• Create innovative and thought-provoking insights • Develop new insights and offer actionable approaches to clients • Research, analyze, and predict market trends and shifts • Provide clients with actionable advice via virtual or face-to-face interactions • Deliver high-value presentation materials at various events • Actively participate in innovation discussions and collaborate with peers

• Improve and take ownership of incident management • Improve detection capabilities and reduce noise for the SIEM. Create and improve playbooks. Improve email security. • Developing security guides along with defining, implementing, and monitoring security measures to protect Job&talent. • Improving security tooling, processes, and standards to provide security assurances across the business. • Mentoring and guiding more junior engineers • Use our CSPM tool to monitor cloud security configurations across AWS, Azure, and Google Cloud Platform. • Working closely with DevOps teams to integrate security into the cloud deployment environment and pipeline. • Performing risk assessments, threat modeling, and security reviews. • Improve logging, visibility, and evidence collection across corporate and production systems.

Role Description Are you passionate about cybersecurity and eager to make a difference? Join our Security Operations Center (SOC) as a Security Analyst I (SOC). In this role, you'll be at the forefront of monitoring, detecting, and responding to security incidents. With 2-3 years of experience in cybersecurity, you'll bring your strong understanding of security principles and excellent analytical skills to our fast-paced environment. You'll work closely with our team to ensure effective incident response and resolution, contributing to the continuous improvement of our SOC processes and procedures. If you're ready to take your career to the next level and be part of a dynamic and challenging environment, we encourage you to apply! Communication skills are essential, as you will be the technical escalation point for the SOC Team. You'll need to act proactively to ensure smooth security operations and effective collaboration during your shift. A key outcome of this position is to continuously improve the efficiency and quality of the Security Operations Center. Adhering to the processes and procedures documented is an important aspect to successful SOC operations. Responsibilities: - SOC Dashboard Monitoring. - First Response to Alerts generated from Security Solutions ingested in the SIEM/SOAR Tool. - Verifying the Facts and Enriched Data in Incidents using SOAR Platform. - Preliminary triage based on the facts from the SOAR. - Sending email notifications for Medium & lower priority alerts to the client for confirmation on potentially false or benign alerts. - Helping seniors in triage, evidence collection, incident documentation, etc. - Reporting to the Shift Lead about the alerts handled during the shift and updating the SHO Sheet. - Escalation of Incidents based on the preliminary triage using the escalation workflow in case of possible true positives. - Identifying daily repeat false positive alerts, and interesting patterns based on monitoring of alerts. - Reporting any tool outages or monitoring downtime during one’s own shift to the Shift Lead or Leads asap. - Performing Monthly Maintenance Tasks for Health Checks for the Security Monitoring and Response Tools. - Develop, test, and fine-tune detection rules and use cases based on log sources, threat intelligence, attack patterns, and client requirements. - Identify emerging threats and incorporate them into use-cases for alerts and detections. - Optimize and refine alert thresholds and logic to minimize false positives and enhance detection accuracy. - Leverage expertise in Microsoft 365 Defender/Defender XDR, Microsoft Defender for Endpoint, Defender for Office 365 and Entra ID Protection to improve overall threat detection and response. - Analyze security logs and telemetry data for signs of compromise, anomalous activities, or malicious behavior. - Prioritize the work effectively and handle shifting priorities professionally. - Work closely with cross-functional teams (IT, Cloud Operations, Application Development) to mitigate security risks and improve SOC capabilities. - Create detailed reports and post-analysis reports to communicate findings and recommendations to technical and non-technical stakeholders. - Contribute to continuous improvement of SOC processes, including SOPs, playbooks, runbooks, and escalation procedures. - Stay updated with the latest threat landscape, vulnerabilities, and attack methods. - Share knowledge and insights with other SOC analysts and participate in team knowledge-sharing sessions. - Participate in red/blue team exercises to test and improve detection and response capabilities. Qualifications - Strong understanding of cybersecurity principles and best practices. - Proficiency in using security monitoring tools and technologies. - Excellent analytical and problem-solving skills. - Strong communication skills, both written and verbal. - Ability to work effectively in a team environment. - Attention to detail and a proactive approach to identifying and addressing security issues. - Experience working with Security Information and Event Management (SIEM) systems, preferably Microsoft Sentinel. - Knowledge of network security, endpoint security, identity protection and cloud security. - Familiarity with incident response frameworks and methodologies. - Knowledge of Microsoft Sentinel KQL (Kusto Query Language) for custom queries and rule creation is preferred. - Familiarity of how SOAR (Security Orchestration and Automated Response) works and ability to provide workflows which can be used for automating SOC responses. - Knowledge of security frameworks such as MITRE ATT&CK. - Industry knowledge and experience in Managed Detection and Response (MDR) technologies. - Experience working in a Managed Security Operations or Security Team is preferred. - Knowledge of ITIL Foundation Framework. - Experience or knowledge of various Microsoft Security and Compliance tools is preferred: - Microsoft Sentinel - Defender for Endpoint - Defender for Office 365 - Entra ID Identity Protection - Defender for Identity - Defender for Cloud Apps - Defender for Cloud - Defender XDR - Defender for IoT - Entra ID & Intune - Microsoft Purview, IRM, DLP, Insider Risk - Experience of CrowdStrike EDR and/or IDP is highly desirable. - Knowledge / Experience handling OT Security alerts is desirable. - Working Knowledge of Vulnerability Management tool. - Security Awareness Training using tools such as KnowBe4. - Desirable to have knowledge of Privacy Compliance Frameworks like HIPPA, GDPR, SHIELD. - Bachelor’s degree in computer science/engineering/IT/Computer Applications or significant demonstrable experience in IT Security / IT. - Outstanding Written, Verbal, Technical, Non-Technical, communication & presentation skills. - Self-directed with the ability to prioritize and handle SOC Operations and Alert inflow. - Eager learner continually improving skill sets, earning certifications, and gaining industry knowledge. - Very good analytical skills. - Outstanding written communication and verbal skills. - 95% of our clients are from USA. Thus, a good command over English language is a must. - Good to have any of these Microsoft Certifications: SC-200, SC-900, AZ-500, SC-300, SC-400. - Relevant certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH) are preferred.

