Koniag Government Services Jobs Hiring Now
Koniag Government Services is hiring for 247 open roles on Migrate Mate as of July 16, 2026, concentrated in business analysis and business analyst, with listed salaries up to about $263,000. Migrate Mate updates Koniag Government Services's live openings daily. Koniag Government Services is a government services contractor providing IT, program management, and administrative support to federal agencies.
Find Koniag Government Services JobsOverview
Koniag Government Services hiring data on Migrate Mate, as of July 16, 2026.
- Open jobs
- 247
- Top team
- Business Analysis
- Seniority
- Across all levels
- Work type
- 21% remote or hybrid
- Top location
- Washington
- Salary range
- $55,000–$263,000
Listed salaries for Koniag Government Services roles on Migrate Mate range from about $55,000 to $263,000 per year across 247 open roles, as of July 16, 2026. Some roles list hourly contract rates.
Open Roles at Koniag Government Services
Showing 25 of 247+ Koniag Government Services jobs



















































We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
Koniag Data Solutions, a Koniag Government Services company, is seeking a skilled and experienced Vulnerability Analyst II to support the U.S. Small Business Administration (SBA). The ideal candidate is a mid-level cybersecurity professional with solid experience in vulnerability management, security assessment, and risk analysis within federal government IT environments. This individual will play a key role in identifying, analyzing, and tracking vulnerabilities across SBA's enterprise IT environment, working closely with system owners, IT operations teams, and the broader cybersecurity program to ensure timely and effective remediation of security weaknesses and maintenance of a strong security posture.
The Vulnerability Analyst II will serve as a mid-level vulnerability management professional responsible for conducting vulnerability assessments, analyzing scan results, tracking remediation activities, and supporting the continuous improvement of SBA's vulnerability management program.
Principal responsibilities will include but are not limited to:
- Plan, configure, and execute vulnerability scans across SBA's enterprise IT environment, including network infrastructure, servers, workstations, web applications, databases, and cloud-hosted assets, using enterprise vulnerability scanning platforms such as Tenable Nessus, Tenable.io, Qualys, or equivalent tools.
- Analyze and interpret vulnerability scan results, applying knowledge of common vulnerability scoring systems (CVSS), exploit availability, asset criticality, and threat context to accurately assess the real-world risk posed by identified vulnerabilities and prioritize remediation activities accordingly.
- Develop and maintain comprehensive vulnerability management reports, dashboards, and metrics, providing SBA leadership, system owners, and IT operations teams with clear visibility into the current vulnerability posture, remediation progress, and trending risk levels across SBA's enterprise environment.
- Coordinate with system owners, IT operations teams, and application teams to communicate identified vulnerabilities, provide technical remediation guidance, track remediation activities, and validate the effectiveness of applied patches, configuration changes, and mitigations.
- Support the development and maintenance of SBA's vulnerability management program documentation, including vulnerability management policies, procedures, scanning methodologies, and remediation tracking processes, ensuring alignment with NIST SP 800-40, federal vulnerability management guidance, and CISA BODs and EDs.
- Assist in the integration of vulnerability management activities with SBA's POA&M program, ensuring identified vulnerabilities are accurately documented, tracked, and reported within the POA&M framework in accordance with FISMA and SBA security requirements.
- Conduct configuration compliance assessments using security configuration baselines such as CIS Benchmarks and DISA STIGs, identifying configuration weaknesses and deviations from approved baselines across SBA's system portfolio and coordinating remediation activities with IT operations teams.
- Support the assessment and documentation of vulnerability risk exceptions and remediation deadline extension requests, evaluating the technical justification and compensating controls proposed by system owners and preparing risk acceptance documentation for review by senior security staff.
- Monitor and analyze vulnerability and threat intelligence from government and commercial sources, including CISA KEV (Known Exploited Vulnerabilities) catalog, NVD, US-CERT advisories, and commercial threat intelligence feeds, to identify emerging vulnerabilities and active exploit campaigns relevant to SBA's technology environment and prioritize response activities accordingly.
- Collaborate with the SOC team to correlate vulnerability data with threat intelligence and active security monitoring findings, supporting a risk-informed approach to vulnerability prioritization and enabling more effective detection and response to exploitation attempts.
