Cyber Security Analyst
Koniag Government Services, Huntsville, AL, United States
Koniag Management Solutions, LLC a Koniag Government Services company, is seeking a Cyber Security Analyst Mid Journeyman with a Secret security clearance to support KMS and our government customer in Huntsville, AL.
This is an onsite position.
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
The Cyber Security Analyst Mid/Journeyman supports cybersecurity operations, continuous monitoring, compliance, and DevSecOps initiatives across hybrid enterprise environments. This role helps secure applications, infrastructure, cloud platforms, and operational workflows through vulnerability management, audit readiness, security automation, centralized logging, and implementation of DoW cybersecurity requirements. The ideal candidate can operate effectively in both current-state on-premises environments and future-state cloud and containerized architecture.
Essential Functions, Responsibilities & Duties may include, but are not limited to:
Support cybersecurity operations for enterprise systems, applications, and platforms in accordance with DoW and organizational security requirements.
Assist with implementation and maintenance of continuous monitoring, audit logging, and security compliance processes.
Contribute to DevSecOps practices by integrating security into CI/CD pipelines, infrastructure deployments, and application delivery workflows.
Support vulnerability assessment and remediation activities, including coordination of findings from Nessus/ACAS, STIG reviews, code scanning, and configuration compliance tools.
Analyze and support security controls for cloud, containerized, and traditional server-based environments.
Assist with securing and monitoring Google Cloud and other hybrid/cloud-hosted services, including identity, logging, network controls, and workload protection.
Support secure deployment and operations of containers and container orchestration platforms such as Docker and Kubernetes.
Review system, application, and audit logs to identify anomalies, support investigations, and improve visibility across the enterprise.
Help maintain RMF documentation and artifacts, including control implementation evidence, POA&Ms, and eMASS support documentation.
Collaborate with system administrators, developers, engineers, and platform teams to implement secure configurations and improve cyber posture.
Support incident response, root cause analysis, and corrective action efforts as needed.
Participate in development and refinement of security automation, scripting, and repeatable compliance processes.
Required Knowledge And Experience
Working knowledge of cybersecurity and compliance principles related to:
Secure application development
Secure cloud architecture
Server and platform administration
SQL and relational databases
Auditing, logging, and continuous monitoring
DoW Risk Management Framework (RMF)
STIG implementation and vulnerability remediation
Experience supporting enterprise technologies in a DoW or similarly regulated environment.
Familiarity with centralized logging/SIEM platforms, such as Splunk or equivalent cloud-native logging and monitoring solutions.
Familiarity with security automation and administration tools such as Ansible, scripting, or policy/compliance automation tools.
Understanding of containerization, including Docker and Kubernetes security fundamentals.
Understanding of cloud security concepts, especially for Google Cloud or similar enterprise cloud platforms.
Familiarity with security scanning and assessment tools such as Nessus, Fortify, Semgrep, EvaluateSTIG, eMASS, or similar capabilities.
Familiarity with Red Hat Enterprise Linux 9 and enterprise Windows Server environments.
Familiarity with PowerShell, Python, or Bash for automation and analysis.
Understanding of TCP/IP, routing and switching, firewalls, DNS, LDAP/Active Directory, intrusion detection/prevention, and packet analysis fundamentals.
Familiarity with Zero Trust principles, incident response processes, endpoint protection, DLP, and malware defense concepts.
Education and Certifications
BS or equivalent experience in Computer Science, Data Engineering, Management or Computer Information Systems (MIS or CIS), or
Experience
60 months related experience specific to the position.
Certification
Must hold or be willing to obtain a CompTIA Security+ Certificate, or higher, prior to onboarding.
Clearance Requirement
Must have Active SECRET clearance prior to onboarding.
Preferred Qualifications
Experience with Kubernetes, container registries, and container image security practices.
Experience with Splunk SPL or other query languages used for log analysis and detection engineering.
Experience supporting compliance in environments using React, .NET, APIs, JSON/XML, web services, and enterprise application hosting platforms.
Familiarity with Infrastructure as Code and secure configuration management concepts.
