Senior Cybersecurity Researcher

Company DescriptionJoin us and make YOUR mark on the World!

Lawrence Livermore National Laboratory (LLNL) has turned bold ideas into world-changing impact advancing science and technology to strengthen U.S. security and promote global stability. Our mission spans four critical national security areas nuclear deterrence, threat preparedness, energy security, and multi-domain defense empowering teams to take on the toughest challenges of today and tomorrow. With a culture built on innovation and operational excellence, LLNL is a place where your expertise can make a real impact.

Job DescriptionWe have an opening for a Senior Cybersecurity Researcher to lead efforts to develop techniques and tools for red teaming and blue teaming in support of the defense of critical infrastructure systems and Federal networks. You will lead and support a range of highly complex security research projects, developing and deploying innovative methods to characterize and assess cyber-adversary behavior and to develop tools used to defend critical U.S. infrastructure and networks. Your expertise will drive the evolution of advanced cyber capabilities, threat analysis, and mitigation strategies for operational technology and industrial control systems. This position is programmatically in Global Security's Energy and Homeland Security (E) Program and administratively in the Global Security Computing Applications Division (GS-CAD) within the Computing Directorate.

This position will be filled at either level based on knowledge and related experience as assessed by the hiring team. Additional job responsibilities (outlined below) will be assigned if hired at the higher level.

You willGuide and support advanced cyber research projects leveraging creative and automated methods to identify and mitigate vulnerabilities and weaknesses in software, firmware, and operational technology systems.

Analyze and assess novel software, firmware, and malware to uncover weaknesses, malicious behavior, and potential attack vectors, creating repeatable workflows to support future red team and blue team engagements.

Conduct in-depth assessments of OT/ICS networks to identify weaknesses and vulnerabilities that could lead to physical system impacts.

Participate in the design and implementation of new tools and techniques for vulnerability assessment, penetration testing, and/or adversary emulation to advance the understanding and mitigation of threats to operational technology.

Identify emerging threats and opportunities for enhancing cyber defense and red team capabilities, helping shape the technical direction of LLNL's cybersecurity initiatives.

Collaborate in the development of technical requirements for red team and/or blue team operations at LLNL, including creating tools for adversary emulation and threat mitigation.

Engage with sponsors and stakeholders to develop new program growth opportunities, contribute to research proposals, and ensure alignment with mission objectives.

Drive and execute innovative ideas and approaches to meet sponsor and project needs in a rapidly evolving threat landscape.

Mentor and collaborate with team members, utilizing technical expertise to attract and retain projects, programs, and funding.

Perform other duties as assigned.

Additional job responsibilities, at the SES.4 level Direct technical tasks for a portfolio of highly complex technical tasks and projects that consistently require the application of creativity and innovation; set broad research/project vision and strategy and influence technical direction for Laboratory, self and/or others wielding extensive influence with senior management and policy makers.

Provide highly innovative solutions to abstract complex problems/ideas, convert into useable algorithms/software modules, and provide solutions that require in-depth analysis of multiple factors and the creative use of established methods.

Develop new ideas, modify approaches, and redefine requirements that significantly impact major Laboratory programs, set high-level goals, and contribute to the revolutionary advancement of knowledge.

QualificationsAbility to maintain a

U.S. DOE

Q-level security clearance which requires U.S. citizenship.

Bachelor's degree with significant focus in cybersecurity, computer science, information technology, computer engineering, or related technical field or the equivalent combination of education and related experience.

Significant experience leading program analysis of cyber-physical system security, OT network design and security, or intelligent adversary threat assessment and mitigation.

Advanced experience in one or more of the following areas: mixed-integer programming, branch-bound-and-cut algorithms, branch-and-price algorithms, strong (polynomial

• or exponential-sized) formulations and separation, parallel/distributed mathematical optimization techniques, electric energy systems operations and planning, or related relevant areas.

Significant experience communicating technical information across multi-disciplinary teams and to non-cyber experts, advising senior management, and applying interpersonal skills to collaborate effectively in a team environment.

Advanced knowledge of one of the following: deep reinforcement learning, neural networks, and/or large language models.

Advanced analytical, problem-solving, and decision-making skills to develop creative solutions to complex problems.

Ability to effectively manage concurrent technical tasks with competing priorities, along with the demonstrated ability to approach difficult problems with enthusiasm and creativity and to effectively change focus when necessary.

Advanced verbal and written communication skills necessary to effectively collaborate in a team environment and present and explain technical information to multi-disciplinary teams and non-cyber experts and advise senior management and/or external sponsors and proficient interpersonal skills.

Additional qualifications at the SES.4 level Expert level experience in one or more of the following areas: mixed-integer programming, branch-bound-and-cut algorithms, branch-and-price algorithms, strong (polynomial

• or exponential-sized) formulations and separation, parallel/distributed mathematical optimization techniques, electric energy systems operations and planning, optimization techniques or other relevant areas of mathematical optimization or electric systems.

