Security Assessment Lead

Koniag Government Services, LLC•Washington, DC

13h

About The Position

Koniag IT Systems, LLC, a Koniag Government Services company, is seeking a Security Assessment Lead to support KITS and our government customer in Washington, DC. This position is for a Future New Business Opportunity. The customer may need support as needed at other locations: Warrenton, VA, Atlantic City, NJ, Melbourne, FL, Oklahoma, OK and Leesburg, VA. We are seeking a highly skilled Security Assessment Lead to perform comprehensive assessments of systems and networks, evaluate security architectures, and provide actionable insights to strengthen the organization’s cybersecurity posture. The ideal candidate will have deep experience analyzing systems, executing security tests, and assessing compliance against established policies, configurations, and requirements.

Requirements

Bachelor’s degree in Cyber Security, Computer Science, Information Technology, Engineering, Mathematics, or Physics from an accredited institution.
Ten (10) years of experience directly related to the responsibilities described in this position.
At least two (2) years of the relevant experience must be recent (within the last three years).
At least one of the following risk assessment or cybersecurity certifications: Certified Information Systems Security Professional (CISSP), GIAC Certified Enterprise Defender (GCED), CompTIA Advanced Security Practitioner (CASP), Certified Information Systems Auditor (CISA)
Expertise with FAA information security policies.
Five (5) years of management and supervisory experience (within the required experience timeframe), overseeing the successful completion of multiple risk and vulnerability assessments.
Two (2) of those five (5) years must have been in a lead role.

Nice To Haves

Experience conducting security assessments within federal or regulated environments.
Strong analytical, communication, and technical documentation skills.
Familiarity with NIST SP 800‑53, RMF, STIGs, or similar cybersecurity frameworks.

Responsibilities

Conduct assessments of systems and networks within the network environment or enclave to identify deviations from acceptable configurations, enclave policies, and local policies.
Evaluate the effectiveness of defense‑in‑depth architecture against known vulnerabilities.
Analyze the security posture of new or existing applications, software, and specialized utility programs and provide actionable recommendations.
Plan, prepare, and execute system tests to evaluate performance against specifications and security requirements.
Analyze and report test results, clearly communicating risks, vulnerabilities, and mitigation recommendations.
Collaborate with technical teams to ensure findings are understood and appropriately addressed.