Design, implement, and sustain security architecture across AWS GovCloud.
Execute and maintain RMF activities across all system components.
Implement, validate, and continuously maintain DISA STIG compliance across all infrastructure components.
Foxhole Technology provides robust cybersecurity and IT support capabilities for federal civilian and defense agencies. A recognized leader in navigating technology and security challenges, Foxhole delivers mission-focused innovations to answer evolving and complex needs.
Own and enforce DevSecOps practices across CI/CD pipelines.
Drive vulnerability identification, triage, and remediation across infrastructure and applications.
Act as the primary security SME for the engineering organization.
Teramind is pioneering a predictive, AI-driven approach to safeguarding organizations' people, data, and operations. As a global leader in user behavior analytics, insider risk management, and workforce intelligence, we empower businesses to transform data into a strategic asset.
Secure cloud-based environments by designing and implementing native security solutions using services.
Drive Continuous RMF practices, automating control implementation and reporting through modern methodologies like Continuous Authorization to Operate.
Automate provisioning and configuration of IT environments and implement and manage security measures like firewalls, IDS/IPS, vulnerability scanning, encryption, and ICAM solutions.
Rise8 builds custom, secure software for government organizations, measuring success by impact: lives saved, time returned, and missions advanced. They believe customer experience starts with employee experience, so they take care of their employees and offer competitive pay and benefits, autonomy, growth, and a culture rooted in kindness, candor, and continuous learning.
Collaborate with engineering teams to enhance tools, systems, pipelines, and security posture.
Provide customer-facing support for troubleshooting, incident response, and operational issues.
Perform Linux server administration and system hardening.
CommIT Enterprises, Inc. is a Certified Veteran-Owned Small Business (CVOSB) providing innovative technical engineering and data science services. Its enterprise systems support the Department of Defense’s (DoD) GCSS-MC, CAC2S, TBMCS-MC, and the Department of Veteran’s Affairs’ (VA) telehealth communications.
Oversee the internal cybersecurity program, road map, and strategy.
Partner with Product, Engineering, Legal, and Compliance leadership to determine risks and deploy risk management processes.
Serve as Waymark’s HIPAA Security Officer, ensuring compliance with the HIPAA Security Rule.
Waymark is a mission-driven team transforming care for people with Medicaid benefits. They partner with communities, delivering technology-enabled, human-centered support to help patients stay healthy and thrive in Medicaid healthcare delivery.
Embed security into CI/CD pipelines and own secure controls.
Lead the process of vulnerability and patch management, automating discovery.
Strengthen cloud and Kubernetes environments through secure configurations.
Alpaca is a US-headquartered self-clearing broker-dealer and brokerage infrastructure provider for stocks, ETFs, options, crypto, fixed income, and more. They are a dynamic team of 230+ globally distributed members committed to opening financial services to everyone.
Apply the Risk Management Framework (RMF) to support system authorization activities.
Develop and maintain RMF artifacts and coordinate with stakeholders to ensure systems meet security compliance requirements.
Support the design, implementation, and maintenance of secure cloud architectures.
EXPANSIA delivers high-impact technologies, technology-enabled services and advanced manufacturing solutions to the U.S. Department of Defense and related national security customers. They operate as a multi-entity aerospace and defense technology and tech-enabled services and manufacturing enterprise positioned for scalable growth, operational excellence, and long-term value creation.
Helping define the security operations roadmap by designing and implementing long term strategies
Improve and maintain processes, tooling, documentation and training to mature and enhance cybersecurity incident response
Design, implement and maintain security events monitoring systems
Docplanner empowers patients by giving them access to leave and read reviews about their visit and also provides doctors with the technology to manage bookings easily and save time. They are leaders in 13 countries with over 2,500 employees globally, maintaining a startup-mindset.
Identify and remediate security risks across cloud configurations to strengthen overall security posture.
Design and implement scalable security controls aligned with cloud, network, and identity management best practices.
Partner with cross-functional teams to integrate security into system design, development, and deployment processes.
Clario transforms lives by unlocking better evidence for the clinical trials industry. They are a leading provider of endpoint data solutions, with a global team of science, technology, and operational experts supporting over 70% of all FDA drug approvals since 2015.
Responsible for supporting the integration of security, automation, and operational controls into development and deployment pipelines to enable secure, reliable delivery of MODES III systems.
Supports development, implementation, and maintenance of CI/CD pipelines that integrate security, testing, and compliance controls.
Assists with automation of build, deployment, and configuration processes to improve reliability, repeatability, and deployment efficiency.
Peraton is a next-generation national security company that drives missions of consequence spanning the globe. As the world’s leading mission capability integrator and transformative enterprise IT provider, they deliver trusted, highly differentiated solutions and technologies.
