Apply the Risk Management Framework (RMF) to support system authorization activities.
Develop and maintain RMF artifacts and coordinate with stakeholders to ensure systems meet security compliance requirements.
Support the design, implementation, and maintenance of secure cloud architectures.
EXPANSIA delivers high-impact technologies, technology-enabled services and advanced manufacturing solutions to the U.S. Department of Defense and related national security customers. They operate as a multi-entity aerospace and defense technology and tech-enabled services and manufacturing enterprise positioned for scalable growth, operational excellence, and long-term value creation.
Design, build, and maintain scalable and secure CI/CD pipelines in GitLab.
Implement and manage GitOps workflows for continuous delivery to RKE2 clusters using ArgoCD.
Develop and maintain automation scripts and tools to streamline the software development lifecycle.
DecisionPoint delivers technology solutions and services. They focus on supporting federal government clients with IT modernization and digital transformation initiatives. They are an Equal Employment Opportunity and Affirmative Action employer.
Integrate security activities across all SDLC phases.
Partner closely with engineering teams to ensure secure development practices.
Review security controls for new features, services, and architectural changes.
Infiterra simplifies subscription service delivery, enabling IT distributors, Managed Service Providers (MSPs), and telcos to succeed in the subscription economy. They are recognized as a global leader in subscription commerce, combining innovation, performance excellence, and trusted expertise to help partners transform and grow.
GovCIO transforms government IT with innovative services and solutions. We are a team of passionate people making a positive impact. We are changing the face of government IT and building a workforce that fuels this mission.
Collaborate with engineering teams to enhance tools, systems, pipelines, and security posture.
Provide customer-facing support for troubleshooting, incident response, and operational issues.
Perform Linux server administration and system hardening.
CommIT Enterprises, Inc. is a Certified Veteran-Owned Small Business (CVOSB) providing innovative technical engineering and data science services. Its enterprise systems support the Department of Defense’s (DoD) GCSS-MC, CAC2S, TBMCS-MC, and the Department of Veteran’s Affairs’ (VA) telehealth communications.
Partner with engineering teams to conduct threat modeling.
Build and maintain automated scanning, penetration testing frameworks, and monitoring tools within our AWS CI/CD pipelines.
Champion a "security-first" mindset and host workshops that empower developers to write secure code.
Panopto is a customer-centric learning technology company and the leader in visual and audio-based learning. They empower organizations to share knowledge effortlessly. Panopto has been adopted by more than 1,600 companies and universities worldwide with over 11 million end users.
Design, develop, and maintain full stack application components.
Apply systems engineering principles to ensure design changes align with architecture requirements.
Evaluate the technical implications of cybersecurity findings and vulnerabilities.
North Stone is seeking an Agile Full Stack Engineer to support the design, development, and integration of enterprise applications. They ensure system enhancements follow sound systems engineering practices while supporting secure software development and reviewing code quality prior to deployment.
Monitor and validate Kubernetes and data lake deployments for compliance.
Maintain continuous monitoring dashboards and conduct vulnerability scans.
Prepare and update system security documentation.
Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. They deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide.
Focus on automation, integrating security within the CI/CD pipeline, and DevOps toolchain.
Strong working knowledge of security fundamentals including OWASP Top10.
Experience with public cloud infrastructure (AWS or Azure) and cloud security fundamentals.
GuidePoint Security provides cybersecurity expertise, solutions, and services to help organizations make better decisions and minimize risk. They have grown to over 1,200 employees, established strategic partnerships with leading security vendors, and serve as a trusted advisor to more than 6,200 customers.
Support RMF lifecycle activities in accordance with DoDI 8510.01.
Develop and maintain RMF artifacts including system security plan, plan of action & milestones, security control traceability matrix, security CONOPS and incident response plan.
Maintain the system Body of Evidence within eMASS.
SIXGEN is committed to fair and equitable compensation practices. We take into account various factors including the candidate's relevant experience, education, skills, LCATs rates and position level, and market competitiveness.
