field such as computer science, information technology, electrical engineering, or equivalent combination of training or experience with five (5) years of applicable experience.

Experience:  Management experience in higher education, government, military, and/or Fortune 100 technology-based organizations is preferred.  Post-PhD experience in personally performing and publishing academic quality research.

Skills/Abilities: Ability to create and sustain academic, industrial and international research collaborations.

       
Accountability: Manage the direct reports in the SOCS area of work and the funding/budgeting required to support the direct reports.Supports the CERT Chief Scientist in defining a strategic vision for the CERT’s research plan and articulates this vision to CERT, the SEI, and their constituents.    

Direction: Performs under minimal supervision; all normal duties and responsibilities are handled independently.  Functions within broad precedents and policies as defined by the SEI, Carnegie Mellon and the NSS director. Works with the Chief Scientist and SEI/CMU staff to address impediments.

Decisions: Makes all non-strategic decisions for SOCS work, staff, and resources.  Works with the Chief Scientist for strategic planning and business development in SOCS.

Supervisory Responsibilities: Determines overall staffing needs for areas of responsibility and manages the supervision of both MTS, professional and support staff, including hiring and training new staff employees; conducts performance appraisals; approves recommendations for salary increases and promotions.  Coaches, develop and motivates peers and subordinates.

JOB FUNCTIONS OR RESPONSIBILITIES:

50% Develop and manage the staff, resources, customers, subcontractors and collaborators to build a stable and sustainable cyber security research group of 10-20 staff or more.

25% Develop and grow new research funding sources with customers who have a mission in cyber security research.

15% Support CERT's Director’s office and the Chief Scientist in their roles to develop, manage and communicate CERT’s research activities to the SEI’s sponsor, customers, stakeholders and staff.

10% Pursue research and technical work and collaborations, internal and external, in cyber security or an area highly relevant to cyber security, such as software engineering, human factors, data analytics, etc.

100% TOTAL EFFORT

ORGANIZATIONAL CHART: CERT Director < CERT Chief Scientist < Research Manager of Science of Cyber Security

Position Summary: The CERT Program is part of the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Program engages in cutting-edge research and development, with an emphasis on and developing and transitioning disciplined approaches for improving networked systems security throughout DoD, federal civilian agencies, and private sector organizations.  The individual in this position will work as a team member, and be able to lead when appropriate, projects within the Cyber Security Engineering (CSE) team within the Secure Software and Systems Directorate. The CSE team addresses research needed to prepare acquirers, managers, developers, and operators of large-scale, complex networked systems to address security and survivability throughout the entire software development and acquisition life cycles. The CSE team members conduct foundational research and produce research documents that support the development of assessments, diagnostics, analysis techniques, and educational curriculum for engineering secure networked systems. CSE team members are domain experts in practices for acquiring, developing, deploying, and sustaining secure networked systems, and team capabilities include security risk analysis and modeling; security requirements engineering; development of security metrics and assessment methodologies; addressing security issues from a holistic perspective; and creation and delivery of training, courses, and workshops. The selected individual will support projects in the examination, analysis, documentation, training, and assessment of complex, networked systems. The individual will develop research papers, conference papers, technical notes, technical reports, and course materials as required to ensure that the body of work developed by the CSE team is documented and published in accordance with the mission of SEI. The individual may work as a member of collaborative project teams across SEI. This position may require close work with and leadership of teams that include customers from a variety of organizations, including government agencies, private sector organizations, and academia.

Minimum Qualifications and Requirements:

Education/Training: Ph.D degree in computer science, software engineering, information systems, or a related technical field and a minimum of five (5) years of experience in industry and academia preferred.
Will consider MS in computer science, software engineering, information systems, or a related technical field with eight (8) years’ experience or a BS in computer science, software engineering, information systems, or a related technical field with ten (10) years’ experience in industry and academia.

Experience: Experience as a software engineer, security analyst, security risk analyst, or similarly technical occupation; understanding of information technology systems; experience developing and documenting assessment methodologies; working knowledge of networked systems security and security/survivability issues; ability to conduct analytical studies and investigations; knowledge of and experience with engineering and best practices for software security; experience with security issues across the acquisition and development life cycles.

Skills/Abilities: Effective written and oral communication skills; demonstrated ability to prepare papers and presentations for technical and non-technical audiences; reasoning and problem-solving skills; ability to work independently with limited supervision; ability to recognize and deal appropriately with confidential and sensitive information; participate in conferences and meetings; contribute to customer presentations and technology transfer activities; strong interest in security analysis research and development; ability to create instructional materials and conduct training; ability and interest in addressing security issues in a holistic manner, addressing both organizational and technical policies and practices; as well as behavioral and organizational issues; ability to meet deadlines while working on multiple tasks - sometimes under pressure and with shifting priorities; ability to deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff.

Mobility: Normally sedentary with some mobility; i.e., ability to travel to other locations on and off campus. May require transporting equipment such as a laptop and some bending, stretching, pushing, as well as lifting up to several reams of paper, etc.

Environmental Conditions: Work is performed in an office setting. Close contact with CRT for long periods of time.

Mental: Ability to meet inflexible deadlines, remains calm during difficult situations, work under pressure, juggle competing priorities, and work with frequent interruptions.

