Mid-Level Applied Security Architect

The Mid-Level Applied Security Architect provides hands-on cybersecurity architecture, control implementation, and compliance support for systems and workflows that enable the DOE Office of Technology Commercialization's SBIR/STTR programs. This role helps design secure solutions for proposal intake/review platforms, data repositories, analytics/reporting tools, and collaboration environments; implements technical safeguards for sensitive information; and contributes to continuous monitoring activities. The architect partners with senior security leadership, program managers, IT teams, reviewers, and contractors to translate requirements into practical, auditable controls that advance DOE's mission while protecting program data., * Design, document, and implement security controls across SBIR/STTR systems (cloud, onprem, and hybrid), aligned with program requirements.

• Support development of secure architectures for applicant portals, proposal review workflows, data pipelines, and reporting dashboards.
• Configure and maintain identity and access management (IAM), rolebased access, leastprivilege settings, and privileged access management.
• Implement data protection safeguards (encryption at rest/in transit, key management, DLP policies, secure file transfer, tokenization where needed).
• Contribute to vulnerability management and secure configuration baselines; perform assessments, track remediation, and update POA&Ms.
• Assist with logging/telemetry design and SIEM use cases; tune alerts, create dashboards, and support continuous monitoring.
• Participate in risk assessments and threat modeling for new features, integrations, and vendor tools supporting SBIR operations.
• Draft and maintain technical procedures, configuration standards, and build/run books that codify secure operational practices.
• Support compliance documentation (control narratives, diagrams, evidence collection) and ATO package preparation under senior guidance.
• Coordinate with stakeholders to ensure security requirements are embedded early (secure-by-design) and do not impede mission delivery.
• Contribute to incident response readiness (playbooks, tabletop exercises, post incident reviews) and implement corrective actions.
• Recommend pragmatic process improvements that strengthen security posture and user experience across the program., This is a hybrid position requiring periodic onsite participation at DOE headquarters or designated facilities. Remote work is supported for routine responsibilities. Travel may be required for meetings, workshops, security assessments, or program coordination.

• Bachelor's degree in computer science, information security, engineering, or a related field.
• 4-6 years of experience in cybersecurity engineering/architecture, security operations, or compliance in federal or regulated environments.
• Practical experience implementing controls for cloud and hybrid systems (identity, encryption, logging, least privilege, hardening).
• Handson familiarity with SIEM/monitoring tools, vulnerability scanners, endpoint protection, and configuration management.
• Strong understanding of protecting sensitive data (e.g., proposal content, PII) and operationalizing privacy/security requirements.
• Clear written and verbal communication skills for technical documentation, diagrams, and leadership briefings.
• Demonstrated ability to collaborate with cross-functional teams and deliver secure solutions on schedule.
• U.S. citizenship and ability to meet federal suitability requirements if needed.

Security Requirement:

• Ability to obtain a Public Trust, * Experience supporting DOE SBIR/STTR or other federal research/innovation programs.
• Working knowledge of federal cybersecurity frameworks and standards (e.g., NIST SP 800 series, FISMA), zero trust principles, and control baselines.
• Exposure to FedRAMP aligned cloud environments and securing SaaS platforms used for collaboration, workflow, and data analytics.
• Certifications such as Security+, SSCP, CySA+, CCSP, or GIAC (e.g., GSEC, GCSA); progress toward CISSP or CISM is a plus.
• Familiarity with secure DevSecOps practices, automation, infrastructure as code, and compliance as code concepts.
• Background or interest in energy technologies or scientific R&D environments.

Key Competencies:

• Security Architecture & Control Implementation
• Risk Identification and Mitigation
• Data Protection and Access Governance
• Continuous Monitoring and Incident Readiness
• Stakeholder Collaboration and Communication
• Process and Workflow Improvement
• Analytical and Critical Thinking
• Technical Documentation and Standards

Knowledge, Skills, and Abilities (KSAs)

Knowledge:

• Understanding of federal cybersecurity requirements, control frameworks, and DOE mission context for research programs.
• Knowledge of secure cloud/hybrid architectures, IAM models, encryption methods, logging/telemetry, and vulnerability management.

Skills:

• Designing diagrams and control mappings; implementing technical safeguards across program workflows.
• Performing risk assessments, threat modeling, configuration hardening, and remediation tracking
• Building monitoring dashboards, alert logic, and concise security reports for leadership and auditors.
• Using security tools (SIEM, EDR, scanners, CM baselines) and integrating them with operational processes.

Abilities:

• Ability to translate requirements into actionable, auditable designs that balance security with usability and performance.
• Ability to collaborate with technical and nontechnical stakeholders and drive consensus on security priorities.
• Ability to manage multiple tasks, deadlines, and change requests in a dynamic program environment.
• Ability to contribute to a mission driven team and take ownership of deliverables from design through implementation.

We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.

Koniag Professional Services, LLC, a Koniag Government Services company, is seeking a Mid-Level Applied Security Architect to support KPS and our government customer in Washington, DC. The position is hybrid, will require 3 days onsite. This position requires the candidate to be able to obtain a Public Trust., Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com. Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352