- Support penetration testing activities by providing vulnerability data, scan results, and asset inventory information to support scoping and planning of penetration test engagements and assisting in the validation of penetration test findings against known vulnerability data.
- Assist in the development and maintenance of SBA's asset inventory and asset management program, ensuring accurate and current records of SBA's IT assets, system configurations, and software inventory to support comprehensive vulnerability scanning coverage and risk analysis.
- Prepare and deliver vulnerability management briefings, status reports, and technical presentations to SBA stakeholders, clearly communicating vulnerability findings, remediation status, risk levels, and program performance metrics.
- Support vulnerability management activities for cloud-hosted assets and services, including the configuration and execution of cloud vulnerability scans and the assessment of cloud-specific security misconfigurations and vulnerabilities across AWS, Azure, and/or GCP environments.
- Contribute to the continuous improvement of SBA's vulnerability management program, identifying opportunities to enhance scanning coverage, remediation tracking efficiency, reporting quality, and overall program effectiveness.
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field from an accredited college or university.
- 3+ years of progressive experience in vulnerability management, security assessment, or a closely related cybersecurity field, with demonstrated hands-on experience conducting vulnerability assessments and supporting vulnerability management programs within a federal government or large enterprise IT environment.
- Demonstrated experience using enterprise vulnerability scanning platforms such as Tenable Nessus, Tenable.io, Qualys, or equivalent tools to conduct vulnerability assessments across diverse IT environments.
- One or more of the following certifications:
- CompTIA Security+
- CompTIA CySA+
- GIAC Security Essentials (GSEC)
- Tenable Certified Security Engineer (TCSE) or Tenable.io Certification
- Certified Information Systems Security Professional (CISSP)
- GIAC Certified Enterprise Defender (GCED)
- 5+ years of vulnerability management experience, with a strong background supporting federal civilian agency vulnerability management programs.
- Prior experience supporting SBA or other federal civilian agency vulnerability management programs.
- Certified Ethical Hacker (CEH) or equivalent offensive security certification demonstrating foundational penetration testing knowledge.
- Strong communication skills in English – both written and oral – with the ability to clearly communicate vulnerability findings, risk assessments, remediation recommendations, and program status to diverse audiences, including technical staff, system owners, program managers, and senior SBA leadership.
- Solid hands-on experience planning, configuring, and executing vulnerability scans across diverse IT environments using enterprise vulnerability scanning platforms, with demonstrated ability to interpret scan results accurately and assess real-world vulnerability risk.
- Strong understanding of common vulnerability scoring systems, including CVSS v3.x, and the ability to apply CVSS scores in conjunction with threat context, asset criticality, and exploit availability to develop risk-informed vulnerability prioritization recommendations.
- Knowledge of common vulnerability types affecting enterprise IT environments, including operating system vulnerabilities, application vulnerabilities, web application vulnerabilities, network device vulnerabilities, database vulnerabilities, and cloud service misconfigurations.
- Experience conducting configuration compliance assessments using CIS Benchmarks, DISA STIGs, and other security configuration baselines, with the ability to identify configuration weaknesses and develop practical remediation recommendations.
- Familiarity with federal vulnerability management frameworks, guidelines, and compliance requirements, including NIST SP 800-40, NIST SP 800-53, FISMA, and applicable CISA BODs and EDs governing vulnerability management and patch management activities.
- Experience developing vulnerability management reports, dashboards, and metrics that effectively communicate vulnerability posture, remediation progress, and risk trends to diverse stakeholder audiences.
- Ability to coordinate effectively with system owners, IT operations teams, and application teams to communicate vulnerability findings, provide remediation guidance, track remediation progress, and validate remediation effectiveness.
- Familiarity with POA&M management concepts and experience supporting the integration of vulnerability management findings into POA&M tracking and reporting processes within a federal government environment.
- Knowledge of patch management concepts and processes, including an understanding of common patching tools and methodologies used in enterprise IT environments to remediate identified vulnerabilities.
- Basic familiarity with threat intelligence concepts and the ability to incorporate vulnerability-relevant threat intelligence, including the CISA KEV catalog and NVD data, into vulnerability prioritization and remediation planning activities.
- Strong organizational skills and attention to detail, with the ability to manage multiple concurrent vulnerability assessment and remediation tracking activities accurately and efficiently in a fast-paced federal environment.
- Ability to obtain and maintain a Public Trust Clearance.
