OneMain Financial Jobs

Koniag Data Solutions, a Koniag Government Services company , is seeking a Cloud DevSecOps Engineer to support KDS and our government customer in Washington, DC. This position is hybrid. Currently one day a week required onsite.

We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.

The ideal candidate is a hands-on technical professional with deep expertise in DevSecOps practices, cloud security architecture, and infrastructure automation. This role requires someone who is passionate about security, committed to continuous learning, and capable of implementing robust security controls across cloud environments. This position may require the ability to obtain and maintain a security clearance depending on project requirements.

The Cloud DevSecOps Engineer will be responsible for implementing, maintaining, and enhancing security controls within cloud environments, with a primary focus on AWS infrastructure. This role combines security engineering with DevSecOps practices to ensure security is built into every stage of the development lifecycle. Principal responsibilities will include but are not limited to:

• Design, implement, and maintain security controls and monitoring solutions in AWS cloud environments

• Develop and maintain Infrastructure as Code (IaC) using Terraform and OpenTofu for secure, repeatable deployments

• Integrate security tools and processes into CI/CD pipelines using GitLab

• Configure, maintain, and optimize Splunk for security monitoring, log aggregation, and threat detection

• Conduct security assessments, vulnerability scans, and penetration testing of cloud infrastructure

• Implement and maintain security automation tools and scripts to enhance security posture

• Collaborate with development teams to embed security best practices into the software development lifecycle

• Monitor security alerts, investigate incidents, and respond to security events

• Create and maintain security documentation, runbooks, and standard operating procedures

• Participate in security architecture reviews and provide recommendations for security improvements

• Automate compliance checks and reporting for various security frameworks

• Manage secrets, credentials, and encryption key management across cloud environments

• Stay current with emerging threats, vulnerabilities, and security technologies

Education and Experience:

Required:

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field from an accredited college or university, or equivalent work experience

• 5+ years of hands-on experience in cybersecurity with a focus on cloud security

• 3+ years of experience with AWS security services and best practices

• 2+ years of experience implementing DevSecOps practices

Required Skills and Competencies:

• Expert-level knowledge of AWS security services including IAM, Security Groups, GuardDuty, CloudTrail, Config, Security Hub, and KMS

• Hands-on experience developing and maintaining Infrastructure as Code using Terraform and/or OpenTofu

• Proficiency with GitLab CI/CD pipelines and integrating security tools into DevSecOps workflows

• Strong experience with Splunk for security monitoring, including creating searches, alerts, dashboards, and correlation rules

• Deep understanding of cloud security best practices, including the AWS Well-Architected Framework Security Pillar

• Knowledge of network security concepts, including VPCs, security groups, NACLs, and VPN configurations

• Experience with container security (Docker, Kubernetes/EKS) and serverless security

• Proficiency in scripting languages such as Python, Bash, or PowerShell for security automation

• Understanding of security compliance frameworks (NIST, FedRAMP, FISMA, CIS Benchmarks)

• Experience with vulnerability management tools and practices

• Strong understanding of authentication and authorization mechanisms (OAuth, SAML, MFA)

• Excellent analytical and problem-solving skills with attention to detail

• Strong communication skills with the ability to explain complex security concepts to technical and non-technical audiences

• Ability to work independently and as part of a collaborative team

• Experience with version control systems, particularly Git

Desired Skills and Competencies:

• Current AWS security certification (AWS Certified Security - Specialty or AWS Certified Solutions Architect)

• Additional relevant certifications such as CISSP, CCSP, CEH, GIAC, or similar

• Experience working in federal government IT environments

• Familiarity with additional cloud platforms (Azure, GCP)

• Experience with Security Orchestration, Automation and Response (SOAR) platforms

• Knowledge of threat intelligence platforms and integration

• Experience with configuration management tools (Ansible, Chef, Puppet)

• Understanding of zero-trust architecture principles

• Experience with application security testing tools (SAST, DAST, SCA)

• Familiarity with service mesh technologies and security implementations

• Experience with HashiCorp Vault or similar secrets management solutions

• Knowledge of Agile and DevOps methodologies

• Experience with immutable infrastructure and serverless architectures

Our Equal Employment Opportunity Policy

The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.

The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.

Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.

Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352

Job Details

Job Family IT, Cyber Security, Network Systems

Job Function Cyber Security Operations Analyst

Pay Type Salary

Hiring Min Rate 120,000 USD

Hiring Max Rate 150,000 USD