Posting Title

Adversarial Cybersecurity Researcher

Location

CO - Golden

Position Type

Regular

Hours Per Week

Working at NREL

NREL is located at the foothills of the Rocky Mountains in Golden, Colorado is the nation's primary laboratory for energy systems research and development.

Join NREL, where world-class scientists, engineers, and experts are accelerating energy innovation through breakthrough research and systems integration. From our mission to our collaborative culture, NREL stands out in the research community for its commitment to an affordable and secure energy future. Spanning foundational science to applied systems engineering and analysis, we focus on solving complex challenges to deliver advanced, secure, reliable, and cost-effective energy solutions. Our work helps strengthen U.S. industries, support job creation, and promote national economic growth.

At NREL, you’ll find a mission-driven environment supported by state-of-the-art facilities, multidisciplinary research teams, and strong collaborations with industry, academia, and other national laboratories. We offer robust professional development opportunities, and a competitive benefits package designed to support your career and well-being.

Job Description

NREL is seeking a mid-career Adversarial Cyber Researcher to join its Cybersecurity Research Center (CRC). The CRC conducts applied research at the intersection of cybersecurity, energy systems, and national resilience—developing the tools, methods, and scientific foundations necessary to secure and sustain the nation’s evolving energy infrastructure.

CRC research spans threat actor modeling and simulation, operational technology (OT) risk analysis, adversarial experimentation, hardware and software assurance, supply chain integrity, and cyber-physical resilience testing. Working across NREL’s energy, grid, and systems integration missions, the CRC leverages unique laboratory assets—including the ARIES Cyber Range—to conduct large-scale, high-fidelity cybersecurity experiments and modeling.

We are seeking a technically strong and research-focused professional to contribute to cyber adversarial science, threat emulation, and defense experimentation. The successful candidate will possess a deep understanding of offensive and defensive cybersecurity methodologies, hands-on experience designing and conducting controlled adversarial experiments, and a demonstrated ability to translate experimental results into models, tools, and research insights that advance cyber-physical system resilience.

Key Research Responsibilities:

Researcher IV (Senior Researcher, Team/Project Leadership)

Lead adversarial research initiatives targeting energy sector systems, including threat emulation, cyber range experimentation, and model-based simulation, defining experimental objectives and strategies.
Independently design, execute, and evaluate complex adversary–defender studies, including multi-stage attack-chain modeling, vulnerability exploration, and defense validation, ensuring reproducible and rigorous research outcomes.
Lead development and validation of cybersecurity research tools, simulation frameworks, and automation scripts, ensuring integration with multiple projects and broader laboratory initiatives.
Extend and operationalize threat modeling methodologies (e.g., MITRE ATT&CK, ATT&CK for ICS) for large-scale experimental design and system-level defense evaluation.
Integrate research outcomes into system-level risk, resilience models, and quantitative performance metrics, influencing laboratory-wide strategies and priorities.
Conduct advanced adversarial analysis and vulnerability assessments of IT, OT, and hybrid energy systems, producing insights for architecture improvement and defense strategies.
Lead the preparation of research proposals, technical publications, and conference presentations, shaping research directions and laboratory reputation in the field.
Drive interdisciplinary collaboration across power systems, controls, and modeling teams, bridging cyber-physical domains and guiding project execution.
Support and expand NREL’s adversarial research infrastructure, including cyber ranges, digital twins, and experiment orchestration frameworks, through leadership and mentorship.
Mentor and guide junior and mid-level researchers, promoting professional development, fostering a positive research culture, and building laboratory-wide capability in adversarial modeling and defense research.

Researcher III

Conduct adversarial research on energy sector systems, including threat emulation, cyber range experimentation, and model-based simulation, with guidance from senior researchers.
Design, execute, and evaluate controlled adversary–defender studies, such as attack-chain modeling, vulnerability exploration, and defense validation experiments, contributing to reproducible research outputs.
Develop and validate cybersecurity research tools, simulation frameworks, and automation scripts to support quantitative analysis of cyber-physical dynamics.
Apply and extend threat modeling methodologies (e.g., MITRE ATT&CK, ATT&CK for ICS) to inform experimental design and system-level defense evaluation.
Integrate research outcomes into system-level risk and resilience models, simulation environments, and performance metrics, under supervision as needed.
Conduct adversarial analysis and vulnerability assessments of IT, OT, and hybrid energy systems, identifying insights for defense design improvements.
Contribute to research proposals, technical publications, and conference presentations, supporting team-level advancement of cybersecurity science.
Collaborate with interdisciplinary teams in power systems, controls, and modeling to bridge cyber and physical domains in experiments and model development.
Support the growth of NREL’s adversarial research infrastructure, including cyber ranges, digital twins, and experiment orchestration frameworks, through direct contributions and process improvement.
Provide mentorship to junior staff, including interns or early-career researchers, supporting skill development and laboratory capabilities.

Basic Qualifications

Researcher IV
Relevant PhD and 4 or more years of experience . Or, relevant Master's Degree and 7 or more years of experience . Or, relevant Bachelor's Degree and 9 or more years of experience . Demonstrated in-depth knowledge of laws, regulations, principles, procedures and practices related to specific field. Excellent leadership, communication, problem solving and project management skills. Ability to use various computer software programs.

