CSRMC Team Lead (TS/SCI)

Koniag IT Systems, LLC, a Koniag Government Services company, is seeking a CSRMC Team Lead with a TS/SCI Security clearance to support KITS and our government customer at the Pentagon, Arlington, VA.

We offer competitive compensation and an extraordinary benefits package including health, dental, and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.

The CSRMC Team Lead provides technical leadership and subject matter expertise supporting the automation of the Department of War's Risk Management Framework (RMF) Revamp processes. This role leads the design, development, and implementation of automated compliance and security control validation capabilities that enhance the efficiency, accuracy, and scalability of RMF authorization and continuous monitoring activities.

The Team Lead will oversee a small team of cybersecurity engineers and automation specialists while working closely with Authorizing Officials, cybersecurity engineers, system owners, and DevSecOps teams to integrate automated compliance capabilities into enterprise cybersecurity workflows.

This position plays a critical role in advancing the Department of War's transition toward machine-readable compliance frameworks, automated evidence collection, and continuous authorization approaches aligned with Zero Trust and DevSecOps architectures.

Key Responsibilities

Technical Leadership

• Provides guidance on development and implementation of automated RMF security control assessment capabilities supporting authorization and continuous monitoring processes.
• Serve as the technical team lead for RMF automation initiatives, establishing architecture, standards, and implementation approaches.
• Provide expert guidance on integrating automated security validation capabilities across enterprise cybersecurity platforms.
• Oversee the design, development, and maintenance of automation tools used for control validation, evidence collection, and compliance reporting.

Automation and Engineering

• Develop, integrate, and maintain automated workflows for evidence collection, control validation, and reporting.
• Leverage scripting, orchestration, and DevSecOps pipelines to embed compliance and security validation into development and operational environments.
• Integrate automated testing tools (e.g., vulnerability scanners, configuration management tools) into RMF packages and authorization workflows.
• Support development and implementation of automated compliance capabilities using machine-readable formats such as OSCAL (Open Security Controls Assessment Language).

Team Leadership and Program Support

• Provide task prioritization, technical direction, and quality oversight across team deliverables.
• Coordinate activities across cybersecurity engineering, DevSecOps, and assessment teams to ensure alignment with mission priorities.
• Assist program leadership with planning, staffing coordination, and technical roadmap development for RMF automation capabilities.
• Support briefings and technical engagements with government stakeholders regarding automation capabilities, compliance posture, and operational improvements.

Stakeholder Engagement

• Collaborate with cybersecurity engineers, assessors, system owners, and program managers to align automation solutions with operational mission needs.
• Provide subject matter expertise on leveraging OSCAL and other machine-readable compliance frameworks.
• Support enterprise cybersecurity initiatives including Zero Trust, continuous monitoring, and DevSecOps integration.

Policy and Emerging Technology Awarenes

• Stay current and provide feedback and recommendations on Department of War cybersecurity policies, NIST updates, and emerging compliance automation technologies.
• Contribute recommendations to improve cybersecurity policy implementation through automation.

Required Qualifications

• Master's degree in Cybersecurity, Information Systems, Computer Science, or a related technical field.
• 15+ years of experience supporting Department of War cybersecurity compliance, assessment, or risk management activities.
• Demonstrated expertise implementing the Department of War Risk Management Framework (RMF).
• Hands-on experience with NIST SP 800-53 Rev. 5 controls and DoDI 8510.01.
• Demonstrated experience developing automation solutions using Python, PowerShell, Ansible, or similar scripting/orchestration tools.
• Demonstrated experience implementing the Department of War Risk Management Framework (RMF) or developing and enforcing IT security policy for Department of War or U.S. Government systems, including aligning system accreditation packages, control baselines, and continuous monitoring activities with federal cybersecurity standards (e.g., DoDI 8510.01, NIST SP 800-53, CNSSI 1253).
• Experience supporting continuous monitoring and automated compliance reporting capabilities.
• DoD 8570.01-M certification (e.g., CISSP, CAP, Security+ CE).

Preferred Qualifications

• Experience leading technical teams or task areas supporting cybersecurity or compliance automation efforts.
• Experience with Governance, Risk, and Compliance (GRC) tools such as eMASS, Archer, or Xacta and their automation or integration capabilities.
• Knowledge of OSCAL and machine-readable RMF artifacts.
• Experience supporting DevSecOps pipelines, CI/CD environments, and Infrastructure as Code (IaC).
• Background in vulnerability management, STIG compliance, or automated security testing frameworks.
• Experience supporting Zero Trust security architectures or automated authorization initiatives.

Clearance Requirement

• Active Top Secret / SCI clearance.

Our Equal Employment Opportunity Policy

The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.

The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.

Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.

Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352