- Prior experience supporting SBA or other federal civilian agency vulnerability management programs, with demonstrated knowledge of agency-specific vulnerability management processes, tools, and reporting requirements.
- Experience conducting vulnerability assessments and configuration compliance assessments for cloud-hosted assets and services in AWS, Azure, or GCP environments, including familiarity with cloud-native security assessment tools and cloud-specific vulnerability types and misconfigurations.
- Familiarity with web application vulnerability assessment concepts and tools, including OWASP Top 10 vulnerability categories and basic web application scanning tools such as Burp Suite, OWASP ZAP, or equivalent.
- Experience with vulnerability management automation, including proficiency in scripting languages such as Python or PowerShell for automating scan scheduling, result parsing, reporting, and remediation tracking workflows.
- Knowledge of the CDM (Continuous Diagnostics and Mitigation) program tools and data requirements, and the integration of CDM vulnerability management capabilities into agency vulnerability management programs.
- Experience with asset management and asset discovery tools and their integration with vulnerability management platforms to ensure comprehensive scanning coverage across complex enterprise IT environments.
- Familiarity with container and Kubernetes security assessment concepts, including common container vulnerabilities and misconfigurations and tools used to assess container image and runtime security.
- Experience supporting FedRAMP authorized cloud environments and familiarity with FedRAMP vulnerability scanning requirements and continuous monitoring obligations as they apply to cloud-hosted systems and services.
- Knowledge of supply chain risk management (SCRM) concepts and their relationship to vulnerability management, including awareness of software bill of materials (SBOM) concepts and their application in identifying and managing software supply chain vulnerabilities.
- Familiarity with threat modeling methodologies and their application in informing vulnerability prioritization and risk assessment activities within a federal agency vulnerability management program.
- Experience developing and delivering vulnerability management training materials and briefings to system owners, IT operations staff, and other stakeholders to build organizational awareness and capability in vulnerability remediation and risk management.
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352
Job Roles at Koniag Government Services
Working at Koniag Government Services
Koniag Government Services's 247 open roles are across all levels, and about 21% are remote or hybrid. The most active teams are business analysis, business analyst, and business operations. Koniag Government Services is a federal contractor that delivers IT infrastructure, cloud engineering, identity and access management, program management, and facilities and administrative services to U.S. government clients. Most Koniag Government Services roles are based in Washington, with some in Arlington and Remote.
Explore more roles by function
Browse thousands of live openings across engineering, sales, product, and more, and apply in just a few clicks.
Browse jobs by roleKoniag Government Services Jobs: Frequently Asked Questions
How many jobs is Koniag Government Services hiring for right now?
Koniag Government Services is hiring for 247 open roles on Migrate Mate as of July 16, 2026, updated daily, concentrated in business analysis and business analyst. Koniag Government Services posts positions across IT, program management, facilities, and administrative functions serving federal government clients.
What kinds of roles does Koniag Government Services hire for?
The most active teams are business analysis, business analyst, and business operations. Koniag Government Services hires across cloud architecture, IT engineering, identity and access management, program and project management, contact center operations, facilities management, and administrative support. Role types span both technical and operational functions, and most postings are across all levels.
Are Koniag Government Services jobs remote or in-person?
A mix of remote and on-site. About 21% of Koniag Government Services's open roles on Migrate Mate are remote or hybrid as of July 16, 2026, with the rest based in Washington. Each Koniag Government Services listing shows its work location so you can filter before applying.
How do I apply to a job at Koniag Government Services?
Find a Koniag Government Services role on Migrate Mate, then follow the listing directly to Koniag Government Services's own careers page to complete the application. Koniag Government Services manages its own hiring process, including any assessments, interviews, and security clearance requirements relevant to federal contracting positions.
What do Koniag Government Services jobs pay?
Listed salaries for Koniag Government Services roles on Migrate Mate range from about $55,000 to $263,000 per year as of July 16, 2026, with most postings at across all levels. Some roles list hourly contract rates. Exact pay is set by Koniag Government Services and shown on each listing.
Does Koniag Government Services hire entry-level?
Most of Koniag Government Services's open roles on Migrate Mate are across all levels as of July 16, 2026. Check individual Koniag Government Services listings for stated experience requirements.
Where is Koniag Government Services hiring?
Most Koniag Government Services roles are based in Washington, with some in Arlington and Remote, and about 21% offer remote or hybrid work as of July 16, 2026. Migrate Mate shows the location on each listing.