Cyber Security Engineer (Job 1354) at DLH Corp

<p class="iCIMS_InfoMsg iCIMS_InfoField_Job"><span style="font-size: 12pt; font-family: arial, helvetica, sans-serif;"><strong>About Us</strong></span></p> <div class="iCIMS_InfoMsg iCIMS_InfoMsg_Job"> <div class="iCIMS_Expandable_Container"> <div class="iCIMS_Expandable_Text"> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">DLH delivers improved health and national security readiness solutions for federal programs through science research and development, systems engineering and integration, and digital transformation. Our experts in public health, performance evaluation, and health operations solve the complex problems faced by civilian and military customers alike by leveraging advanced tools – including digital transformation, artificial intelligence, data analytics, cloud enablement, modeling, and simulation, and more. With over 2,400 employees dedicated to the idea that “Your Mission is Our Passion,” DLH brings a unique combination of government sector experience, proven methodology, and unwavering commitment to innovation to improve the lives of millions.</span></p> </div> </div> </div> <div class="iCIMS_InfoMsg iCIMS_InfoMsg_Job"> <div class="iCIMS_Expandable_Container"> <div class="iCIMS_Expandable_Text"> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><strong>Overview</strong></span></p> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">DLH is seeking a highly skilled Cyber Security Engineer to support a federal client in Bethesda, MD. This role focuses on strengthening enterprise cybersecurity posture through a combination of vulnerability management, secure engineering practices, DevSecOps integration, and advanced threat detection, while incorporating Zero Trust principles as part of a comprehensive defense strategy.</span></p> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">The ideal candidate should be self-motivated and able to take ownership of workflows</span></p> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">They will bring experience identifying and prioritizing risk across enterprise systems, applying defense-in-depth principles across platforms, and leveraging security tools and threat intelligence (including CVE and CISA Known Exploited Vulnerabilities (KEV)) to proactively mitigate threats.</span></p> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">This role requires strong collaboration across security, infrastructure, and development teams, as well as the ability to communicate technical findings to both technical and non-technical stakeholders.</span></p> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><strong>Responsibilities</strong></span></p> <ul> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Integrate Zero Trust Architecture into enterprise environments through gap analysis, security maturity assessments, and risk-based control implementation</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Lead and support vulnerability management efforts, including identification, prioritization, and remediation of vulnerabilities based on risk, exploitability, and business impact</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Analyze and operationalize threat intelligence sources, including CVE databases and CISA KEV catalog, to prioritize remediation and strengthen defenses against actively exploited vulnerabilities</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Perform vulnerability assessments using tools such as Tenable Nessus and web application scanners, and triage findings to reduce false positives/negatives</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Utilize Microsoft Defender Antivirus (MDAV) and endpoint detection tools to monitor, detect, and respond to threats across endpoints</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Collaborate with DevSecOps, infrastructure, and development teams to incorporate security controls and automated scanning (SCA, SAST, DAST) into CI/CD pipelines and SDLC practices</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Develop and maintain SIEM solutions, such as Splunk, for queries, dashboards, and reports to identify trends, detect anomalies, and highlight control gaps</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Support continuous monitoring and improve detection capabilities across hybrid enterprise environments, including on-premises, cloud, and containers.</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Contribute to enterprise security architecture, including identity and access management and cloud security design</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Develop clear technical documentation, including assessment reports, mitigation strategies, and implementation guidance</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Stay current on emerging threats, vulnerabilities, federal cybersecurity directives, and industry best practices</span></li> </ul> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><strong>Qualifications</strong></span></p> <ul> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Bachelor’s degree in Computer Science, Cybersecurity, Software Engineering, or related field (or equivalent experience)</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">4+ years of experience in cybersecurity, vulnerability management, systems engineering, or related fields</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Strong experience with vulnerability management programs, including risk prioritization using CVSS, threat intelligence, and exploit data (e.g., CVEs, CISA KEV)</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Working knowledge of DevSecOps practices and integrating security into CI/CD pipelines</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Hands-on experience with Microsoft Defender Antivirus (MDAV) and endpoint security solutions</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Experience with vulnerability scanning and assessment tools (e.g., Tenable Nessus, web application scanners)</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Familiarity with cloud environments (AWS, Azure, or GCP) and containerized applications (ARO, Kubernetes)</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Experience with SIEM platforms such as Splunk for detection and analysis</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Strong understanding of security frameworks and compliance standards (NIST SP 800-53, 800-171, 800-37, FedRAMP, FISMA, ISO 27001, CIS Benchmarks, DISA STIGs)</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Knowledge of enterprise security architecture and modern security principles, including Zero Trust</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Working knowledge of AI security risk management frameworks and the ability to translate AI/ML use cases into security controls, review checkpoints, and governance decisions</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Strong analytical, problem-solving, and communication skills</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><strong>Must be able to obtain a Public Trust clearance</strong></span></li> </ul> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><strong>Preferred Certifications</strong></span></p> <ul> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Related Cyber certification, such as CYSA, CISSP, or equivalent</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Cloud security certifications (Azure, AWS, or GCP)</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Azure Security Engineer Associate or similar</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">DevSecOps or secure development certifications</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Vulnerability management or threat intelligence-related certifications</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">Proficiency in scripting/automation (PowerShell, Python, Bash, etc.)</span></li> </ul> <p style="margin: 0px !important; padding: 0px !important; font-family: Arial; font-weight: 400;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><strong>Basic Compensation: $132,000 - $140,000 yearly salary</strong></span></p> <p style="margin: 0px !important; padding: 0px !important; font-family: Arial; font-weight: 400;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">The salary range listed reflects what we reasonably expect to pay for this role at the time of posting. The final offer may vary based on skills, experience, geographic location, market conditions, and internal equity. Additional compensation may include performance incentives and program-specific awards. We do not use salary history to determine compensation, in line with applicable law.</span></p> <p style="margin: 0px !important; padding: 0px !important; font-family: Arial; font-weight: 400;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;">&nbsp;</span></p> <p style="margin: 0px !important; padding: 0px !important; font-family: Arial; font-weight: 400;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt;"><strong style="color: rgb(0, 0, 0); background-color: transparent;">Benefits</strong></span></p> <p style="margin: 0px !important; padding: 0px !important; font-family: Arial; font-weight: 400;"><span style="font-family: arial, helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0); background-color: transparent;">DLH Corp offers our employees an excellent benefits package, including Personal Time Off (PTO), medical, dental, vision, supplemental life with AD&amp;D, short and long-term disability, flexible spending accounts, parental leave, legal services, and more. We want our employees to save for their future; therefore, we offer a 401(k) Retirement Plan, which includes a matching component. DLH is dedicated to your career development, providing training to help drive success, with access to our best-in-class e-learning suite for formal and informal learning, professional and technical certification preparation, and education assistance at accredited institutions.</span></p> <p style="margin: 0px !important; padding: 0px !important; font-family: Arial; font-weight: 400;">&nbsp;</p> </div> </div> </div><div class="content-conclusion"><p><span style="font-size: 12pt; font-family: arial, helvetica, sans-serif;"><strong>EEO</strong></span></p> <p><span style="font-size: 12pt; font-family: arial, helvetica, sans-serif;">DLH Corporation is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment.&nbsp; DLH will provide reasonable accommodation to individuals with disabilities and disabled Veterans who need assistance to apply.&nbsp;</span></p> <p><span style="font-size: 12pt; font-family: arial, helvetica, sans-serif;"><span data-olk-copy-source="MessageBody">DLH is committed to maintaining a fair and authentic interview process</span></span></p></div>