Secure Computing Engineer (Level 1,2,3) - HAC - Open Rank

Overview:

The Georgia Tech Research Institute (GTRI) is the nonprofit, applied research division of the Georgia Institute of Technology (Georgia Tech).Founded in 1934 as the Engineering Experiment Station, GTRI has grown to more than 2,900 employees, supporting eight laboratories in over 20 locations around the country and performing more than $940 million of problem-solving research annually for government and industry.GTRI's renowned researchers combine science, engineering, economics, policy, and technical expertise to solve complex problems for the U.S. federal government, state, and industry.

Georgia Tech's Mission and Values

Georgia Tech's mission is to develop leaders who advance technology and improve the human condition. The Institute has nine key values that are foundational to everything we do:

1. Students are our top priority.
2. We strive for excellence.
3. We thrive on diversity.
4. We celebrate collaboration.
5. We champion innovation.
6. We safeguard freedom of inquiry and expression.
7. We nurture the wellbeing of our community.
8. We act ethically.
9. We are responsible stewards.

Over the next decade, Georgia Tech will become an example of inclusive innovation, a leading technological research university of unmatched scale, relentlessly committed to serving the public good; breaking new ground in addressing the biggest local, national, and global challenges and opportunities of our time; making technology broadly accessible; and developing exceptional, principled leaders from all backgrounds ready to produce novel ideas and create solutions with real human impact.

Location

Smyrna, GA (Metro Atlanta)

Project/Unit Description

The Secure Computing Engineer will take a leadership role in addressing enterprise-level IT and cybersecurity solutions. Responsibilities include: conducting IT risk analyses and assessments, interpreting and implementing cybersecurity standards for classified IT systems and operations, and ensuring cybersecurity requirements are properly defined and enforced. The role also involves hardening systems, analyzing vulnerabilities, and conducting thorough testing and evaluation of changes to ensure they do not adversely affect the organization's risk posture.

The ideal candidate is highly motivated, proactive, and able to operate with minimal supervision. We are seeking a quick learner who demonstrates a strong work ethic and the ability to work independently. Candidates should excel at extracting requirements from meetings, identifying implied tasks, and prioritizing projects to deliver maximum organizational benefit. Key skills include exceptional organization, time management, attention to detail, thoroughness, and independent decision-making.

Job Purpose

The purpose of this job is to architect, design, implement, and maintain classified computer systems/networks and cyber security solutions for classified networks including government enclaves. This includes identifying and defining new cybersecurity objectives and controls as well as developing and maintaining automated security validation toolsets. Conducts system, network or software risk assessments. Performs vulnerability analysis of open source software.

Integrates new architectural features into existing infrastructures, create cybersecurity architectural artifacts, provides architectural analysis of cybersecurity features and relates existing system to future needs and trends, leverages advanced forensic tools and techniques for Incident response, provides engineering recommendations, and resolves integration and testing issues.

Serve in consultative role, on GTRI systems and projects. Defining cybersecurity controls for different systems and networks. Uses defined threats of what the controls are trying to mitigate or that an analyst in a SOC would monitor for, responding to alerts with the system or networks. Interact, advise, and counsel on a regular basis with internal staff as well as project directors and other internal/external stakeholders.

Ensures cybersecurity needs established and maintained for operations, security requirements definition, security risk assessment, information systems analysis, information systems design, certification and accreditation, information systems hardening, configuration and maintenance of other security boundary devices (IDS/IPS, Firewalls, perimeter routing) and vulnerability scanning, incident response, disaster recovery, and operations continuity planning and provides analytical support for security policy development and analysis.

Engineers, implements, and maintains Information Technology Infrastructure and associated cybersecurity controls. Including but not limited to supporting and maintaining virtual infrastructure, servers, workstations, storage fabrics, heterogeneous operating systems, and networking infrastructure. Maintaining backups and managing disaster recovery and business continuity plans is a core function of this role as well, along with performing routine maintenance, upgrades, and deploying new classified information systems to enhance the capabilities of GTRI.

Key Responsibilities

• System Architecture design (compute, hardware/virtual, OS, storage, networking, security).
• Translate researcher IT needs into robust and scalable IT Solutions/Infrastructure.
• Contributor to the development of Continuous Integration and Continuous Development (CICD) processes using DevOps and DevSecOps principles.
• Cross Domain Data Exchange and Systems Integration Implementer of Infrastructure as Code.
• Virtual machine management.
• Deploy security control configuration to systems using configuration management tools.

Additional Responsibilities

• Validate security control configurations on systems to ensure compliance with standards such as STIGs, CMMC, and other applicable cybersecurity requirements.
• Actively collaborate with customers and external teams to derive actionable tasks from detailed requirements.
• Assign and delegate tasks to team members based on identified requirements and project needs.
• Conduct thorough reviews of software and merge request code to ensure quality and functionality.
• Serve as the primary gatekeeper for approving and managing Infrastructure as Code (IaC) merge requests.
• Ensure all software complies with established coding standards, best practices, and security requirements.
• Performs other duties as assigned in support of organizational goals.

