Based in Southern California with locations in Malibu, Calabasas and Camarillo; HRL has been on the leading edge of technology, conducting pioneering research and advancing the state of the art.
This role will focus on the security related technologies that ensure our networks and systems are up to industry and HRL standards of information security. The Cybersecurity Engineer is responsible for the security of HRL’s computer systems and networks. This role administers security measures that effectively safeguard sensitive data in the event of a cyber-attack and provides training to employees on security best practices.
· Monitor security tools (SIEM
, vulnerability management, XDR) for potential incidents and setup preventative measures
· Manage Identity and Access Management (IdAM) platforms
· Conduct vulnerability and compliance scanning using existing tools
· Remain informed on trends and issues in the security industry, including current and emerging technologies, techniques, and procedures
· Monitor security systems for alerts, investigate alerts, and support policy/procedure and audit/assessment projects with review of technical information
· Generate reports from various tools to provide to management, as required
· Evaluate/analyze and monitor systems, applications, and processes for security and compliance issues, and work with our security consultants to advise on how to develop secure solutions or remediate risks
· Write technical requirements and document any security architectures
· Engage in technical problem solving across multiple technologies
· Complete data analysis to include forensics investigations and incident reviews
· Manage security technologies with a focus on security operations, incident response, forensics, vulnerability management, and insider threat
· Educate and train staff on information system security best practices
· Serve a the Subject Matter Expert (SME) for implemented security systems and solutions, maintaining documentation, and advising others on their underlying technologies and operation
· 3 to 5 years of work experience in Information Technology combined with at 2+ years in an information security role
· Understanding of enterprise information security and technologies and how these technologies relate to prevention, detection, and response of threats
· Experience in vulnerability assessment, control allocation, and risk mitigation
· Hands-on experience in network security (firewalls, VPN, proxies, Endpoint Detection and Response (EDR), web application firewalls, CASB) is desired
· Familiarity with web related technologies and of network/web related protocols
· Knowledge of networking (WAN, LAN, WLAN, etc.) and knowledge of system, database, and application security is desired
· Familiarity with enterprise security controls and security best practices for Windows, Linux, and Mac systems
· Familiarity with cloud security services, concepts, and best practices
· Familiarity with NIST 800-53, NIST 800-171, ISO 27001, or CMMC security control frameworks
· Understanding of the security principles, techniques, and protocols, including defense-in-depth, network segmentation, privileged access management, common application security flaws, and commonly known ports
· Hands-on experience with building, operating, or maintaining security tools such as SIEM, vulnerability assessment, privilege management, and endpoint security
· Capability to clearly communicate information security concepts and risks to a non-technical audience
· Solid organizational skills, including attention to detail
· Ability to work effectively with cross-functional teams
· Problem solving skills and ability to work under pressure
· Experience building automation between tools and systems
· Experience performing analytics against aggregated log data and building configurations to parse and handle log data from systems and tools
· High School diploma/GED with 4+ years of experience in a cybersecurity role OR
· Bachelor’s degree in information technology, information security, computer science, or a related field with 2+ years of experience in a cybersecurity role
· Security related certifications highly desired (e.g., Security+, CISSP)
While performing the duties of this job, the employee is occasionally required to stand, climb, stoop, kneel, crouch, or crawl. The employee must regularly lift and/or move up to 30 pounds.
This position is 100% on-site. Responsibilities sometimes require working evenings and weekends, and in some cases, with little to no advance notice.
This position requires that the applicant selected be a U.S. citizen and be able to obtain and maintain a security clearance.
The base salary range for this full-time position is $106,500 - $130,500 + bonus + benefits.
Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the target for new hire salaries for the position. Individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specifics during the hiring process. Please note that the compensation details listed reflect the base salary only, and do not include potential bonus or benefits.
Don’t meet every single requirement? Studies have shown that some people are less likely to apply to jobs unless they meet every single desired qualification. At HRL, we are dedicated to building a diverse, inclusive, and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.
HRL offers a very competitive compensation and benefits package. Our Regular/Full Time benefits include medical, dental, vision, life insurance, 401K match, gym facilities, PTO, growth potential, and an exciting and challenging work environment.
HRL Laboratories is an Equal Employment Opportunity employer and does not discriminate in recruiting, hiring, training or promoting, on the basis of race, ethnicity, color, creed, religion, sex, sexual orientation, gender, gender identity, genetic information, national origin, physical or mental disability, pregnancy, medical condition, age, U.S. military or protected veteran status, union membership, or political affiliation. We maintain a drug-free workplace and perform pre-employment substance abuse testing.
This position must meet Export Control compliance requirements, therefore a "U.S. Person" as defined by 22 C.F.R. § 120.15 is required. "U.S. Person" includes U.S. Citizen, lawful permanent resident, refugee, or asylee.