Job Requirements
Washington, DC
Public Trust Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries
Job Description
Koniag Data Solutions, LLC, a Koniag Government Services company, is seeking a Cybersecurity Operations Technical Lead (SOC Engineer/SME) to support KDS and our government customer in Washington, DC. This position requires the candidate to be able to obtain a Public Trust.
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
Koniag Data Solutions, a Koniag Government Services company, is seeking an experienced Cybersecurity Operations Technical Lead to support the U.S. Small Business Administration (SBA). The ideal candidate is a seasoned cybersecurity professional with deep technical expertise in Security Operations Center (SOC) operations, threat detection, and incident response. This individual will serve as a subject matter expert (SME), providing technical leadership and guidance to a team of cybersecurity analysts while working closely with SBA stakeholders to protect critical government systems and data.
The Cybersecurity Operations Technical Lead will serve as the senior technical expert within the SOC, providing leadership, mentorship, and hands-on technical support for all cybersecurity operations activities supporting the SBA.
Principal responsibilities will include but are not limited to:
Education and Experience:
Required:
Desired:
Required Skills and Competencies:
Desired Skills and Competencies:
Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
Koniag Data Solutions, a Koniag Government Services company, is seeking an experienced Cybersecurity Operations Technical Lead to support the U.S. Small Business Administration (SBA). The ideal candidate is a seasoned cybersecurity professional with deep technical expertise in Security Operations Center (SOC) operations, threat detection, and incident response. This individual will serve as a subject matter expert (SME), providing technical leadership and guidance to a team of cybersecurity analysts while working closely with SBA stakeholders to protect critical government systems and data.
The Cybersecurity Operations Technical Lead will serve as the senior technical expert within the SOC, providing leadership, mentorship, and hands-on technical support for all cybersecurity operations activities supporting the SBA.
Principal responsibilities will include but are not limited to:
- Serve as the primary technical subject matter expert (SME) for SOC operations, providing guidance and oversight to cybersecurity analysts in the detection, analysis, and response to security incidents.
- Lead and coordinate incident response activities, including triage, containment, eradication, recovery, and post-incident review in accordance with SBA policies and federal guidelines.
- Oversee continuous monitoring of SBA networks, systems, and endpoints using SIEM platforms, IDS/IPS tools, and other security technologies to identify and respond to potential threats and anomalies.
- Develop, tune, and maintain SIEM use cases, detection rules, correlation logic, and alerting thresholds to improve threat detection capabilities and reduce false positives.
- Conduct advanced threat hunting activities to proactively identify indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs) leveraged by threat actors targeting SBA systems.
- Perform in-depth analysis of security events, logs, network traffic, and endpoint telemetry to identify malicious activity and provide actionable intelligence to SBA leadership and stakeholders.
- Collaborate with SBA IT and security teams to develop, refine, and maintain Standard Operating Procedures (SOPs), playbooks, and runbooks for SOC operations and incident response activities.
- Provide technical mentorship and training to junior and mid-level SOC analysts, fostering professional development and elevating the overall capability of the team.
- Support vulnerability management activities, including the review and analysis of vulnerability scan results and coordination with system owners on remediation efforts.
- Prepare and deliver detailed technical reports, briefings, and after-action reviews (AARs) to SBA leadership, documenting incident timelines, findings, and recommended corrective actions.
- Ensure SOC operations align with federal cybersecurity frameworks, policies, and compliance requirements, including NIST, FISMA, and DHS/CISA guidance.
- Coordinate with external stakeholders, including US-CERT, CISA, and other federal agencies, as necessary, during significant cybersecurity incidents or threat campaigns.
- Support the continuous improvement of SOC processes, tools, and technologies to enhance operational efficiency and the overall cybersecurity posture of the SBA.
Education and Experience:
Required:
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field from an accredited college or university.
- 8+ years of progressive experience in cybersecurity operations, with at least 3 years in a technical lead, senior analyst, or SME role within a SOC environment.
- Demonstrated experience supporting federal government cybersecurity programs and operations.
- One or more of the following certifications:
- Certified Information Systems Security Professional (CISSP)
- GIAC Security Operations Certified (GSOC)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Enterprise Defender (GCED)
- Certified SOC Analyst (CSA)
Desired:
- Master's degree in Cybersecurity, Information Assurance, or a related field.
- 10+ years of cybersecurity operations experience within a federal government or defense contracting environment.
Required Skills and Competencies:
- Exceptional communication skills in English - both written and oral - with the ability to convey complex technical information clearly to both technical and non-technical audiences, including senior government leadership.
- Deep technical expertise in SOC operations, including security event monitoring, incident detection, triage, and response.
- Extensive hands-on experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, ArcSight, or similar) including use case development, rule tuning, and dashboard creation.
- Strong knowledge of network security concepts, including TCP/IP, DNS, HTTP/S, firewalls, IDS/IPS, and network traffic analysis tools such as Wireshark or Zeek.
- Proficiency in endpoint detection and response (EDR) tools and methodologies for investigating host-based threats and anomalies.
- Experience with threat intelligence platforms and the ability to operationalize threat intelligence to improve detection and response capabilities.
- Strong understanding of the MITRE ATT&CK framework and its application to threat detection, threat hunting, and incident response.
- Demonstrated experience developing and maintaining incident response playbooks, SOPs, and runbooks.
- Knowledge of federal cybersecurity frameworks and compliance requirements, including NIST SP 800-53, NIST SP 800-61, FISMA, and CISA guidance.
- Experience conducting log analysis across diverse data sources, including Windows Event Logs, Syslog, cloud platform logs, and application logs.
- Ability to lead and mentor a team of cybersecurity analysts in a fast-paced operational environment.
- Ability to obtain and maintain a Public Trust Clearance.
Desired Skills and Competencies:
- Prior experience supporting SBA or other federal civilian agency cybersecurity programs.
- Experience with cloud security monitoring and operations in AWS, Azure, or GCP environments.
- Familiarity with Security Orchestration, Automation, and Response (SOAR) platforms and scripting languages (e.g., Python, PowerShell) for automation of SOC workflows.
- Knowledge of Zero Trust Architecture principles and implementation within a federal environment.
- Experience with digital forensics and malware analysis techniques.
- Familiarity with CDM (Continuous Diagnostics and Mitigation) program tools and requirements.
- GIAC Certified Forensic Analyst (GCFA) or GIAC Reverse Engineering Malware (GREM) certification.
- Experience supporting FedRAMP authorized cloud environments.
Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352
group id: 10201473