Title: Senior Cyber Security Engineer (Job 1356) Location: Bethesda, Maryland Job Description: About Us DLH delivers improved health and national security readiness solutions for federal programs through science research and development, systems engineering and integration, and digital transformation. Our experts in public health, performance evaluation, and health operations solve the complex problems faced by civilian and military customers alike by leveraging advanced tools – including digital transformation, artificial intelligence, data analytics, cloud enablement, modeling, and simulation, and more. With over 2,400 employees dedicated to the idea that “Your Mission is Our Passion,” DLH brings a unique combination of government sector experience, proven methodology, and unwavering commitment to innovation to improve the lives of millions. Overview The Senior Cybersecurity Engineer serves as a technical leader within the National Institute on Aging (NIA) Information System Security Office (ISSO) by designing, implementing, and maintaining security controls that protect NIA information systems, data, and infrastructure. This role ensures compliance with federal cybersecurity standards while proactively identifying and mitigating risks across systems supporting scientific research and administrative operations. This senior-level role is critical to safeguarding systems that support cutting-edge aging research. The ideal candidate is proactive, detail-oriented, and committed to continuous learning in a rapidly evolving cybersecurity landscape. The position requires strong technical expertise, familiarity with federal security frameworks, and the ability to collaborate with system owners, researchers, and IT teams. Responsibilities - Advise on ZTA road map and provide system specific Zero Trust report cards - Conduct security assessments, vulnerability scans, and risk analyses - Monitor system security posture and respond to incidents in coordination with NIH security operations - Implement and manage security tools such as SIEM, endpoint protection, and vulnerability management platforms - Ensure compliance with FISMA, NIST SP 800-53, and NIH/HHS security policies - Design, implement, and maintain cybersecurity controls aligned with NIST RMF (Risk Management Framework) - Support system Authorization to Operate (ATO) processes, including preparation and maintenance of security documentation (SSP, POA&M, SAR) - Provide technical guidance to system owners on secure architecture and system hardening - Support continuous monitoring activities and reporting requirements - Assist with incident response, forensic analysis, and remediation activities - Participate in audits and provide required artifacts and evidence Qualifications - Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience) - 10+ years of progressive experience in cybersecurity engineering, information security, or related roles - CISSP industry certification - Hands-on experience with NIST RMF and federal compliance frameworks (e.g., FISMA, NIST SP 800-53) - Experience supporting ATO processes and developing security documentation (SSP, POA&M, SAR) - Strong understanding of network security, system hardening, identity and access management, and vulnerability management - Experience with security tools such as SIEM (e.g., Splunk), vulnerability scanners (e.g., Tenable, Qualys), and endpoint protection platforms - Experience with Zero Trust Architecture principles - Knowledge of cloud security principles (e.g., AWS, Azure, or GCP) - Familiarity with incident response processes and security operations - Must be able to obtain a Public Trust clearance - On-site or hybrid depending on organizational needs. - Works closely with ISSOs, system owners, cloud engineers, and research staff - Supports a mission-driven environment focused on protecting sensitive biomedical research data - Participates in cross-functional security and compliance initiatives Preferred Qualifications - Master’s degree in Cybersecurity, Information Assurance, or related field - Relevant industry certifications such as CGRC, CISA, CISM, CEH, Security+, or GSEC - Experience within federal agencies, NIH, or HHS environments - Knowledge of FedRAMP and cloud authorization processes - Experience with DevSecOps practices and automation tools - Familiarity with container security and modern application architectures - Strong scripting skills (e.g., Python, PowerShell, Bash) - Excellent communication skills and ability to translate technical risks for non-technical stakeholders. Basic Compensation: $157,000 - $171,000 yearly salary The salary range listed reflects what we reasonably expect to pay for this role at the time of posting. The final offer may vary based on skills, experience, geographic location, market conditions, and internal equity. Additional compensation may include performance incentives and program-specific awards. We do not use salary history to determine compensation, in line with applicable law. Benefits DLH Corp offers our employees an excellent benefits package, including Personal Time Off (PTO), medical, dental, vision, supplemental life with AD&D, short and long-term disability, flexible spending accounts, parental leave, legal services, and more. We want our employees to save for their future; therefore, we offer a 401(k) Retirement Plan, which includes a matching component. DLH is dedicated to your career development, providing training to help drive success, with access to our best-in-class e-learning suite for formal and informal learning, professional and technical certification preparation, and education assistance at accredited institutions.