RMF Cybersecurity Analyst

Koniag IT Systems, a Koniag Government Services company, is hiring an experienced Senior Cybersecurity Analyst with a TS/SCI clearance to support KITS and our government customer in Alexandria, VA. This is a hybrid position.

We offer competitive compensation and an extraordinary benefits package including health, dental, and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more. 

The Senior Cybersecurity Analyst provides expert guidance and hands-on support in implementing, maintaining, and improving cybersecurity posture across the Department of War (DoW) information systems in accordance with the Risk Management Framework (RMF). This position is responsible for ensuring systems achieve and maintain Authorization to Operate (ATO) status through meticulous application of DoW cybersecurity policies, controls, and best practices. The analyst will collaborate with program managers, system owners, and cross-functional technical teams to ensure security requirements are effectively integrated throughout the system lifecycle.

Responsibilities

• Provide subject matter expertise in the development and deployment of automated RMF security control assessment, informing authorization, and continuous monitoring processes.
• Develop, integrate, and maintain automated workflows for evidence collection, control validation, and reporting.
• Leverage scripting, orchestration, and DevSecOps pipelines to embed compliance and security checks.
• Collaborate with cybersecurity engineers, assessors, system owners, and other stakeholders to align automation solutions with mission needs.
• Integrate automated testing tools (e.g., vulnerability scanners, configuration management tools) into RMF packages.
• Provide subject matter expertise on leveraging OSCAL (Open Security Controls Assessment Language) and other machine-readable compliance frameworks.
• Deliver training, documentation, and guidance to program teams on automated RMF practices.
• Stay current and provide feedback and recommendations on DoW cybersecurity policies, NIST updates, and emerging compliance automation technologies.

Required Qualifications:

• Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or related field.
• 7+ years of experience in DoW cybersecurity compliance, assessment, or risk management.
• Hands-on expertise with RMF processes, NIST SP Rev. 5 controls, and DoD RMF [DoDI ].
• Experience developing automation solutions using Python, PowerShell, Ansible, or similar scripting/orchestration tools.
• Familiarity with continuous monitoring and automated compliance reporting.
• DoD M certification (e.g., CISSP, CAP, Security+ CE).

Preferred Qualifications:

• Experience with Governance, Risk, and Compliance (GRC tools) (e.g., eMASS, Archer, Xacta) and their automation/integration.
• Knowledge of OSCAL and machine-readable RMF artifacts.
• Experience with DevSecOps pipelines, CI/CD, and Infrastructure as Code (IaC).
• Background in vulnerability management, STIG compliance, or automated security testing.

Our Equal Employment Opportunity Policy

The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.  The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at - or by calling to request accommodations.

Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit  

Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352