Other Responsibilities
Perform other duties as assigned.
Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703‑488‑9377 to request accommodations.
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88‑352
#J-18808-Ljbffr
This is an onsite position.
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
The Cyber Security Analyst Mid/Journeyman supports cybersecurity operations, continuous monitoring, compliance, and DevSecOps initiatives across hybrid enterprise environments. This role helps secure applications, infrastructure, cloud platforms, and operational workflows through vulnerability management, audit readiness, security automation, centralized logging, and implementation of DoW cybersecurity requirements. The ideal candidate can operate effectively in both current-state on-premises environments and future-state cloud and containerized architecture.
Essential Functions, Responsibilities & Duties may include, but are not limited to:
Support cybersecurity operations for enterprise systems, applications, and platforms in accordance with DoW and organizational security requirements.
Assist with implementation and maintenance of continuous monitoring, audit logging, and security compliance processes.
Contribute to DevSecOps practices by integrating security into CI/CD pipelines, infrastructure deployments, and application delivery workflows.
Support vulnerability assessment and remediation activities, including coordination of findings from Nessus/ACAS, STIG reviews, code scanning, and configuration compliance tools.
Analyze and support security controls for cloud, containerized, and traditional server-based environments.
Assist with securing and monitoring Google Cloud and other hybrid/cloud-hosted services, including identity, logging, network controls, and workload protection.
Support secure deployment and operations of containers and container orchestration platforms such as Docker and Kubernetes.
Review system, application, and audit logs to identify anomalies, support investigations, and improve visibility across the enterprise.
Help maintain RMF documentation and artifacts, including control implementation evidence, POA&Ms, and eMASS support documentation.
Collaborate with system administrators, developers, engineers, and platform teams to implement secure configurations and improve cyber posture.
Support incident response, root cause analysis, and corrective action efforts as needed.
Participate in development and refinement of security automation, scripting, and repeatable compliance processes.
Required Knowledge And Experience
Working knowledge of cybersecurity and compliance principles related to:
Secure application development
Secure cloud architecture
Server and platform administration
SQL and relational databases
Auditing, logging, and continuous monitoring
DoW Risk Management Framework (RMF)
STIG implementation and vulnerability remediation
Experience supporting enterprise technologies in a DoW or similarly regulated environment.
Familiarity with centralized logging/SIEM platforms, such as Splunk or equivalent cloud-native logging and monitoring solutions.
Familiarity with security automation and administration tools such as Ansible, scripting, or policy/compliance automation tools.
Understanding of containerization, including Docker and Kubernetes security fundamentals.
Understanding of cloud security concepts, especially for Google Cloud or similar enterprise cloud platforms.
Familiarity with security scanning and assessment tools such as Nessus, Fortify, Semgrep, EvaluateSTIG, eMASS, or similar capabilities.
Familiarity with Red Hat Enterprise Linux 9 and enterprise Windows Server environments.
Familiarity with PowerShell, Python, or Bash for automation and analysis.
Understanding of TCP/IP, routing and switching, firewalls, DNS, LDAP/Active Directory, intrusion detection/prevention, and packet analysis fundamentals.
Familiarity with Zero Trust principles, incident response processes, endpoint protection, DLP, and malware defense concepts.
Education and Certifications
BS or equivalent experience in Computer Science, Data Engineering, Management or Computer Information Systems (MIS or CIS), or
Experience
60 months related experience specific to the position.
Certification
Must hold or be willing to obtain a CompTIA Security+ Certificate, or higher, prior to onboarding.
Clearance Requirement
Must have Active SECRET clearance prior to onboarding.
Preferred Qualifications
Experience with Kubernetes, container registries, and container image security practices.
Experience with Splunk SPL or other query languages used for log analysis and detection engineering.
Experience supporting compliance in environments using React, .NET, APIs, JSON/XML, web services, and enterprise application hosting platforms.
Familiarity with Infrastructure as Code and secure configuration management concepts.
Other Responsibilities
Perform other duties as assigned.
Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703‑488‑9377 to request accommodations.
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88‑352
#J-18808-Ljbffr