Open Security Controls Assessment Language (SME) (TS/SCI)
Koniag Government Services.com
170k - 185k USD/year
Office
Washington, DC, US
Full Time
Koniag IT Systems, a Koniag Government Services company, is seeking an Open Security Controls Assessment Language SME with a TS/SCI to support KITS and our government customer at the Mark Center, Alexandria, VA. This is a hybrid opportunity that requires 1-4 days of onsite work.
We offer competitive compensation and an extraordinary benefits package including health, dental, and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
We are seeking an experienced Open Security Controls Assessment Language (OSCAL) Subject Matter Expert (SME) to support the design, implementation, and optimization of automated security compliance and risk management solutions. The OSCAL SME will play a critical role in advancing our cybersecurity compliance initiatives by enabling machine-readable security documentation, enhancing interoperability, and streamlining authorization processes across multiple federal frameworks.
Essential Functions, Responsibilities & Duties may include, but are not limited to:
• Serve as the technical expert for OSCAL adoption, implementation, and integration within federal compliance programs (e.g., FedRAMP, NIST RMF, DoD).
• Develop, validate, and maintain OSCAL-based artifacts, including system security plans (SSPs), assessment plans, assessment results, and POA&M packages.
• Provide guidance on mapping security controls to OSCAL models and ensuring alignment with NIST standards.
• Support automation of ATO/authorization workflows by integrating OSCAL with governance, risk, and compliance (GRC) tools.
• Collaborate with system owners, security assessors, and compliance teams to improve efficiency in security control assessment and reporting.
• Deliver training, documentation, and best practices to internal teams and customers on OSCAL adoption.
• Provide support and recommendations for the Department of Defense OSCAL standards development.
• Stay current with OSCAL federal policy changes and industry adoption trends.
Qualifications
Required:
• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field (or equivalent work experience).
• 5+ years of experience in cybersecurity compliance, security assessment, or risk management.
• Hands-on expertise with OSCAL schema, XML/JSON/YAML, and associated validation tools.
• Deep knowledge of NIST frameworks (NIST SP-800-53 Rev. 5, NIST SP-800-37 Rev. 2 RMF, NIST Cybersecurity Framework [CSF 2.0]) and federal compliance standards (e.g., FedRAMP, FISMA, DoD RMF [DoDI 8510.01]).
• Experience with cybersecurity documentation automation and Governance, Risk, and Compliance (GRC) platforms.
• Excellent communication and technical writing skills.
• TS/SCI security Clearance required.
• Ability to work on-site 1-4 days a week.
Preferred:
• Experience of contributing to or collaborating with the NIST OSCAL community.
• Familiarity with DevSecOps pipelines, CI/CD automation, and security-as-code practices.
• Understanding of cloud service provider (CSP) compliance processes (AWS, Azure, GCP, etc.).
• Active security certification (e.g., CISSP, CISM, CAP, CCSP).
Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352
We offer competitive compensation and an extraordinary benefits package including health, dental, and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
We are seeking an experienced Open Security Controls Assessment Language (OSCAL) Subject Matter Expert (SME) to support the design, implementation, and optimization of automated security compliance and risk management solutions. The OSCAL SME will play a critical role in advancing our cybersecurity compliance initiatives by enabling machine-readable security documentation, enhancing interoperability, and streamlining authorization processes across multiple federal frameworks.
Essential Functions, Responsibilities & Duties may include, but are not limited to:
• Serve as the technical expert for OSCAL adoption, implementation, and integration within federal compliance programs (e.g., FedRAMP, NIST RMF, DoD).
• Develop, validate, and maintain OSCAL-based artifacts, including system security plans (SSPs), assessment plans, assessment results, and POA&M packages.
• Provide guidance on mapping security controls to OSCAL models and ensuring alignment with NIST standards.
• Support automation of ATO/authorization workflows by integrating OSCAL with governance, risk, and compliance (GRC) tools.
• Collaborate with system owners, security assessors, and compliance teams to improve efficiency in security control assessment and reporting.
• Deliver training, documentation, and best practices to internal teams and customers on OSCAL adoption.
• Provide support and recommendations for the Department of Defense OSCAL standards development.
• Stay current with OSCAL federal policy changes and industry adoption trends.
Qualifications
Required:
• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field (or equivalent work experience).
• 5+ years of experience in cybersecurity compliance, security assessment, or risk management.
• Hands-on expertise with OSCAL schema, XML/JSON/YAML, and associated validation tools.
• Deep knowledge of NIST frameworks (NIST SP-800-53 Rev. 5, NIST SP-800-37 Rev. 2 RMF, NIST Cybersecurity Framework [CSF 2.0]) and federal compliance standards (e.g., FedRAMP, FISMA, DoD RMF [DoDI 8510.01]).
• Experience with cybersecurity documentation automation and Governance, Risk, and Compliance (GRC) platforms.
• Excellent communication and technical writing skills.
• TS/SCI security Clearance required.
• Ability to work on-site 1-4 days a week.
Preferred:
• Experience of contributing to or collaborating with the NIST OSCAL community.
• Familiarity with DevSecOps pipelines, CI/CD automation, and security-as-code practices.
• Understanding of cloud service provider (CSP) compliance processes (AWS, Azure, GCP, etc.).
• Active security certification (e.g., CISSP, CISM, CAP, CCSP).
Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352
Open Security Controls Assessment Language (SME) (TS/SCI)
Office
Washington, DC, US
Full Time
170k - 185k USD/year
September 26, 2025