Senior Applied Security Architect

Koniag Professional Services, LLC, a Koniag Government Services company is seeking a Senior Applied Security Architect to support KPS and our government customer in Washington, DC. The position is hybrid, will require 3 days onsite. This position requires the candidate to be able to obtain a Public Trust. We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more. The Senior Applied Security role provides advanced cybersecurity leadership, technical architecture, and compliance oversight for systems, workflows, and data supporting the DOE Office of Technology Commercialization’s SBIR/STTR programs. This position ensures secure handling of sensitive proposal information, applicant data, and program records; strengthens security-by-design across platforms and tools; and drives continuous monitoring and risk reduction. The senior specialist partners with program managers, IT/security teams, national laboratories, reviewers, and support contractors to design and enforce controls that align with federal requirements and DOE mission needs. Key Responsibilities Lead security architecture and design for SBIR/STTR program systems, data flows, and integrations (onprem, cloud, and hybrid). Develop and maintain security policies, standards, and procedures for identity, access, data protection, logging, and incident management. Oversee risk assessments, threat modeling, vulnerability management, and remediation planning; maintain POA&Ms and drive closure. Implement and optimize controls for safeguarding sensitive information (e.g., proposal data, PII), including encryption, tokenization, and DLP. Coordinate security compliance activities, mapping controls to applicable federal frameworks and DOE requirements; support ATO packages. Establish secure workflows for solicitation development, proposal intake/review, portfolio tracking, reporting, and outreach platforms. Design and manage role-based access, least privilege models, and privileged access management for SBIR/STTR stakeholders. Implement continuous monitoring, log aggregation/SIEM use cases, alert tuning, and metrics dashboards for leadership visibility. Lead incident response planning, tabletop exercises, and after-action reviews; ensure timely reporting and corrective actions. Evaluate third‑party tools and vendors used for program operations; conduct security due diligence and integration hardening. Provide senior technical guidance and coaching to program and contractor teams; deliver security training and awareness sessions. Drive process improvements that enhance security posture, reduce operational risk, and improve user experience without compromising controls. Required Qualifications Bachelor’s degree in computer science, information security, engineering, or a related field. Minimum of 7 years’ experience in applied cybersecurity, security architecture/engineering, or compliance in federal or regulated environments. Proven experience designing and implementing security controls for cloud and hybrid systems (e.g., identity, encryption, logging, IR). Hands‑on experience with vulnerability assessment tools, SIEM/monitoring, endpoint protection, and configuration management. Strong understanding of data protection for sensitive and personal information; experience operationalizing privacy/security requirements. Excellent written and verbal communication skills, including developing policies, standards, and leadership briefings. Demonstrated ability to lead cross‑functional teams, manage complex initiatives, and drive remediation through to completion. Proficiency with security frameworks and control baselines; ability to translate requirements into practical, auditable implementations. U.S. citizenship and ability to meet federal suitability requirements if needed. Preferred Qualifications Experience supporting DOE or other federal research/innovation programs, including SBIR/STTR environments. Familiarity with federal cybersecurity frameworks and standards (e.g., NIST SP 800 series, FISMA), cloud security best practices, and zero trust principles. Experience protecting proposal/intellectual property workflows, applicant portals, data lakes, and analytics/reporting platforms. Certifications such as CISSP, CCSP, CISM, CASP+, or GIAC (e.g., GSEC, GCCC, GCIH). Knowledge of secure DevSecOps practices, automation, infrastructure as code, and compliance‑as‑code approaches. Background in energy sector technologies or scientific R&D environments. Security Requirement Ability to obtain a Public Trust Security Architecture & Engineering Risk Management and Compliance Data Protection and Privacy Incident Response and Continuous Monitoring Stakeholder Collaboration and Communication Process and Workflow Improvement Analytical and Critical Thinking Leadership and Mentorship Knowledge, Skills, and Abilities (KSAs) Knowledge Understanding of federal cybersecurity requirements, control frameworks, and DOE mission context for research programs. Knowledge of secure cloud/hybrid architectures, identity/access patterns, encryption methods, logging/telemetry, and IR best practices. Skills Designing and implementing technical controls, policies, and procedures across complex program workflows. Performing risk assessments, threat modeling, vulnerability management, and mitigation planning. Building dashboards, reports, and briefings that translate security posture and metrics for leadership. Using security tools (e.g., SIEM, EDR, scanners, configuration baselines) and integrating them with program operations. Abilities Ability to lead multifunctional teams and drive consensus on security priorities and remediation plans. Ability to communicate clearly with technical and non‑technical audiences and convert requirements into actionable designs. Ability to balance strong security controls with usability, performance, and mission delivery. Ability to manage multiple initiatives, deadlines, and emergent incidents in a dynamic environment. Work Environment This is a hybrid position requiring periodic onsite participation at DOE headquarters or designated facilities. Remote work is supported for routine tasks. Travel may be required for meetings, workshops, security assessments, or program coordination. Our Equal Employment Opportunity Policy The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment. Equal Opportunity Employer/Veterans/Disabled.Shareholder Preference in accordance with Public Law 88-352 #J-18808-Ljbffr Koniag Information Security Services, LLC