Required Minimum Qualifications

• Exceptional oral and written communication skills.
• Strong customer service skills with a professional, solution-oriented approach.
• Demonstrated expertise in troubleshooting and problem-solving technical issues.
• Proficiency in Microsoft Windows operating systems and infrastructure technologies, including Active Directory, DHCP, DNS, Group Policy, Hyper-V, WDS, and WSUS.
• Experience with account management and a working knowledge of LAN and WAN network environments.
• Ability to maintain and utilize the SCD Hyper-V Test Environment, including patching, configuration management, and software evaluation.
• Ability to secure operating systems and applications according to STIG compliance standards.
• Experience working in mixed operating system environments, with a working knowledge of networking and Linux systems.
• Eligibility and ability to work within an accredited DoD closed area.
• Willingness to learn and manage security tools, including but not limited to:
  
  
  
  • McAfee ePO
  • McAfee ENS
  • ACAS/Nessus
  • SCAP Compliance Checker
  • Splunk
  • STIG Viewer
  • Other related security platforms
  
  
  
  
• Ability to interpret ACAS/Nessus scan results and remediate identified vulnerabilities.
• Experience in configuring and troubleshooting security infrastructure, including operating systems, applications, and devices.
• Ability to obtain DoD-required certifications as per organizational needs.
• Willingness to pursue professional development opportunities, such as a Master's degree or advanced certifications.

Preferred Qualifications

• Active Secret Clearance
• Active participation in professional organizations and development.
• Experience with:
  
  
  
  • PowerShell scripting
  • Securing Red Hat systems
  • DoD encryption
  • Deploying and Managing Cisco equipment
  
  
  
  

Travel Requirements

<10% travel

Education and Length of Experience

Levels 1, 2, 3

This position vacancy is an open-rank announcement. The final job offer will be dependent on candidate qualifications in alignment with Research Faculty Extension Professional ranks as outlined in section 3.2.1 of the Georgia Tech Faculty Handbook

• 0 years of related experience with a Bachelor's degree in Cloud Computing, Data Science, Information Security, Information Technology, Information Systems, Management Information Systems, CyberSecurity, Computer Science, Computer Engineering, Software Engineering, or related field.

Please refer to our Research Faculty Technical Level Guidelines for minimum requirements at the higher levels.

U.S. Citizenship Requirements

Due to our research contracts with the U.S. federal government, candidates for this position must be U.S. Citizens.

Clearance Type Required

Candidates must be able to obtain and maintain an active security clearance.

Benefits at GTRI

Comprehensive information on currently offered GTRI benefits, including Health & Welfare, Retirement Plans, Tuition Reimbursement, Time Off, and Professional Development, can be found through this link: https://benefits.hr.gatech.edu/.

Equal Employment Opportunity

The Georgia Institute of Technology (Georgia Tech) is an Equal Employment Opportunity Employer. The Institute is committed to maintaining a fair and respectful environment for all. To that end, and in accordance with federal and state law, Board of Regents policy, and Institute policy, Georgia Tech provides equal opportunity to all faculty, staff, students, and all other members of the Georgia Tech community, including applicants for admission and/or employment, contractors, volunteers, and participants in institutional programs, activities, or services. Georgia Tech complies with all applicable laws and regulations governing equal opportunity in the workplace and in educational activities.

Equal opportunity and decisions based on merit are fundamental values of the University System of Georgia ("USG") and Georgia Tech. Georgia Tech prohibits discrimination, including discriminatory harassment, on the basis of an individual's race, ethnicity, ancestry, color, religion, sex (including pregnancy), national origin, age, disability, genetics, or veteran status in its programs, activities, employment, and admissions. Further, Georgia Tech prohibits citizenship status, immigration status, and national origin discrimination in hiring, firing, and recruitment, except where such restrictions are required in order to comply with law, regulation, executive order, or Attorney General directive, or where they are required by Federal, State, or local government contract.

USG Core Values Statement

The University System of Georgia is comprised of our 26 institutions of higher education and learning as well as the System Office. Our USG Statement of Core Values are Integrity, Excellence, Accountability, and Respect. These values serve as the foundation for all that we do as an organization, and each USG community member is responsible for demonstrating and upholding these standards. More details on the USG Statement of Core Values and Code of Conduct are available in USG Board Policy 8.2.18.1.2 and can be found on-line at https://www.usg.edu/policymanual/section8/C224/#p8.2.18_personnel_conduct.

Additionally, USG supports Freedom of Expression as stated in Board Policy 6.5 Freedom of Expression and Academic Freedom found on-line at https://www.usg.edu/policymanual/section6/C2653.