BASIC QUALIFICATIONS:

• A BA/BS degree in computer science, information technology, engineering, or a related discipline and a minimum of 8 years of directly aligned cybersecurity experience.
• At least 3–5 years of experience managing teams in a cybersecurity or IT environment.
• At least 3–5 years of experience leading projects or initiatives from planning through execution.
• Hands-on experience managing and implementing vulnerability scanning tools (e.g., Nessus, Burp Suite, Nexpose, Nmap).
• At least 3-5 years of experience with Agile/Scrum task management tools (e.g., Jira, ServiceNow).
• Demonstrated ability to work effectively in a team environment, including mentoring staff and collaborating across groups.
• Ability to communicate and collaborate with both technical specialists and business stakeholders.
• Strong technical acumen in core cybersecurity areas, such as log analysis, network flows, and remediation activities.
• Ability to develop scripts or automation to enhance vulnerability management and reporting.
• Master’s and PhD degree holders in the same fields are also encouraged to apply who possess the following qualifications:
• MS degree plus a minimum of 7 years of relevant and aligned experience.
• PhD plus a minimum of 4 years of relevant and aligned experience.

PREFERRED QUALIFICATIONS:

• MS degree in computer science, IT, or a related field.
• 10+ years of relevant experience.
• Security industry certifications (e.g., GCIA, GCIH).
• Advanced understanding of Linux, Unix, Mac, and Windows operating systems.
• Experience with business strategy, process improvement, and operational metrics.
• Experience planning, developing, or integrating SOAR with SIEM.
• Familiarity with UEBA platforms.
• Experience collaborating with research organizations to develop or enhance cyber capabilities.
• Experience working in DOE facilities, other government entities, or large-scale research environments.
• Project management skills with ability to lead program implementation and proof-of-value efforts.

SPECIAL REQUIREMENTS:

• Q Clearance: This position requires the ability to obtain and maintain clearance from the Department of Energy. As such, this position is a Workplace Substance Abuse (WSAP) testing designated position. WSAP positions require passing a pre-placement drug test and participation in an ongoing random drug testing program.
• Visa sponsorship: Visa sponsorship is not available for this position.

SECURITY, CREDENTIALING, AND ELIGIBILITY REQUIREMENTS:

For employment at Oak Ridge National Laboratory (ORNL), a Real ID compliant form of identification will be required. Additionally, ORNL is subject to Department of Energy (DOE) access restrictions. All employees must also be able to obtain and maintain a federal Personal Identity Verification (PIV) card as mandated by Homeland Security Presidential Directive 12 (HSPD-12) and Department of Energy (DOE) Order 473.1A, which requires a favorable post-employment background investigation.
To obtain this credential, new employees must successfully complete and pass a Federal Tier 1 background check investigation. This investigation includes a declaration of illegal drug activities, including use, supply, possession, or manufacture within the last year. This includes marijuana and cannabis derivatives, which are still considered illegal under federal law, regardless of state laws.
For foreign national candidates:
If you have not resided in the U.S. for three consecutive years, you are not eligible for the PIV credential and instead will need to obtain a favorable Local Site Specific Only (LSSO) risk determination to maintain employment. Once you meet the three-year residency requirement, you will be required to obtain a PIV credential to maintain employment.

• Manage and mentor staff, ensuring they have the training and resources to perform effectively.
• Lead ORNL’s Vulnerability Management Team across on-prem and cloud environments.
• Provide technical advice to improve cybersecurity in operations and research.
• Manage and enhance the vulnerability scanning infrastructure and program.
• Oversee vulnerability scanning, reporting, remediation, and troubleshooting.
• Support cybersecurity activities regarding intrusions, malicious activity, protective actions, and remediation on ORNL systems.
• Design and manage web application scanning capabilities.
• Perform and oversee technical analysis including log review, network flow assessment, and automation to improve vulnerability management.
• Prepare assessments, dashboards, and reports with recommendations for leadership.
• Communicate technical concepts and incident information to ORNL and DOE staff.
• Deliver ORNL’s mission by aligning behaviors, priorities, and interactions with our core values of Impact, Integrity, Teamwork, Safety, and Service. Promote equal opportunity by fostering a respectful workplace.