Senior Cyber Security Engineer (Job 1356)
About The Position
The Senior Cybersecurity Engineer serves as a technical leader within the National Institute on Aging (NIA) Information System Security Office (ISSO) by designing, implementing, and maintaining security controls that protect NIA information systems, data, and infrastructure. This role ensures compliance with federal cybersecurity standards while proactively identifying and mitigating risks across systems supporting scientific research and administrative operations. This senior-level role is critical to safeguarding systems that support cutting-edge aging research. The ideal candidate is proactive, detail-oriented, and committed to continuous learning in a rapidly evolving cybersecurity landscape. The position requires strong technical expertise, familiarity with federal security frameworks, and the ability to collaborate with system owners, researchers, and IT teams.
Requirements
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience)
- 10+ years of progressive experience in cybersecurity engineering, information security, or related roles
- CISSP industry certification
- Hands-on experience with NIST RMF and federal compliance frameworks (e.g., FISMA, NIST SP 800-53)
- Experience supporting ATO processes and developing security documentation (SSP, POA&M, SAR)
- Strong understanding of network security, system hardening, identity and access management, and vulnerability management
- Experience with security tools such as SIEM (e.g., Splunk), vulnerability scanners (e.g., Tenable, Qualys), and endpoint protection platforms
- Experience with Zero Trust Architecture principles
- Knowledge of cloud security principles (e.g., AWS, Azure, or GCP)
- Familiarity with incident response processes and security operations
- Must be able to obtain a Public Trust clearance
Nice To Haves
- Master’s degree in Cybersecurity, Information Assurance, or related field
- Relevant industry certifications such as CGRC, CISA, CISM, CEH, Security+, or GSEC
- Experience within federal agencies, NIH, or HHS environments
- Knowledge of FedRAMP and cloud authorization processes
- Experience with DevSecOps practices and automation tools
- Familiarity with container security and modern application architectures
- Strong scripting skills (e.g., Python, PowerShell, Bash)
- Excellent communication skills and ability to translate technical risks for non-technical stakeholders.
Responsibilities
- Design, implement, and maintain cybersecurity controls aligned with NIST RMF (Risk Management Framework)
- Support system Authorization to Operate (ATO) processes, including preparation and maintenance of security documentation (SSP, POA&M, SAR)
- Conduct security assessments, vulnerability scans, and risk analyses
- Monitor system security posture and respond to incidents in coordination with NIH security operations
- Implement and manage security tools such as SIEM, endpoint protection, and vulnerability management platforms
- Ensure compliance with FISMA, NIST SP 800-53, and NIH/HHS security policies
- Provide technical guidance to system owners on secure architecture and system hardening
- Support continuous monitoring activities and reporting requirements
- Assist with incident response, forensic analysis, and remediation activities
- Participate in audits and provide required artifacts and evidence
Benefits
- Personal Time Off (PTO)
- medical
- dental
- vision
- supplemental life with AD&D
- short and long-term disability
- flexible spending accounts
- parental leave
- legal services
- 401(k) Retirement Plan with matching component
- training
- access to e-learning suite
- professional and technical certification preparation
- education assistance at accredited institutions
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