Researcher III
Relevant PhD. Or, relevant Master's Degree and 3 or more years of experience. Or, relevant Bachelor's Degree and 5 or more years of experience . Demonstrates broad understanding and wide application of engineering technical procedures, principles, theories and concepts in the field. General knowledge of other related disciplines. Demonstrates leadership in one or more areas of team, task or project lead responsibilities. Demonstrated experience in management of projects. Very good writing, interpersonal and communication skills.

* Must meet educational requirements prior to employment start date.

Additional Required Qualifications

Must be able to obtain and maintain a DOE security clearance at the Q/TS/SCI level. A polygraph may be required. Eligibility requirements: To obtain a clearance, an individual must be at least 18 years of age; U.S. citizenship is required except in very limited circumstances. See DOE O 472.2A for additional information.
Understanding and application of project management principles, concepts, practices, and standards
Ability to travel as needed up to 25%

Preferred Qualifications

Researcher IV

Proven leadership in offensive cybersecurity research, including planning and executing complex experiments with strategic impact.
Deep expertise in cyber modeling and simulation for applied R&D, including digital twins, discrete-event simulation, and hardware-in-the-loop testbeds.
Advanced proficiency in Python, PowerShell, C/C++, or other languages, enabling automation, data-driven analysis, and modeling integration across projects.
Expert-level knowledge of ICS, OT, and energy sector systems, including protocols, architectures, and security considerations.
Demonstrated ability to lead reproducible cyber experiments, applying scientific rigor and guiding project teams in methodology, analysis, and validation.
Established record of publications, technical reports, and funded proposals, with experience translating findings into actionable outcomes for sponsors.
Excellent communication, presentation, and stakeholder engagement skills, influencing cross-disciplinary teams and external partners.
Demonstrated ability to independently lead projects, mentor junior staff, and develop laboratory-wide adversarial research capabilities.

Researcher III

Demonstrated experience conducting offensive cybersecurity research, including penetration testing, exploit development, threat emulation, or vulnerability analysis, with an applied understanding of defensive evaluation.
Working knowledge of cyber modeling and simulation approaches, including digital twins, discrete-event simulation, and hardware-in-the-loop testbeds for energy systems.
Proficiency in Python, PowerShell, C/C++, or other scripting/programming languages to support experiments, data analytics, and modeling workflows.
Applied understanding of ICS, OT, and energy sector architectures, including communication protocols and configurations.
Ability to design and execute reproducible cyber experiments, applying scientific rigor to data collection, analysis, and validation.
Contributed to peer-reviewed publications, technical reports, and sponsored research proposals.
Strong technical writing and presentation skills, capable of communicating results to internal and external stakeholders.
Ability to work independently and collaboratively across multiple projects, contributing to mission-driven research.
Interest in mentoring junior staff and supporting team development.

Job Application Submission Window

The anticipated closing window for application submission is up to 30 days and may be extended as needed.

Annual Salary Range (based on full-time 40 hours per week)

Job Profile: Researcher IV / Annual Salary Range: $117,200 - $211,000

Job Profile: Researcher III / Annual Salary Range: $97,800 - $176,000

NREL takes into consideration a candidate’s education, training, and experience, expected quality and quantity of work, required travel (if any), external market and internal value, including seniority and merit systems, and internal pay alignment when determining the salary level for potential new employees. In compliance with the Colorado Equal Pay for Equal Work Act, a potential new employee’s salary history will not be used in compensation decisions.

Benefits Summary

Benefits include medical, dental, and vision insurance; short*- and long-term disability insurance; pension benefits*; 403(b) Employee Savings Plan with employer match*; life and accidental death and dismemberment (AD&D) insurance; personal time off (PTO) and sick leave; paid holidays; and tuition reimbursement*. NREL employees may be eligible for, but are not guaranteed, performance-, merit-, and achievement- based awards that include a monetary component. Some positions may be eligible for relocation expense reimbursement. Limited-term positions are not eligible for long-term disability or tuition reimbursement.

* Based on eligibility rules

Badging Requirement

NREL is subject to Department of Energy (DOE) access restrictions. All employees must also be able to obtain and maintain a federal Personal Identity Verification (PIV) card as required by Homeland Security Presidential Directive 12 (HSPD-12), which includes a favorable background investigation.

Drug Free Workplace

NREL is committed to maintaining a drug-free workplace in accordance with the federal Drug-Free Workplace Act and complies with federal laws prohibiting the possession and use of illegal drugs. Under federal law, marijuana remains an illegal drug.

If you are offered employment at NREL, you must pass a pre-employment drug test prior to commencing employment. Unless prohibited by state or local law, the pre-employment drug test will include marijuana. If you test positive on the pre-employment drug test, your offer of employment may be withdrawn.

Submission Guidelines

Please note that in order to be considered an applicant for any position at NREL you must submit an application form for each position for which you believe you are qualified. Applications are not kept on file for future positions. Please include a cover letter and resume with each position application.

Equal Opportunity Employer

All qualified applicants will receive consideration for employment without regard basis of age (40 and over), color, disability, gender identity, genetic information, marital status, domestic partner status, military or veteran status, national origin/ancestry, race, religion, creed, sex (including pregnancy, childbirth, breastfeeding), sexual orientation, and any other applicable status protected by federal, state, or local laws.

Reasonable Accommodations

E-Verify www.dhs.gov/E-Verify For information about right to work, click here for English or here for Spanish.

E-Verify is a registered trademark of the U.S. Department of Homeland Security. This business uses E-Verify in its hiring practices to achieve a lawful workforce.