Perform all 7 steps of the Risk Management Framework (RMF) per DoDI 8510.01, producing required deliverables at each step
Develop, maintain, and update RMF packages including System Security Plans (SSP), Security Assessment Reports (SAR), Risk Assessment Reports (RAR), and Plans of Action & Milestones (POA&M)
Ensure compliance with federal, DoD, and DLA cybersecurity requirements, policies, and standards
FWI is building a team to provide Program Management Office (PMO) Support Services for the Defense Agencies Initiative (DAI). It has been recognized as a Top Workplace by the Washington Post in 2024 and 2025, offering excellent growth opportunities in a collaborative environment.
Apply the Risk Management Framework (RMF) to support system authorization activities.
Develop and maintain RMF artifacts and coordinate with stakeholders to ensure systems meet security compliance requirements.
Support the design, implementation, and maintenance of secure cloud architectures.
EXPANSIA delivers high-impact technologies, technology-enabled services and advanced manufacturing solutions to the U.S. Department of Defense and related national security customers. They operate as a multi-entity aerospace and defense technology and tech-enabled services and manufacturing enterprise positioned for scalable growth, operational excellence, and long-term value creation.
Support RMF lifecycle activities in accordance with DoDI 8510.01.
Develop and maintain RMF artifacts including system security plan, plan of action & milestones, security control traceability matrix, security CONOPS and incident response plan.
Maintain the system Body of Evidence within eMASS.
SIXGEN is committed to fair and equitable compensation practices. We take into account various factors including the candidate's relevant experience, education, skills, LCATs rates and position level, and market competitiveness.
Serve as the central point of contact for the Government’s Contracting Officer.
Lead overall contract governance, risk management, staffing oversight, and performance execution.
Ensure compliance with government regulatory cybersecurity requirements.
Electrosoft Services, Inc. provides technology-based solutions and services to federal customers. They focus on cybersecurity, ICAM, enterprise IT modernization, and software solutions and retain qualified employees while offering meaningful work, growth opportunities, and work-life balance.
Independently performs complex security analysis of classified and unclassified applications, systems, and enclaves for compliance with security requirements.
Performs Command Cyber Readiness Inspections and cybersecurity vulnerability evaluations.
Uses a variety of security techniques, technologies, and tools to evaluate security posture in highly complex computer systems and networks.
Electrosoft Services, Inc. provides comprehensive technology-based solutions and services to federal customers. They focus on cybersecurity, ICAM, enterprise IT modernization, and software solutions and retain highly qualified employees and offer them meaningful work, growth opportunities, and work-life balance.
Serves as the premier cybersecurity authority within the TALON program.
Provides strategic advisory services to TSA’s IT leadership on cybersecurity risk management, security architecture, and compliance program maturity.
Serves as the senior cybersecurity advisor, providing real-time technical guidance to TSA stakeholders and the O&M contractor in support of rapid issue resolution.
DMI is a leading provider of digital services and technology solutions, headquartered in Tysons Corner, VA. They focus on end-to-end managed IT services, including managed mobility, cloud, cybersecurity, network operations, and application development, supporting public sector agencies and commercial enterprises around the globe.
Accelerate Onebrief’s execution of GRC programs supporting NIST RMF, FedRAMP High, CMMC, and SOC2 authorizations
Develop and manage integrated project plans for control implementation, remediation, and continuous monitoring
Coordinate cross-functional teams (Infrastructure, Engineering, Product) to ensure timely delivery of compliance requirements
Onebrief provides collaboration and AI-powered workflow software designed specifically for military staffs, aiming to make them faster, smarter, and more efficient. Valued at $2.15B, the company has raised $320m+ from top-tier investors and operates as an all-remote company.
Defining complex security architectures for mergers/acquisitions, leading tech resources through decisions.
Analyzing regulation changes' impact on security architecture, standards, and policies, making updates.
Providing guidance to cybersecurity architects/engineers, offering expertise to the department and stakeholders.
CNO Financial Group secures the future of middle-income America by providing life and health insurance, annuities, financial services and workforce benefits solutions. They have 3,300 associates, 4,900 exclusive agents and more than 6,500 independent partner agents across the U.S.
Lead the organization’s cybersecurity strategy, governance, and operational security programs.
Protect company systems, networks, and data by developing security policies and managing risk.
Oversee security operations and lead incident response efforts.
Lightcast is a global leader in labor market insights with headquarters in Moscow, ID (US) and offices in the United Kingdom, Europe, and India. They drive economic prosperity and mobility by providing insights to build and develop people, institutions, companies, and communities.
Conduct structured interviews with partner organizations, operational teams, and technical stakeholders.
