Information Cybersecurity Engineer (Mid to Senior Level) - ICD - Open Rank

Overview:

The Georgia Tech Research Institute (GTRI) is the nonprofit, applied research division of the Georgia Institute of Technology (Georgia Tech).Founded in 1934 as the Engineering Experiment Station, GTRI has grown to more than 2,900 employees, supporting eight laboratories in over 20 locations around the country and performing more than $940 million of problem-solving research annually for government and industry.GTRI's renowned researchers combine science, engineering, economics, policy, and technical expertise to solve complex problems for the U.S. federal government, state, and industry.

Georgia Tech's Mission and Values

Georgia Tech's mission is to develop leaders who advance technology and improve the human condition. The Institute has nine key values that are foundational to everything we do:

1. Students are our top priority.
2. We strive for excellence.
3. We thrive on diversity.
4. We celebrate collaboration.
5. We champion innovation.
6. We safeguard freedom of inquiry and expression.
7. We nurture the wellbeing of our community.
8. We act ethically.
9. We are responsible stewards.

Over the next decade, Georgia Tech will become an example of inclusive innovation, a leading technological research university of unmatched scale, relentlessly committed to serving the public good; breaking new ground in addressing the biggest local, national, and global challenges and opportunities of our time; making technology broadly accessible; and developing exceptional, principled leaders from all backgrounds ready to produce novel ideas and create solutions with real human impact.

Project/Unit Description

The Information and Cybersecurity Department (ICD) provides enterprise cybersecurity services in protection of GTRI's unclassified information assets (data, systems, and networks). ICD consists of two components: The Governance, Risk, and Compliance (GRC) Team and the Information Security Operations Center (ISOC). The GRC Team provides services in cybersecurity policy, risk management, data governance, privacy, awareness and training, and ensuring compliance with Federal, state, and local cybersecurity requirements. The ISOC provides technical cybersecurity expertise via services in continuous monitoring, incident response, and vulnerability management.

ICD's mission is to safeguard the integrity, confidentiality, and availability of GTRI's data and information systems. We are committed to building a resilient security culture that empowers our teams to innovate while proactively mitigating risk. Through strategic leadership, continuous education, and collaboration with stakeholders.

Job Purpose

Requires extensive knowledge of computer operating systems, networks, log analysis and security tools.

Applies engineering principles to cybersecurity challenges.

Necessary skill areas: fundamentals of computer science, information analysis, testing software, log analysis, event correlation, anomaly detection, and behavioral analysis.

Defining cybersecurity controls for different systems and networks.

Creates novel cyber security technology components to ensure that critical systems/information are resilient to cyber exploits and attacks.

Performs attendant vulnerability assessments, analysis, and software engineering and design.

Ensures cybersecurity needs established and maintained for operations, security requirements definition, security risk assessment, information systems analysis, information systems design, information systems hardening, configuration and maintenance of other security boundary devices (IDS/IPS, Firewalls, perimeter routing) and vulnerability scanning, incident response, disaster recovery, and operations continuity planning and provides analytical support for security policy development and analysis.

Engineers, implements, and maintains Information Technology Infrastructure and associated cybersecurity controls.

Areas of responsibility include but are not limited to information security operations, cyber risk & intelligence, data loss & fraud protection, regulatory compliance, policy management and audits & assessment.

Key Responsibilities

• Assist with information technology risk assessments for systems, software, or configurations.
• Helps with the validation security control configuration on systems, ensure all systems are configured to necessary controls, such as NIST, DFARS 252.204-7012, CMMC, and other similar requirements.
• Actively collaborates with customers and external teams, derives tasks from detailed requirements.
• Design and interpret security requirements and practices to meet enterprise accreditation goals.
• Provide leadership to lower-level cybersecurity and IT professionals across the enterprise.
• Approve modification to critical information systems and directs implementation of configuration changes.

Additional Responsibilities

• Conducting in-depth, proactive searches across GTRI's networks and systems to uncover hidden or advanced threats that have evaded traditional security measures.
• Developing and refining threat hunting methodologies, playbooks, and hypotheses based on threat intelligence and observed patterns.
• Analyzing large datasets from various security tools (SIEM, EDR, network traffic analysis) to identify anomalies and indicators of compromise (IOCs).
• Leveraging threat intelligence platforms and open-source intelligence (OSINT) to stay abreast of emerging threats and attacker tactics, techniques, and procedures (TTPs).
• Performing deep-dive analysis of suspicious activities, potentially involving malware analysis, reverse engineering, and forensic investigations.
• Evaluating and recommending new security technologies to enhance threat hunting capabilities.
• Collaborating with incident response, security engineering, and other security teams to share findings and improve overall security posture.
• Communicating complex technical findings to both technical and non-technical audiences in a clear and concise manner.
• Mentoring and training junior threat hunters.

