[Hiring] Security Control Assessor @Koniag Government Services, LLC

Role Description

Koniag Data Solutions (KDS), a Koniag Government Services company, is seeking a Mid-Level Cybersecurity Analyst to support KDS and specialize in Security Control Assessments to support our federal government clients. This position requires the candidate to be able to obtain a Public Trust. The position is remote.

The Mid-Level Cybersecurity Analyst will be responsible for:

• Conducting comprehensive security control assessments following NIST guidelines
• Performing security testing and evaluation of systems and applications
• Documenting assessment findings and preparing detailed reports
• Analyzing system security plans and associated security documentation
• Evaluating security controls and their implementation
• Supporting Authorization to Operate (ATO) processes
• Conducting vulnerability assessments and penetration testing
• Assisting in the development of Plans of Action and Milestones (POA&Ms)
• Participating in security working groups and technical meetings
• Collaborating with system owners and stakeholders
• Supporting continuous monitoring activities
• Maintaining assessment documentation and evidence
• Providing recommendations for remediation of security findings

Position Note: At this time, the customer does not currently have a GRC tool. Our assessments are rather manual.

Qualifications

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field
• 5+ years of experience in cybersecurity
• 3+ years of direct experience conducting security control assessments
• Experience with federal information security requirements and guidelines
• Current security clearance or ability to obtain one

Requirements

• Deep understanding of NIST SP 800-53 security controls
• Experience with Risk Management Framework (RMF)
• Knowledge of Federal Information Security Management Act (FISMA) requirements
• Proficiency in security assessment and authorization processes
• Experience with vulnerability scanning tools (Nessus, Qualys, etc.)
• Strong analytical and problem-solving skills
• Excellent documentation and technical writing abilities
• Knowledge of common security tools and technologies
• Understanding of cloud security concepts
• Experience with security documentation review
• Strong communication and interpersonal skills
• Ability to work independently and as part of a team
• Proficiency in Microsoft Office suite
• Experience with security assessment tools and methodologies

Benefits

• Competitive compensation
• Comprehensive benefits including health, dental and vision insurance
• 401K with company matching
• Flexible spending accounts
• Paid holidays
• Three weeks paid time off
• And more

Desired Skills and Competencies

• Security+ or higher cybersecurity certification
• CISSP, CISA, or similar professional certification
• Experience with FedRAMP assessment processes
• Knowledge of CMMC requirements
• Familiarity with cloud service providers (AWS, Azure, GCP)
• Experience with automated security assessment tools
• Background in federal government contracting
• Knowledge of DevSecOps practices
• Experience with continuous monitoring programs
• Scripting abilities (Python, PowerShell, etc.)
• Experience with security compliance frameworks
• Prior military or government experience
• Incident response experience
• Knowledge of privacy requirements and controls

Security Requirement

• Ability to obtain a Public Trust