The Cybersecurity Threat Analysis Group (CTAG) within the National Laboratory of the Rockies (NLR) Cybersecurity Research Center performs research to make cybersecurity an enabling part of the nation’s energy ecosystem. This is primarily accomplished through engaging with energy sector partners, government program offices, and national security organizations. Research areas within CTAG includes energy system modeling and simulation, threat to consequence risk analysis, and hardware & software supply chain security. CTAG is seeking an experienced senior electric grid cybersecurity research professional to lead our Energy Threat Analysis Center (ETAC) portfolio of work. The ETAC is an operational collaborative that convenes experts from the U.S. Department of Energy and the U.S. energy sector to collectively identify, analyze, and mitigate cyber threats to America’s critical energy infrastructure.
Requirements
- Advanced proficiency in Python, PowerShell, C/C++, or other languages, enabling automation, data-driven analysis, and modeling integration across projects
- Expert-level knowledge of ICS, OT, and energy sector systems, including protocols, architectures, and security considerations
- Knowledge of and demonstrated experience in power systems engineering principles and practices
- Demonstrated experience in adversarial cybersecurity practices (e.g., red teaming, reverse engineering, threat hunting)
- Demonstrated experience with threat hunting or detection engineering
- Experience deploying and configuring operational technology system components (e.g., SCADA RTUs, PLCs, and HMI)
- Familiarity with applicable security frameworks, best practices and guidance as provided by IEC62443, NERC CIP, NIST and IEEE
Responsibilities
- Provide technical leadership supporting multi-partner programs, coordinating with program office leadership, tasking and mentoring staff in support of program objectives
- Lead adversarial research initiatives targeting energy sector systems, including threat emulation, cyber range experimentation, and model-based simulation, defining experimental objectives and strategies
- Independently design, execute, and evaluate complex adversary–defender studies, including multi-stage attack-chain modeling, vulnerability exploration, and defense validation, ensuring reproducible and rigorous research outcomes
- Proven leadership in offensive cybersecurity research and program management, including planning and executing complex experiments with strategic impact
- Advanced proficiency in Python, PowerShell, C/C++, or other languages, enabling automation, data-driven analysis, and modeling integration across projects
- Expert-level knowledge of ICS, OT, and energy sector systems, including protocols, architectures, and security considerations
- Writing high-quality intelligence assessments and briefings for both senior-level and technical audiences
Other
- Must be able to obtain and maintain a DOE security clearance at the Q/TS/SCI level.
- Excellent leadership, communication, problem solving and project management skills
- Strong writing and public speaking skills demonstrated through proposals, presentations, business development and/or customer engagement
- Applies advanced scientific technical principles, theories and concepts.
- Contributes to the development of new principles and concepts.