Required Minimum Qualifications

• Candidates currently enrolled in an accredited degree program relevant to this position will be considered. The candidate must have a graduation date of no later than December 2025.
• Extensive knowledge of current and emerging threats, attacker TTPs, and malware analysis.
• Ability to analyze large datasets, identify patterns, and draw meaningful conclusions.
• Expertise in using security tools (SIEM, EDR, network analysis), scripting languages (Python, PowerShell), and operating systems.
• Understanding of threat intelligence platforms and OSINT techniques.
• Strong communication skills and ability to work effectively with other teams.
• Ability to obtain a secret security clearance.
• One or more intermediate cybersecurity certifications such as: Certified Ethical Hacker (CEH), PenTest+, GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Incident Handler (GCIH) or equivalent.

Preferred Qualifications

• Active Secret Clearance.
• Master's degree in a related field.
• 6 years of experience in Splunk/SIEM administration.
• Mastery of SIEM platforms (e.g., Splunk, Elastic Security) for advanced log analysis and correlation.
• Extensive experience with EDR solutions (e.g., CrowdStrike Falcon, SentinelOne) for endpoint threat detection and response.
• Proficiency in network traffic analysis tools (e.g., Wireshark, Zeek) for identifying malicious network activity.
• Experience with forensic tools (e.g., Autopsy, Volatility) for in-depth investigations.

Travel Requirements

<10% travel

Education and Length of Experience

Levels 4, 5

This position vacancy is an open-rank announcement. The final job offer will be dependent on candidate qualifications in alignment with Research Faculty Extension Professional ranks as outlined in section 3.2.1 of the Georgia Tech Faculty Handbook

• 9 years of related experience with a Bachelor's degree in Computer Science, Cybersecurity, Information Security, Digital Forensics, Data Science/Analytics, or similar field.
• 7 years of related experience with a Masters' degree in Computer Science, Cybersecurity, Information Security, Digital Forensics, Data Science/Analytics, or similar field.
• 4 years of related experience with a Ph.D. in Computer Science, Cybersecurity, Information Security, Digital Forensics, Data Science/Analytics, or similar field.

U.S. Citizenship Requirements

Due to our research contracts with the U.S. federal government, candidates for this position must be U.S. Citizens.

Clearance Type Required

Candidates must be able to obtain and maintain an active security clearance.

Benefits at GTRI

Comprehensive information on currently offered GTRI benefits, including Health & Welfare, Retirement Plans, Tuition Reimbursement, Time Off, and Professional Development, can be found through this link: https://benefits.hr.gatech.edu/.

Equal Employment Opportunity

The Georgia Institute of Technology (Georgia Tech) is an Equal Employment Opportunity Employer. The University is committed to maintaining a fair and respectful environment for all. To that end, and in accordance with federal and state law, Board of Regents policy, and University policy, Georgia Tech provides equal opportunity to all faculty, staff, students, and all other members of the Georgia Tech community, including applicants for admission and/or employment, contractors, volunteers, and participants in institutional programs, activities, or services. Georgia Tech complies with all applicable laws and regulations governing equal opportunity in the workplace and in educational activities.

Georgia Tech prohibits discrimination, including discriminatory harassment, on the basis of race, ethnicity, ancestry, color, religion, sex (including pregnancy), sexual orientation, gender identity, gender expression, national origin, age, disability, genetics, or veteran status in its programs, activities, employment, and admissions. This prohibition applies to faculty, staff, students, and all other members of the Georgia Tech community, including affiliates, invitees, and guests. Further, Georgia Tech prohibits citizenship status, immigration status, and national origin discrimination in hiring, firing, and recruitment, except where such restrictions are required in order to comply with law, regulation, executive order, or Attorney General directive, or where they are required by Federal, State, or local government contract.

USG Core Values Statement

The University System of Georgia is comprised of our 26 institutions of higher education and learning as well as the System Office. Our USG Statement of Core Values are Integrity, Excellence, Accountability, and Respect. These values serve as the foundation for all that we do as an organization, and each USG community member is responsible for demonstrating and upholding these standards. More details on the USG Statement of Core Values and Code of Conduct are available in USG Board Policy 8.2.18.1.2 and can be found on-line at https://www.usg.edu/policymanual/section8/C224/#p8.2.18_personnel_conduct.

Additionally, USG supports Freedom of Expression as stated in Board Policy 6.5 Freedom of Expression and Academic Freedom found on-line at https://www.usg.edu/policymanual/section6/C2653.