Job Type:
Term (Fixed Term)
RAND's Meselson Center, part of the Global and Emerging Risks (GER) research division, is seeking mission-driven cybersecurity experts to address critical challenges at the intersection of AI, information security, and national security. As a Visiting Technical Expert, you'll directly impact AI and cybersecurity policy at the highest levels of government and industry, contributing to the security and integrity of powerful AI systems.
Your work will address key questions related to securing AI systems, understanding their cyber capabilities, and examining their policy implications. Your work will span technical research, policy analysis, and infrastructure development. For example, you might develop AI-specific threat models, build software tools for AI cyber capability evaluations, or identify critical areas for new security R&D.
RAND's reputation for excellence is built on our commitment to high-quality, rigorous analysis and objectivity. In this role, you will apply quantitative and qualitative skills to rigorously analyze AI security problems of national and international importance. Working with multidisciplinary teams of policy researchers, engineers, and scientists, you’ll shape recommendations for the White House, multiple regulatory agencies, the intelligence community, other national governments, and industry.
You will communicate the results of your work to both technical and non-technical audiences through quick-turnaround policy briefs and detailed written research products. A recent example of one of our research products is the Securing AI Model Weights report, which explored protecting frontier AI models from theft and misuse.
This role offers a unique opportunity to drive key policy decisions, ensuring the responsible development and deployment of powerful AI technologies.
Additional Responsibilities:
Supports large and complex information security projects; develops and handles information security processes; and maintains extensive knowledge in networking, databases, systems, and/or web operations.
Provides support and guidance on security-related operations; involved in the evaluation of products and/or procedures to enhance information security productivity and effectiveness.
Consults on security issues regarding user built/managed systems.
Qualifications
All analyst positions at RAND require excellent analytic skills; the ability to communicate clearly and effectively in English, both orally and in writing; the ability to work effectively as a member of a multi-disciplinary team; and a strong commitment to RAND's core values of quality and objectivity.
Successful applicants will be able to present strong evidence of quantitative and/or qualitative research tools, methods, and technical skills to support large and complex projects; accomplishment with leading or managing large and complex project tasks or analytic tasks; contributions to written research projects, technical reports, and briefings; and training and technical supervision to less experienced staff.
Required:
5+ years of technical experience in security engineering, software engineering, firmware engineering, hardware engineering, security operations, network security or related fields
Proficiency in Python, Java, C/C++, or other popular programming languages
Ability to develop rigorous and comprehensive threat models and identify potential system vulnerabilities
Strong ability to communicate effectively in English, both verbally and in writing
Ability to work effectively as a member of a multi-disciplinary team
Ability to reason about policy options given different technical considerations
Technical knowledge of Cyber Security tools including the ability to use Wireshark, tcpdump, and other network analysis tools
Knowledge of the use of SIEMs and different types of network security platforms
Preferred:
Graduate of the Computer Network Operations Development Program (CNODP), Remote Interactive Operator Training (RIOT), Future Operator Readiness Growth and Enrichment (FORGE), or equivalent experience
Experience with reverse engineering, red team operations, or offensive cyber capabilities development
Understanding of advanced persistent threat (APT) tactics, techniques, and procedures (TTPs) and experience with defending against them
Ability to think creatively about offensive and/or defensive techniques and strategies, beyond compliance with existing regulations
Familiarity with U.S. cybersecurity agencies, authorities, and policy development processes
Experience working in or with government on cybersecurity policy
Experience with advising non-technical stakeholders on security topics
Familiarity with the AI/ML hardware stack (e.g., GPUs, TPUs, data center design)
Familiarity with the AI/ML software stack (e.g., CUDA, PyTorch, TensorFlow, Ray)
Experience working on AI research, ML model training, or model deployment
Experience with securing AI systems
Education Requirements
A master’s degree in Computer Science, Computer Engineering, Electrical Engineering, Cybersecurity, Information Security, Information Technology, Mathematics, Applied Mathematics, Physics, Applied Physics, Engineering Physics, Artificial Intelligence, Machine Learning, Engineering and Public Policy, Technology and Policy, National Security Policy, Policy Analysis, Political Science, International Relations, or similar is required.
Or
A bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, Cybersecurity, Information Security, Information Technology, Mathematics, Applied Mathematics, Physics, Applied Physics, Engineering Physics, or similar with at least 10 years of relevant professional experience, is required. Relevant professional experience to meet these requirements should demonstrate the applicant’s ability to execute analytically rigorous methods related to information security.
Security Clearance
Ability to obtain and maintain a U.S. government clearance is preferred but not required.
Location
We are actively hiring for this position in San Francisco, CA, as well as our RAND offices in Washington, DC; Santa Monica, CA; Pittsburgh, PA; and Boston, MA. We offer a hybrid work arrangement, combining work from home and on-site options. Fully remote work will also be considered.
Writing Sample
A writing sample is required for this position. This sample can use a recent, previously written paper or technical report (e.g., journal article, master’s thesis or paper written for coursework, research project, technical analysis, briefings).
Applicants with work experience in which they have not produced written products (e.g., ML model development), or in which written products have dissemination restrictions, may submit a short, written summary (i.e., less than one page) of recent products they have developed.
Term
This position is a 2-year term position with the possibility of renewal for an additional year alongside options for longer-term employment. RAND's ability to provide visa and relocation support for this role will be considered.
Salary Range
Analyst III: $85,700 - $127,500
Analyst IV: $100,100 - $152,000
Analyst V: $117,700 - $179,700
RAND considers a variety of factors when formulating an offer, including but not limited to, the specific role and associated responsibilities; a candidate’s work experience, education/training, skills, expertise; and internal equity. Successful candidates will be offered employment in a specific title, as determined by the candidate's education and experience. The salary range includes base pay plus RAND’s sabbatic pay (which provides additional compensation above base pay when vacation is taken). In addition, RAND provides strong benefits including health insurance coverage, life and disability insurance, savings plan, paid time-off and more.
#LI-DNI
Equal Opportunity Employer: race/color/religion/sex/sexual orientation/gender identity/national origin/disability/vet