Mid-Level Applied Security Architect

Koniag Advisory and Business Solutions LLC a Koniag Government Services company is seeking a MidLevel Applied Security Architect to support KABS and our government customer in Washington DC. The position is hybrid will require 3 days onsite. This position requires the candidate to be able to obtain a Public offer competitive compensation and an extraordinary benefits package including health dental and vision insurance 401K with company matching flexible spending accounts paid holidays three weeks paid time off and MidLevel Applied Security Architect provides handson cybersecurity architecture control implementation and compliance support for systems and workflows that enable the DOE Office of Technology Commercializations SBIR/STTR programs. This role helps design secure solutions for proposal intake/review platforms data repositories analytics/reporting tools and collaboration environments; implements technical safeguards for sensitive information; and contributes to continuous monitoring activities. The architect partners with senior security leadership program managers IT teams reviewers and contractors to translate requirements into practical auditable controls that advance DOEs mission while protecting program Responsibilities:Design document and implement security controls across SBIR/STTR systems (cloud onprem and hybrid) aligned with program development of secure architectures for applicant portals proposal review workflows data pipelines and reporting and maintain identity and access management (IAM) rolebased access leastprivilege settings and privileged access data protection safeguards (encryption at rest/in transit key management DLP policies secure file transfer tokenization where needed).Contribute to vulnerability management and secure configuration baselines; perform assessments track remediation and update POA& with logging/telemetry design and SIEM use cases; tune alerts create dashboards and support continuous in risk assessments and threat modeling for new features integrations and vendor tools supporting SBIR and maintain technical procedures configuration standards and build/run books that codify secure operational compliance documentation (control narratives diagrams evidence collection) and ATO package preparation under senior with stakeholders to ensure security requirements are embedded early (secure-by-design) and do not impede mission to incident response readiness (playbooks tabletop exercises post incident reviews) and implement corrective pragmatic process improvements that strengthen security posture and user experience across the Qualifications:Bachelors degree in computer science information security engineering or a related field.46 years of experience in cybersecurity engineering/architecture security operations or compliance in federal or regulated experience implementing controls for cloud and hybrid systems (identity encryption logging least privilege hardening).Handson familiarity with SIEM/monitoring tools vulnerability scanners endpoint protection and configuration understanding of protecting sensitive data (e.g. proposal content PII) and operationalizing privacy/security written and verbal communication skills for technical documentation diagrams and leadership ability to collaborate with cross-functional teams and deliver secure solutions on schedule.U.S. citizenship and ability to meet federal suitability requirements if Requirement:Ability to obtain a Public TrustPreferred Qualifications:Experience supporting DOE SBIR/STTR or other federal research/innovation knowledge of federal cybersecurity frameworks and standards (e.g. NIST SP 800 series FISMA) zero trust principles and control to FedRAMP aligned cloud environments and securing SaaS platforms used for collaboration workflow and data such as Security SSCP CySA CCSP or GIAC (e.g. GSEC GCSA); progress toward CISSP or CISM is a with secure DevSecOps practices automation infrastructure as code and compliance as code or interest in energy technologies or scientific R&D Competencies:Security Architecture & Control ImplementationRisk Identification and MitigationData Protection and Access GovernanceContinuous Monitoring and Incident ReadinessStakeholder Collaboration and CommunicationProcess and Workflow ImprovementAnalytical and Critical ThinkingTechnical Documentation and StandardsKnowledge Skills and Abilities (KSAs)Knowledge:Understanding of federal cybersecurity requirements control frameworks and DOE mission context for research of secure cloud/hybrid architectures IAM models encryption methods logging/telemetry and vulnerability :Designing diagrams and control mappings; implementing technical safeguards across program risk assessments threat modeling configuration hardening and remediation trackingBuilding monitoring dashboards alert logic and concise security reports for leadership and security tools (SIEM EDR scanners CM baselines) and integrating them with operational :Ability to translate requirements into actionable auditable designs that balance security with usability and to collaborate with technical and nontechnical stakeholders and drive consensus on security to manage multiple tasks deadlines and change requests in a dynamic program to contribute to a mission driven team and take ownership of deliverables from design through EnvironmentThis is a hybrid position requiring periodic onsite participation at DOE headquarters or designated facilities. Remote work is supported for routine responsibilities. Travel may be required for meetings workshops security assessments or program coordination. Our Equal Employment Opportunity PolicyThe company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race color religion creed ethnicity sex sexual orientation gender or gender identity (except where gender is a bona fide occupational qualification) national origin or ancestry age disability citizenship military/veteran status marital status genetic information or any other characteristic protected by applicable federal state or local law. We are committed to equal employment opportunity in all decisions related to employment promotion wages benefits and all other privileges terms and conditions of company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website please get in touch with Heaven Wood via e-mail by calling to request Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical professional and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers employees and native communities. For more information please Opportunity Employer/Veterans/ Preference in accordance with Public Law 88-352