CSRMC Team Lead (TS/SCI)

Koniag Government Services, LLC•Washington, VA

1d•Onsite

About The Position

Koniag IT Systems, LLC, a Koniag Government Services company, is seeking a CSRMC Team Lead with a TS/SCI Security clearance to support KITS and our government customer at the Pentagon, Arlington, VA. We offer competitive compensation and an extraordinary benefits package including health, dental, and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more. The CSRMC Team Lead provides technical leadership and subject matter expertise supporting the automation of the Department of War’s Risk Management Framework (RMF) Revamp processes. This role leads the design, development, and implementation of automated compliance and security control validation capabilities that enhance the efficiency, accuracy, and scalability of RMF authorization and continuous monitoring activities. The Team Lead will oversee a small team of cybersecurity engineers and automation specialists while working closely with Authorizing Officials, cybersecurity engineers, system owners, and DevSecOps teams to integrate automated compliance capabilities into enterprise cybersecurity workflows. This position plays a critical role in advancing the Department of War’s transition toward machine-readable compliance frameworks, automated evidence collection, and continuous authorization approaches aligned with Zero Trust and DevSecOps architectures.

Requirements

Master’s degree in Cybersecurity, Information Systems, Computer Science, or a related technical field.
15+ years of experience supporting Department of War cybersecurity compliance, assessment, or risk management activities.
Demonstrated expertise implementing the Department of War Risk Management Framework (RMF).
Hands-on experience with NIST SP 800-53 Rev. 5 controls and DoDI 8510.01.
Demonstrated experience developing automation solutions using Python, PowerShell, Ansible, or similar scripting/orchestration tools.
Demonstrated experience implementing the Department of War Risk Management Framework (RMF) or developing and enforcing IT security policy for Department of War or U.S. Government systems, including aligning system accreditation packages, control baselines, and continuous monitoring activities with federal cybersecurity standards (e.g., DoDI 8510.01, NIST SP 800-53, CNSSI 1253).
Experience supporting continuous monitoring and automated compliance reporting capabilities.
DoD 8570.01-M certification (e.g., CISSP, CAP, Security+ CE).
Active Top Secret / SCI clearance.

Nice To Haves

Experience leading technical teams or task areas supporting cybersecurity or compliance automation efforts.
Experience with Governance, Risk, and Compliance (GRC) tools such as eMASS, Archer, or Xacta and their automation or integration capabilities.
Knowledge of OSCAL and machine-readable RMF artifacts.
Experience supporting DevSecOps pipelines, CI/CD environments, and Infrastructure as Code (IaC).
Background in vulnerability management, STIG compliance, or automated security testing frameworks.
Experience supporting Zero Trust security architectures or automated authorization initiatives.

Responsibilities

Provides guidance on development and implementation of automated RMF security control assessment capabilities supporting authorization and continuous monitoring processes.
Serve as the technical team lead for RMF automation initiatives, establishing architecture, standards, and implementation approaches.
Provide expert guidance on integrating automated security validation capabilities across enterprise cybersecurity platforms.
Oversee the design, development, and maintenance of automation tools used for control validation, evidence collection, and compliance reporting.
Develop, integrate, and maintain automated workflows for evidence collection, control validation, and reporting.
Leverage scripting, orchestration, and DevSecOps pipelines to embed compliance and security validation into development and operational environments.
Integrate automated testing tools (e.g., vulnerability scanners, configuration management tools) into RMF packages and authorization workflows.
Support development and implementation of automated compliance capabilities using machine-readable formats such as OSCAL (Open Security Controls Assessment Language).
Provide task prioritization, technical direction, and quality oversight across team deliverables.
Coordinate activities across cybersecurity engineering, DevSecOps, and assessment teams to ensure alignment with mission priorities.
Assist program leadership with planning, staffing coordination, and technical roadmap development for RMF automation capabilities.
Support briefings and technical engagements with government stakeholders regarding automation capabilities, compliance posture, and operational improvements.
Collaborate with cybersecurity engineers, assessors, system owners, and program managers to align automation solutions with operational mission needs.
Provide subject matter expertise on leveraging OSCAL and other machine-readable compliance frameworks.
Support enterprise cybersecurity initiatives including Zero Trust, continuous monitoring, and DevSecOps integration.
Stay current and provide feedback and recommendations on Department of War cybersecurity policies, NIST updates, and emerging compliance automation technologies.
Contribute recommendations to improve cybersecurity policy implementation through automation.