Other: Candidate must have the ability to pass a background investigation, obtain a Top Secret security clearance, and be a US citizen.

Preferred Qualifications and Requirements:

Experience: Experience working in or with DoD, federal civilian agencies, and private sector organizations; experience with security and survivability across the acquisition and development life cycles; experience in auditing or conducting assessments; experience working in a team environment on collaborative projects involving software security; experience employing software engineering techniques in acquiring, developing, deploying, and sustaining distributed, secure software; working knowledge of network security/survivability; knowledge of and experience with sound software engineering practices and best practices for software security; working knowledge of modeling techniques, applications, and tools; experience in developing and publishing technical research journals, papers, notes, and reports, particularly in a peer-reviewed environment; project management experience.

Skills/Abilities: Leadership and mentoring skills.

Accountability: This position is accountable to the CSE Technical Manager for research quality, work content, quality, and schedule. May have responsibility for coordination of one or more charge strings to ensure completion of deliverables within a budgeted effort allocation. The assigned effort for each charge string can be up to $500K.

Direction: This position will get directions and work tasks from team manager. Expected to act independently but keep supervision informed of actions and options. Functions within broad precedents and policies as defined by the SEI, Carnegie Mellon, the NSS director, and administered by the SSS technical director and the CSE Technical Manager.

Decisions: Project planning, development of research and analysis strategies, and risk management customer funded engagements.  Design and implementation of research projects and technology that demonstrate innovative approaches to information security

Supervisory Responsibilities: May lead project teams and allocate work assignments.

JOB FUNCTIONS OR RESPONSIBILITIES:

30% Research and development of analysis tools and techniques to support the developer and acquirer throughout the systems engineering life cycle.

30% Examination, analysis, documentation, training, and assessment of complex, networked systems.

25% Directly support customer work in developing and implementing best practices and applying newly researched analysis tools and techniques relevant to that customer organization.

15% Develop research papers, conference papers, journal articles, technical notes, and technical reports as required to ensure that the body of work developed by the CSE team is documented and published.

100% TOTAL EFFORT

ORGANIZATIONAL CHART: CERT Director < CERT Deputy Director < CERT Chief Scientist < Technical Director, Secure Software and Systems < Software Security Engineer
 

Position Summary:  The mission of the SEI is to improve the practice of software engineering worldwide. One of the focus areas of the Software Solutions Division (SSD) is creating architecture-centric theories and practices that increase development efficiency and effectiveness on large-scale software and systems engineering projects. Examples of SEI architecture research include work in architecture evaluation, documenting and modeling architectures, identifying architecturally significant requirements, quality attribute analysis, and architecting in iterative environments.  The successful candidate will join the Architecture Practices team and will contribute to its architecture-centric research agenda. The team builds on established research and experience to create and extend architecture-centric theories and practices that organizations use to produce systems that meet their business and mission goals. Individual responsibilities include: contributing to ongoing architecture research efforts and new research directions, validating ideas in customer settings, and publishing results as part of the defined technical work plan.


Minimum Qualifications and Requirements:

Education/Training: MS degree in software engineering, computer science, or information systems or an equivalent combination of training and experience.

Experience: Five (5) years of experience in architecture research and/or practice working on large systems, systems of systems, or enterprise architectures.

Skills/Abilities: Broad knowledge of architecture research and its application to real world systems. A record of successfully contributing to the definition, proposal, and execution of research agendas. Publishes and presents in high-quality, peer-reviewed venues. Knowledge of modern development processes, languages, and platforms. Effective written and oral communication skills.

Physical Mobility: The ability and willingness to travel is required.

Environmental Conditions: Usual office setting, including extended work at a computer screen.

Mental: Ability to meet deadlines and function productively as a team member.

Other:  US citizenship required; successful candidate must be able to pass background investigation for a DoD secret clearance.


Preferred Qualifications and Requirements:

Education/Training:  PhD with two (2) years’ experience in software engineering, computer science, or information systems or an equivalent combination of training and experience.

Skills/Abilities:  Skills/abilities as listed above, plus: knowledge of the architectural implications of emerging technologies (for example, cloud computing, big data and analytics, and social software), an understanding of DoD challenges and stakeholders, experience working on distributed research and/or development teams, and working knowledge of SEI architecture research and methods.


Accountability: Estimation and tracking of time for technical tasks.


Direction:  Expected to act independently, with little day-to-day guidance. Expected to also work collaboratively in teams with minimal needed outside facilitation.


Decisions:  Determine architecture-centric solution techniques for practical system development problems.  Determine and recommend appropriate technology to use at a customer site in order to solve specific problems. Determine appropriate technical content for published report.

Supervisory Responsibilities:  Direct support activities to enable technical work. May direct the activities of work study or graduate student. Lead or co-lead customer efforts or transition project teams.



JOB FUNCTIONS OR RESPONSIBILITIES:

10%    Defining and developing research strategies and projects.
        
40%    Leading research teams and/or conducting planned research projects.

20%    Working with collaborators and customers applying research outcomes.

20%    Author publication-quality technical reports and deliver presentations as part of the defined technical work plan.

10%    Participate in and lead technical activities in community settings (conferences, workshops, working groups).
100% TOTAL EFFORT


ORGANIZATIONAL CHART:  SSD Director > Architecture Practices manager > Architecture Researcher