Koniag Data Solutions, a Koniag Government Services company *, * is seeking a Cloud DevSecOps Engineer to support KDS and our government customer in Washington, DC. This position is hybrid. Currently one day a week required onsite.
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
The ideal candidate is a hands-on technical professional with deep expertise in DevSecOps practices, cloud security architecture, and infrastructure automation. This role requires someone who is passionate about security, committed to continuous learning, and capable of implementing robust security controls across cloud environments. This position may require the ability to obtain and maintain a security clearance depending on project requirements.
The Cloud DevSecOps Engineer will be responsible for implementing, maintaining, and enhancing security controls within cloud environments, with a primary focus on AWS infrastructure. This role combines security engineering with DevSecOps practices to ensure security is built into every stage of the development lifecycle. Principal responsibilities will include but are not limited to:
Design, implement, and maintain security controls and monitoring solutions in AWS cloud environments
Develop and maintain Infrastructure as Code (IaC) using Terraform and OpenTofu for secure, repeatable deployments
Integrate security tools and processes into CI/CD pipelines using GitLab
Configure, maintain, and optimize Splunk for security monitoring, log aggregation, and threat detection
Conduct security assessments, vulnerability scans, and penetration testing of cloud infrastructure
Implement and maintain security automation tools and scripts to enhance security posture
Collaborate with development teams to embed security best practices into the software development lifecycle
Monitor security alerts, investigate incidents, and respond to security events
Create and maintain security documentation, runbooks, and standard operating procedures
Participate in security architecture reviews and provide recommendations for security improvements
Automate compliance checks and reporting for various security frameworks
Manage secrets, credentials, and encryption key management across cloud environments
Stay current with emerging threats, vulnerabilities, and security technologies
Education and Experience:
Required:
Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field from an accredited college or university, or equivalent work experience
5+ years of hands-on experience in cybersecurity with a focus on cloud security
3+ years of experience with AWS security services and best practices
2+ years of experience implementing DevSecOps practices
Required Skills and Competencies:
Expert-level knowledge of AWS security services including IAM, Security Groups, GuardDuty, CloudTrail, Config, Security Hub, and KMS
Hands-on experience developing and maintaining Infrastructure as Code using Terraform and/or OpenTofu
Proficiency with GitLab CI/CD pipelines and integrating security tools into DevSecOps workflows
Strong experience with Splunk for security monitoring, including creating searches, alerts, dashboards, and correlation rules
Deep understanding of cloud security best practices, including the AWS Well-Architected Framework Security Pillar
Knowledge of network security concepts, including VPCs, security groups, NACLs, and VPN configurations
Experience with container security (Docker, Kubernetes/EKS) and serverless security
Proficiency in scripting languages such as Python, Bash, or PowerShell for security automation
Understanding of security compliance frameworks (NIST, FedRAMP, FISMA, CIS Benchmarks)
Experience with vulnerability management tools and practices
Strong understanding of authentication and authorization mechanisms (OAuth, SAML, MFA)
Excellent analytical and problem-solving skills with attention to detail
Strong communication skills with the ability to explain complex security concepts to technical and non-technical audiences
Ability to work independently and as part of a collaborative team
Experience with version control systems, particularly Git
Desired Skills and Competencies:
Current AWS security certification (AWS Certified Security - Specialty or AWS Certified Solutions Architect)
Additional relevant certifications such as CISSP, CCSP, CEH, GIAC, or similar
Experience working in federal government IT environments
Familiarity with additional cloud platforms (Azure, GCP)
Experience with Security Orchestration, Automation and Response (SOAR) platforms
Knowledge of threat intelligence platforms and integration
Experience with configuration management tools (Ansible, Chef, Puppet)
Understanding of zero-trust architecture principles
Experience with application security testing tools (SAST, DAST, SCA)
Familiarity with service mesh technologies and security implementations
Experience with HashiCorp Vault or similar secrets management solutions
Knowledge of Agile and DevOps methodologies
Experience with immutable infrastructure and serverless architectures
Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352
Job Details
Job Family IT, Cyber Security, Network Systems
Job Function Cyber Security Operations Analyst
Pay Type Salary
Hiring Min Rate 120,000 USD
Hiring Max Rate 150,000 USD
