Engineer IV, Cybersecurity
X-energy · Rockville, MD · 2 wk ago
Information Technology$180k–$205k/yrFull-time
About the role
X-energy LLC conducts a thorough recruiting process and will never issue offers without interview to discuss qualifications and responsibilities. All applications will be submitted via our company career page, www.x-energy.com/careers/. We will never ask you to provide payment information as part of the recruiting process. If anyone claiming to represent X-energy directs you in a manner otherwise, please contact us at www.x-energy.com/contact-us.
Responsibilities
- Develop, implement, and maintain key cybersecurity technologies across both X-energy corporate and TRISO fuel facility operations, including Endpoint Detection and Response (EDR), Network Detection and Response (NDR), Security Information and Event Management (SIEM), and Security Orchestration, Automation, and Response (SOAR).
- Serve as a critical bridge between corporate IT infrastructure and the TRISO fuel facility, conducting software evaluations, performing architecture reviews, and identifying and addressing cybersecurity gaps between the two environments.
- Lead structured threat modeling and cyber evaluation activities.
- Apply established methodologies such as STRIDE to identify, categorize, and prioritize threats across systems, data flows, and trust boundaries spanning the corporate and TRISO fuel facility environments.
- Facilitate threat modeling sessions during architecture reviews and software evaluations, translate identified threats into actionable mitigations, and reassess threat models as architectures evolve to ensure security gaps between environments are documented, tracked, and remediated.
- Conduct proactive threat hunts, monitor endpoint and network data, collect and analyze digital forensic artifacts including malware, coordinate with the Xe infrastructure team, and meet with technology vendors to evaluate solutions that support enterprise-wide security objectives.
Qualifications
- High school diploma required.
- Basic understanding of EDR, NDR, SIEM, and SOAR technologies.
- Ability to obtain and maintain a SECRET clearance or higher (U.S. citizenship required).
- Ten years of experience in a cybersecurity, network security, or related role required.
- Certified Information Systems Security Professional (CISSP).
- Direct knowledge and experience managing cybersecurity tools such as NDR, EDR, and SIEM.
- Experience with Splunk.
- Experience with Identity & Access Management technologies including Federation, Multi-Factor Authentication (MFA), and Public Key Infrastructure (PKI).
- Experience with cloud technologies to include AWS, Azure, Docker, Kubernetes, and DevSecOps.
- Experience with integration of cybersecurity tools to support an Enterprise level Cybersecurity program.
- Experience leveraging Artificial Intelligence (AI), Machine Learning (ML), and Orchestration to secure the environment.
Preferred Qualifications
- Experience working in the nuclear industry or familiarity with nuclear facility operations and regulatory requirements.
- Demonstrated networking background with hands-on experience in network architecture, protocols, and security.
- Experience conducting software evaluations and technology assessments to support organizational security objectives.
- Exposure to DevSecOps practices, tools, and methodologies.
- Experience with cloud platforms, specifically Amazon Web Services (AWS) and Microsoft Azure.
- Hands-on experience with threat modeling methodologies (STRIDE or similar frameworks) and a repeatable cyber evaluation process.
- Experience bridging cybersecurity programs across multiple operational environments (e.g., corporate IT and operational technology/facility systems).
- Proven ability to coordinate with cross-functional infrastructure teams and engage with external vendors.
- Strong written and verbal communication skills with the ability to prepare technical reports and recommendations for both technical and non-technical audiences.