Expert-level project leadership experience and ability to apply, lead and develop cutting-edge principles and research, working independently while effectively managing concurrent technical tasks with competing priorities.

Substantial experience creating technical direction and vision, writing research proposals, and securing sponsor funding.

Expert-level experience in and knowledge of at least one of the following subject areas: operational technology security, OT system threat hunting, and/or use of artificial intelligence for cybersecurity research.

Qualifications We DesireAdvanced degree with significant focus in cybersecurity, computer science, information technology, computer engineering, or a related technical field.

Knowledge of one or more of the following computer science disciplines: embedded systems, scientific data analysis, machine learning, systems programming, software engineering, formal verification methods, and high performance computing.

Experience with industrial control systems software and hardware.

Ability to secure sponsor funding through winning proposals and sponsor relationships.

Previous experience working Department of Energy, Department of Homeland Security, Department of Defense, a utility, manufacturing, or hardware/software company, or a cybersecurity firm.

Pay Range$175,530

• $267,060 Annually$175,530
• $222,564 Annually for the SES.3 level$210,630
• $267,060 Annually for the SES.

4 level This is the lowest to highest salary we in good faith believe we would pay for this role at the time of this posting; pay will not be below any applicable local minimum wage. An employee's position within the salary range will be based on several factors including, but not limited to, specific competencies, relevant education, qualifications, certifications, experience, skills, seniority, geographic location, performance, and business or organizational needs. Additional Information#LI-HybridPosition InformationThis is a Flexible Term appointment, which is for a definite period not to exceed six years. If final candidate is a Career Indefinite employee, Career Indefinite status may be maintained (should funding allow). Why Lawrence Livermore National Laboratory?

Included in 2026 Best Places to Work by Glassdoor!

Flexible Benefits Package401(k)Relocation AssistanceEducation Reimbursement ProgramFlexible schedules (

• depending on project needs)Our values
• visit https://www.

llnl.gov/inclusion/our-values Security ClearanceThis position requires a Department of Energy (DOE) Q-level clearance. If you are selected, we will initiate a Federal background investigation to determine if you meet eligibility requirements for access to classified information or matter. Also, all L or Q cleared employees are subject to random drug testing. Q-level clearance requires U.S. citizenship. Pre-Employment Drug TestExternal applicant(s) selected for this position must pass a post-offer, pre-employment drug test. This includes testing for use of marijuana as Federal Law applies to us as a Federal Contractor. Wireless and Medical DevicesPer the Department of Energy (DOE), Lawrence Livermore National Laboratory must meet certain restrictions with the use and/or possession of mobile devices in Limited Areas. Depending on your job duties, you may be required to work in a Limited Area where you are not permitted to have a personal and/or laboratory mobile device in your possession. This includes, but not limited to cell phones, tablets, fitness devices, wireless headphones, and other Bluetooth/wireless enabled devices. If you use a medical device, which pairs with a mobile device, you must still follow the rules concerning the mobile device in individual sections within Limited Areas. Sensitive Compartmented Information Facilities require separate approval. Hearing aids without wireless capabilities or wireless that has been disabled are allowed in Limited Areas, Secure Space and Transit/Buffer Space within buildings. How to identify fake job advertisementsPlease be aware of recruitment scams where people or entities are misusing the name of Lawrence Livermore National Laboratory (LLNL) to post fake job advertisements. LLNL never extends an offer without a personal interview and will never charge a fee for joining our company. All current job openings are displayed on the Career Page under "Find Your Job" of our website. If you have encountered a job posting or have been approached with a job offer that you suspect may be fraudulent, we strongly recommend you do not respond.

To learn more about recruitment scams: https://www.llnl.gov/sites/www/files/2023-05/LLNL-Job-Fraud-Statement-Updated-4.26.23.pdf Equal Employment OpportunityWe are an equal opportunity employer that is committed to providing all with a work environment free of discrimination and harassment. All qualified applicants will receive consideration for employment without regard to race, color, religion, marital status, national origin, ancestry, sex, sexual orientation, gender identity, disability, medical condition, pregnancy, protected veteran status, age, citizenship, or any other characteristic protected by applicable laws.

Reasonable AccommodationOur goal is to create an accessible and inclusive experience for all candidates applying and interviewing at the Laboratory. If you need a reasonable accommodation during the application or the recruiting process, please use our online form to submit a request. California Privacy NoticeThe California Consumer Privacy Act (CCPA) grants privacy rights to all California residents. The law also entitles job applicants, employees, and non-employee workers to be notified of what personal information LLNL collects and for what purpose. The Employee Privacy Notice can be accessed here.