Documents end‑to‑end operational workflows and surface implicit, non‑documented practices.
Identify workflow fragility zones, handoff risks, and transition‑period vulnerabilities.
Element serves as a partner at the intersection of innovation and our clients' needs, efficiently crafting meaningful user experiences for government and commercial customers. Our talented professionals bring unparalleled energy engagement, setting a higher standard for impactful work.
Support the ISSM in managing security requirements and documentation throughout the SDLC.
Review Merge/Pull Requests for security implications and adherence to secure coding standards.
Analyze CI/CD pipeline security outputs, including SAST, DAST, SBOM findings, and CVSS scoring.
CommIT Enterprises, Inc. is a Certified Veteran-Owned Small Business (CVOSB) providing innovative technical engineering and data science services. Established in 2001, our enterprise systems support includes the Department of Defense’s (DoD) GCSS-MC, CAC2S, TBMCS-MC, and the Department of Veteran’s Affairs’ (VA) telehealth communications.
Well-versed in FedRAMP assessment methodology within cloud information systems.
Electrosoft Services, Inc. provides comprehensive technology-based solutions and services to federal customers, specializing in cybersecurity, ICAM, enterprise IT modernization, and software solutions. They are an award-winning company that retains highly qualified employees and offers meaningful work, growth opportunities, and work-life balance.
Conduct gap assessments against CMMC/NIST SP 800-171 requirements
Assist with the development and updates to the System Security Plan (SSP) and POA&M
Broadway Ventures transforms challenges into opportunities with expert program management, cutting-edge technology, and innovative consulting solutions. As an 8(a), HUBZone, and Service-Disabled Veteran-Owned Small Business (SDVOSB), they empower government and private sector clients by delivering tailored solutions that drive operational success, sustainability, and growth.
Collaborate with the Sales team to identify technical requirements.
Delivery of compelling technical presentations and product demonstrations.
Work closely with Product Management and Engineering to provide market feedback.
SecurityScorecard is the global leader in cybersecurity ratings, with over 12 million companies continuously rated, operating in 64 countries. Our patented rating technology is used by over 25,000 organizations for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting.
Lead and grow a team of the best security engineers.
Define the strategy for Vanta’s application security program.
Work with Engineering and Product Development to assess and mitigate risk.
Vanta helps businesses earn and prove trust by providing continuous security monitoring and verification. They aim to empower companies to practice better security with their automation and orchestration tools. Vanta has a kind and talented team, embracing individuals with and without prior security experience.
IFS is a billion-dollar revenue company with 7000+ employees on all continents. Their leading AI technology is the backbone of their award-winning enterprise software solutions, enabling customers to be their best when it really matters–at the Moment of Service™.
Serve as a trusted advisor to CISOs, translating technical findings into business impact and cyber risk insights.
Own the end-to-end lifecycle of customer relationships and engagements, including onboarding and assessment coordination.
Drive long-term customer retention through consistent value realization and measurable outcomes.
Cye helps security and risk leaders gain a clear, defensible view of their cyber exposure, grounded in financial impact and real-world attack paths. They allow organizations to establish a strong baseline, prioritize decisions with confidence, and track measurable reduction over time.
Design and implement InfoSec engineering for cloud implementations.
Oversee system security risks and compliance with cybersecurity standards.
Support authorizations and develop artifacts for security milestones.
EXPANSIA, along with JHNA and CTSi, forms a Defense Technology platform delivering high-impact technologies and services to the U.S. Department of Defense. Backed by Falfurrias Management Partners, they offer expertise across various military programs, digital engineering, and specialized manufacturing.
Conduct regular vulnerability assessments, threat modeling, and security architecture and design reviews.
Partner with engineering teams to identify, prioritize, and mitigate identified risks
Design and implement proactive security solutions to systematically eliminate vulnerability classes rather than endlessly chase individual vulnerabilities
Oura's mission is to empower every person to own their inner potential. Its award-winning products help its global community gain a deeper knowledge of their readiness, activity, and sleep quality by using their Oura Ring and its connected app. The company is quickly growing and focused on helping people live healthier and happier lives, and ensures that its team members have what they need to do their best work — both in and out of the office.
Identify and remediate security risks across cloud configurations to strengthen overall security posture.
Design and implement scalable security controls aligned with cloud, network, and identity management best practices.
Partner with cross-functional teams to integrate security into system design, development, and deployment processes.
Clario transforms lives by unlocking better evidence for the clinical trials industry. They are a leading provider of endpoint data solutions, with a global team of science, technology, and operational experts supporting over 70% of all FDA drug approvals since 2015.