Manage and implement GitHub Enterprise and Git Flow for 180+ Developers.
Enhance processes for branch automation for software releases.
Mature CI/CD to incorporate automated testing in Jenkins.
VetsEZ is dedicated to supporting the Department of Veteran Affairs through innovative technology solutions. They foster a collaborative environment where individuals can contribute to meaningful projects.
Conduct gap assessments against CMMC/NIST SP 800-171 requirements
Assist with the development and updates to the System Security Plan (SSP) and POA&M
Broadway Ventures transforms challenges into opportunities with expert program management, cutting-edge technology, and innovative consulting solutions. As an 8(a), HUBZone, and Service-Disabled Veteran-Owned Small Business (SDVOSB), they empower government and private sector clients by delivering tailored solutions that drive operational success, sustainability, and growth.
Implementing and maintaining Application Security Testing (AST) tools to identify code and dependency vulnerabilities during the software development lifecycle.
Implementing and maintaining Application Security Posture Management (ASPM) tools to centralize findings from multiple solutions and integrate into software development processes.
Acting as the first line of support for users by helping resolve false positives, providing guidance on finding remediation, and evaluating security exception requests.
AbbVie discovers and delivers innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. They strive to have a remarkable impact on people's lives across several key therapeutic areas and products and services in their Allergan Aesthetics portfolio.
IFS is a billion-dollar revenue company with 7000+ employees on all continents. Their leading AI technology is the backbone of their award-winning enterprise software solutions, enabling customers to be their best when it really matters–at the Moment of Service™.
Serves as the premier cybersecurity authority within the TALON program.
Provides strategic advisory services to TSA’s IT leadership on cybersecurity risk management, security architecture, and compliance program maturity.
Serves as the senior cybersecurity advisor, providing real-time technical guidance to TSA stakeholders and the O&M contractor in support of rapid issue resolution.
DMI is a leading provider of digital services and technology solutions, headquartered in Tysons Corner, VA. They focus on end-to-end managed IT services, including managed mobility, cloud, cybersecurity, network operations, and application development, supporting public sector agencies and commercial enterprises around the globe.
Own security issue intake and coordination by triaging reports and coordinating fixes with maintainers.
Drive timely remediation by tracking SLAs, communicating status, and coordinating releases and backports when required.
Harden our CI/CD and release workflows by improving build pipeline security, secrets management, artifact integrity, and access controls.
The Open Home Foundation is a non-profit organization based in Switzerland, fighting for privacy, choice, and sustainability in smart homes by supporting open-source projects and open standards. They focus on open-source projects like Home Assistant and collaborate with others to promote privacy, choice, and sustainability.
Architect, build, and maintain GitLab Pipelines for seamless application deployment.
Design, deploy, and manage infrastructure across AWS GovCloud, edge, and Navy networks using Terraform, Ansible, and GitLab.
Engineer automated processes for RHEL image hardening and execute automated STIG checklists.
LMI accelerates government impact with digital solutions and innovation. They bring commercial-grade platforms and mission-ready AI to federal agencies, focusing on agility and collaboration across defense, space, healthcare, and energy sectors.
Embed security into CI/CD pipelines and own secure controls.
Lead the process of vulnerability and patch management, automating discovery.
Strengthen cloud and Kubernetes environments through secure configurations.
Alpaca is a US-headquartered self-clearing broker-dealer and brokerage infrastructure provider for stocks, ETFs, options, crypto, fixed income, and more. They are a dynamic team of 230+ globally distributed members committed to opening financial services to everyone.
Design, implement, and manage application and cloud security tooling across AWS.
Lead the deployment and configuration of Wiz CSPM, collaborating with infrastructure and DevOps teams.
Manage secure code scanning processes, integrating SAST and DAST to identify and remediate vulnerabilities early in the SDLC.
Twin Health aims to empower people to improve and prevent chronic metabolic diseases with AI Digital Twin technology. It is recognized for innovation and culture, with recent funding to scale rapidly across the U.S. and globally.