Koniag IT Systems, LLC, a Koniag Government Services company, is seeking a Risk & Quality Manager with a Secret Security clearance to support KITS and our government customer. The position is remote.
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
Koniag IT Systems, LLC, a Koniag Government Services company, is seeking an experienced ICAM Risk & Quality Manager to join a team supporting Identity, Credential, and Access Management (ICAM) solutions for our government customers. The ideal candidate is a seasoned professional with a strong background in risk management, quality assurance, and identity and assess management frameworks within a federal environment. This individual will play a critical role in ensuring integrity, compliance, and continuous improvement of ICAM programs and processes.
The ICAM Risk & Quality Manager will be responsible for overseeing risk management activities, quality assurance processes, and compliance efforts associated with ICAM programs and solutions in a federal government environment. This individual will work closely with program managers, security teams, engineers, and government stakeholders to identify, assess, and mitigate risks while ensuring that ICAM deliverables and operations meet the highest standards of quality and compliance.
Principal responsibilities will include but are not limited to:
- Develop, implement, and manage a comprehensive risk management framework for ICAM programs, including the identification, assessment, prioritization, and mitigation of risks across people, processes, and technology.
- Establish and maintain a quality management program for ICAM operations, ensuring that all deliverables, processes, and services meet defined quality standards and government requirements.
- Conduct regular risk assessments and quality audits of ICAM systems, processes, and configurations to identify vulnerabilities, gaps, and areas for improvement.
- Develop and maintain a Risk Register, tracking identified risks, mitigation strategies, residual risks, and risk owners throughout the program lifecycle.
- Collaborate with ICAM engineers, administrators, and program managers to ensure risk mitigation strategies are effectively implemented and monitored.
- Support the development and maintenance of program policies, procedures, and standards aligned with federal ICAM frameworks, NIST guidelines, and Zero Trust principles.
- Lead and coordinate internal quality reviews, process audits, and after-action reviews to drive continuous improvement across ICAM operations.
- Prepare and present risk and quality reports, dashboards, and briefings to government stakeholders and program leadership on a regular basis.
- Support the Authority to Operate (ATO) process by contributing to and reviewing security documentation, including System Security Plans (SSPs), Risk Assessment Reports (RARs), and Plans of Action and Milestones (POA&Ms).
- Coordinate with security and compliance teams to ensure ICAM solutions adhere to relevant federal regulations, policies, and standards, including FISMA, FedRAMP, NIST SP 800-53, and FICAM.
- Monitor and track POA&Ms to ensure timely remediation of identified risks and findings.
- Serve as a subject matter expert (SME) on ICAM risk and quality matters, providing guidance and recommendations to technical teams and stakeholders.
- Facilitate training and awareness activities related to ICAM risk management and quality assurance practices.
- Support incident response efforts related to ICAM systems by assessing risk impact and contributing to lessons-learned reviews.
- Develop and maintain metrics and key performance indicators (KPIs) to measure the effectiveness of risk management and quality assurance activities.
Education and Experience:
Required:
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, Risk Management, or a related field from an accredited college or university; equivalent work experience may be considered in lieu of a degree.
- 5+ years of experience in risk management, quality assurance, or compliance roles within an information technology or cybersecurity environment.
- 3+ years of experience working with ICAM programs, frameworks, or technologies in a federal government context.
Required Skills and Competencies:
- Exceptional communication skills in English – both written and oral – with the ability to communicate effectively with both technical and non-technical stakeholders, including senior government leadership.
- Strong understanding of risk management frameworks and methodologies, including NIST Risk Management Framework (RMF), NIST SP 800-30, and NIST SP 800-53.
- Demonstrated experience developing and maintaining Risk Registers, POA&Ms, and risk assessment reports in a federal IT environment.
- Familiarity with ICAM frameworks, principles, and federal identity management standards, including FICAM, NIST SP 800-63, and Zero Trust Architecture.
- Experience supporting or leading ATO processes, including the preparation and review of security documentation such as SSPs, RARs, and POA&Ms.
- Knowledge of federal compliance and regulatory requirements, including FISMA, FedRAMP, and OMB policies related to identity and access management.
- Experience developing, implementing, and managing quality management programs and conducting process audits and reviews.
- Strong analytical and problem-solving skills, with the ability to assess complex risks and develop practical, actionable mitigation strategies.
- Ability to develop and present clear, concise risk and quality reports and briefings to diverse audiences, including senior leadership and government customers.
- Proficiency in developing and tracking metrics and KPIs to measure program health and effectiveness.
- Demonstrated ability to manage multiple priorities and work effectively in a fast-paced, team-oriented environment.
Clearance Requirement:
Desired Skills and Competencies:
- Experience working in a federal government IT environment supporting large-scale ICAM programs.
- Familiarity with ICAM technologies such as Okta, SailPoint, CyberArk, Ping Identity, or ForgeRock.
- Experience with continuous monitoring tools and security information and event management (SIEM) platforms.
- Knowledge of Privileged Access Management (PAM) concepts and associated risk considerations.
- Understanding of PIV/CAC authentication and its role within federal ICAM architectures.
- Experience with Agile and/or DevSecOps methodologies and their intersection with risk and quality management.
- Familiarity with cloud security frameworks and FedRAMP authorization processes.
- Project Management Professional (PMP) or equivalent certification.
- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC) certification.
- CompTIA Security+ or equivalent certification.
- Experience facilitating tabletop exercises or risk workshops with government stakeholders.
Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352