Senior Cyber Security Engineer (Job 1355)

DLH delivers improved health and national security readiness solutions for federal programs through science research and development, systems engineering and integration, and digital transformation. Our experts in public health, performance evaluation, and health operations solve the complex problems faced by civilian and military customers alike by leveraging advanced tools – including digital transformation, artificial intelligence, data analytics, cloud enablement, modeling, and simulation, and more. With over 2,400 employees dedicated to the idea that “Your Mission is Our Passion,” DLH brings a unique combination of government sector experience, proven methodology, and unwavering commitment to innovation to improve the lives of millions.

Overview

The Senior Cybersecurity Engineer serves as a technical leader within the National Institute on Aging (NIA) Information System Security Office (ISSO) by designing, implementing, and maintaining security controls that protect NIA information systems, data, and infrastructure. This role ensures compliance with federal cybersecurity standards while proactively identifying and mitigating risks across systems supporting scientific research and administrative operations.

This senior-level role is critical to safeguarding systems that support cutting-edge aging research. The ideal candidate is proactive, detail-oriented, and committed to continuous learning in a rapidly evolving cybersecurity landscape. The position requires strong technical expertise, familiarity with federal security frameworks, and the ability to collaborate with system owners, researchers, and IT teams.

Responsibilities

• Design, implement, and maintain cybersecurity controls aligned with NIST RMF (Risk Management Framework)
• Support system Authorization to Operate (ATO) processes, including preparation and maintenance of security documentation (SSP, POA&M, SAR)
• Conduct security assessments, vulnerability scans, and risk analyses
• Monitor system security posture and respond to incidents in coordination with NIH security operations
• Implement and manage security tools such as SIEM, endpoint protection, and vulnerability management platforms
• Ensure compliance with FISMA, NIST SP 800-53, and NIH/HHS security policies
• Provide technical guidance to system owners on secure architecture and system hardening
• Support continuous monitoring activities and reporting requirements
• Assist with incident response, forensic analysis, and remediation activities
• Participate in audits and provide the required artifacts and evidence

Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience)
• 10+ years of progressive experience in cybersecurity engineering, information security, or related roles
• CISSP industry certification
• Hands-on experience with NIST RMF and federal compliance frameworks (e.g., FISMA, NIST SP 800-53)
• Experience supporting ATO processes and developing security documentation (SSP, POA&M, SAR)
• Strong understanding of network security, system hardening, identity and access management, and vulnerability management
• Experience with security tools such as SIEM (e.g., Splunk), vulnerability scanners (e.g., Tenable, Qualys), and endpoint protection platforms
• Experience with Zero Trust Architecture principles
• Knowledge of cloud security principles (e.g., AWS, Azure, or GCP)
• Familiarity with incident response processes and security operations
• Must be able to obtain a Public Trust clearance 
• On-site or hybrid, depending on organizational needs.
• Works closely with ISSOs, system owners, cloud engineers, and research staff
• Supports a mission-driven environment focused on protecting sensitive biomedical research data
• Participates in cross-functional security and compliance initiatives

Preferred Qualifications

• Master’s degree in Cybersecurity, Information Assurance, or related field
• Relevant industry certifications such as CGRC, CISA, CISM, CEH, Security+, or GSEC
• Experience within federal agencies, NIH, or HHS environments
• Knowledge of FedRAMP and cloud authorization processes
• Experience with DevSecOps practices and automation tools
• Familiarity with container security and modern application architectures
• Strong scripting skills (e.g., Python, PowerShell, Bash)
• Excellent communication skills and ability to translate technical risks for non-technical stakeholders.

Basic Compensation: $157,000 - $171,000 yearly salary

The salary range listed reflects what we reasonably expect to pay for this role at the time of posting. The final offer may vary based on skills, experience, geographic location, market conditions, and internal equity. Additional compensation may include performance incentives and program-specific awards. We do not use salary history to determine compensation, in line with applicable law.

Benefits

DLH Corp offers our employees an excellent benefits package, including Personal Time Off (PTO), medical, dental, vision, supplemental life with AD&D, short and long-term disability, flexible spending accounts, parental leave, legal services, and more. We want our employees to save for their future; therefore, we offer a 401(k) Retirement Plan, which includes a matching component. DLH is dedicated to your career development, providing training to help drive success, with access to our best-in-class e-learning suite for formal and informal learning, professional and technical certification preparation, and education assistance at accredited institutions.