Enhances the strategic pillars of a security compliance program and facilitate day-to-day compliance operations.
Involved in multiple areas of the business where compliance and security impact operations.
Works on assignments that are complex and require professional skepticism, judgment, initiative, and knowledge of SaaS Company positions.
Optro is the leading audit, risk, ESG, and InfoSec platform on the market, surpassing $300M ARR and continuing to grow. More than 50% of the Fortune 500 leverage their award-winning technology. They inspire each other to innovate and are proud of what they are producing.
Monitor and validate Kubernetes and data lake deployments for compliance.
Maintain continuous monitoring dashboards and conduct vulnerability scans.
Prepare and update system security documentation.
Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. They deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide.
Apply compliance frameworks to assess, design, and implement security controls.
Conduct compliance gap assessments and develop remediation plans.
Create and maintain key documentation tailored to client needs.
AHEAD builds platforms for digital business by weaving together advances in cloud infrastructure, automation and analytics, and software delivery. They prioritize creating a culture of belonging where all perspectives and voices are represented, valued, respected, and heard.
Support the design, implementation, and maintenance of secure cloud architectures in accordance with program and security requirements.
Conduct risk and vulnerability assessments and assist with developing mitigation strategies.
Implement and maintain security configurations to ensure the confidentiality, integrity, and availability of systems.
EXPANSIA, along with JHNA and CTSi, forms a Defense Technology platform delivering high-impact technologies to the U.S. Department of Defense and related national security customers. They operate as a multi-entity aerospace and defense technology and tech-enabled services and manufacturing enterprise positioned for scalable growth and operational excellence.
Contribute to automated response patterns for security alerts.
Embed security controls into CI/CD pipelines.
Support governance controls for secure AI usage.
Oddball builds products when companies understand what they are working on. They value learning, growth, and the ability to make a big impact at a small company.
Lead security architecture and design reviews across applications, infrastructure, and integrations.
Conduct and coordinate penetration testing, threat modeling, and security reviews.
Design and implement security automation within CI/CD pipelines.
Assured modernizes insurance by providing software solutions to large insurers that help them win in a technology-driven world. Their products include self-service claim-filing software to backend fraud detection and are dynamic, collaborative, and rewarding.
Act as the Subject Matter Expert (SME) for Endpoint Detection and Response (EDR) tools/process including optimizing configurations/policies, developing custom threat detection rules, and proactively improving Deel’s overall security posture for remote endpoints.
Configure, manage, and tune the full suite of security policies within SWG, CASB and ZTNA. Assist our remote colleague with seamless experience through troubleshooting end user issues as needed.
Continuously improve SaaS security posture with SSPM tools and processes around it. Collaborate with diverse application owners, understand security control and resolve configuration drifts for our wide range of SaaS applications from baseline.
Deel is an all-in-one payroll and HR platform for global teams. As one of the largest globally distributed companies, its team of 7,000 spans more than 100 countries with a connected and dynamic culture that drives continuous learning and innovation.
Engage with customers in a technical consulting and advisory role during the pre-sales process, providing technical assistance and strategic guidance.
Deliver executive-level thought leadership on DevSecOps, security, and compliance for strategic public sector opportunities, including new and growth accounts.
Build and maintain relationships with customer leaders such as Chief Information Security Officers, Chief Security Officers, Chief Technology Officers, and chief security architects.
GitLab is the intelligent orchestration platform for DevSecOps, enabling organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. With more than 50 million registered users and over 50% of the Fortune 100 trusting GitLab, they foster a high-performance culture driven by values and knowledge exchange, empowering team members to reach their full potential.
Lead the ongoing maintenance and operation of secure cloud infrastructures, focusing on AWS and cloud-native technologies.
Secure applications built for cloud environments by automating security assessments, monitoring runtime environments, and integrating security practices into the development lifecycle.
Implement robust security controls for cloud workloads and data, including containers, virtual machines, and serverless architectures.
Ro is a direct-to-patient healthcare company with a mission of helping patients achieve their health goals by delivering the easiest, most effective care possible. Ro is the only company to offer nationwide telehealth, labs, and pharmacy services and is recognized as a top workplace, earning more than 20 honors since 2021.
Support the ISSM in managing security requirements and documentation throughout the SDLC.
Review Merge/Pull Requests for security implications and adherence to secure coding standards.
Analyze CI/CD pipeline security outputs, including SAST, DAST, SBOM findings, and CVSS scoring.
CommIT Enterprises, Inc. is a Certified Veteran-Owned Small Business (CVOSB) providing innovative technical engineering and data science services. Established in 2001, our enterprise systems support includes the Department of Defense’s (DoD) GCSS-MC, CAC2S, TBMCS-MC, and the Department of Veteran’s Affairs’ (VA) telehealth communications.