Cybersecurity Risk Analyst Jobs in Alabama (NOW HIRING)

Koniag Management Solutions, LLC a Koniag Government Services company, is seeking a Cyber Security Analyst Mid Journeyman with a Secret security clearance to support KMS and our government customer in Huntsville, AL.This is an onsite position. We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more. The Cyber Security Analyst Mid/Journeyman supports cybersecurity operations, continuous monitoring, compliance, and DevSecOps initiatives across hybrid enterprise environments.

This role helps secure applications, infrastructure, cloud platforms, and operational workflows through vulnerability management, audit readiness, security automation, centralized logging, and implementation of DoW cybersecurity requirements. The ideal candidate can operate effectively in both current-state on-premises environments and future-state cloud and containerized architecture. Essential Functions, Responsibilities & Duties may include, but are not limited to: * Support cybersecurity operations for enterprise systems, applications, and platforms in accordance with DoW and organizational security requirements.

* Assist with implementation and maintenance of continuous monitoring, audit logging, and security compliance processes. * Contribute to DevSecOps practices by integrating security into CI/CD pipelines, infrastructure deployments, and application delivery workflows. * Support vulnerability assessment and remediation activities, including coordination of findings from Nessus/ACAS, STIG reviews, code scanning, and configuration compliance tools.

* Analyze and support security controls for cloud, containerized, and traditional server-based environments. * Assist with securing and monitoring Google Cloud and other hybrid/cloud-hosted services, including identity, logging, network controls, and workload protection. * Support secure deployment and operations of containers and container orchestration platforms such as Docker and Kubernetes.

* Review system, application, and audit logs to identify anomalies, support investigations, and improve visibility across the enterprise. * Help maintain RMF documentation and artifacts, including control implementation evidence, POA&Ms, and eMASS support documentation. * Collaborate with system administrators, developers, engineers, and platform teams to implement secure configurations and improve cyber posture.

* Support incident response, root cause analysis, and corrective action efforts as needed. * Participate in development and refinement of security automation, scripting, and repeatable compliance processes. Required Knowledge and Experience: * Working knowledge of cybersecurity and compliance principles related to: * Secure application development * Secure cloud architecture * Server and platform administration * SQL and relational databases * Auditing, logging, and continuous monitoring * DoW Risk Management Framework (RMF) * STIG implementation and vulnerability remediation * Experience supporting enterprise technologies in a DoW or similarly regulated environment.

* Familiarity with centralized logging/SIEM platforms, such as Splunk or equivalent cloud-native logging and monitoring solutions. * Familiarity with security automation and administration tools such as Ansible, scripting, or policy/compliance automation tools. * Understanding of containerization, including Docker and Kubernetes security fundamentals.

* Understanding of cloud security concepts, especially for Google Cloud or similar enterprise cloud platforms. * Familiarity with security scanning and assessment tools such as Nessus, Fortify, Semgrep, EvaluateSTIG, eMASS, or similar capabilities. * Familiarity with Red Hat Enterprise Linux 9 and enterprise Windows Server environments.

* Familiarity with PowerShell, Python, or Bash for automation and analysis. * Understanding of TCP/IP, routing and switching, firewalls, DNS, LDAP/Active Directory, intrusion detection/prevention, and packet analysis fundamentals. * Familiarity with Zero Trust principles, incident response processes, endpoint protection, DLP, and malware defense concepts.

Education and Certifications: Education: * BS or equivalent experience in Computer Science, Data Engineering, Management or Computer Information Systems (MIS or CIS), or Experience: * 60-months related experience specific to the position requirements Certification: * Must hold or be willing to obtain a CompTIA Security+ Certificate, or higher, prior to onboarding Clearance Requirement: * Must have Active SECRET clearance prior to onboarding Preferred Qualifications: * Experience with Kubernetes, container registries, and container image security practices. * Experience with Splunk SPL or other query languages used for log analysis and detection engineering. * Experience supporting compliance in environments using React, .NET, APIs, JSON/XML, web services, and enterprise application hosting platforms.

* Familiarity with Infrastructure as Code and secure configuration management concepts. Other Responsibilities: * Perform other duties as assigned Our Equal Employment Opportunity Policy The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law.

We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment. The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at or by calling 703-488-9377 to request accommodations.

Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery.

We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com. Equal Opportunity Employer/Veterans/Disabled.

Shareholder Preference in accordance with Public Law 88-352