Lead the technical design, implementation, and ongoing security operations of a Microsoft 365 GCC High environment supporting Controlled Unclassified Information (CUI).
Implement and evidence compliance with CMMC Level 2, DFARS 7012, and NIST 800-171 controls.
Act as the technical owner of the GCC High enclave, partnering with Security, Legal, and IT to ensure audit readiness and successful certification by May 2026.
ServiceNow, founded in 2004, is a global market leader providing AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500. They offer an intelligent cloud-based platform that connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work.
IFS is a billion-dollar revenue company with 7000+ employees on all continents. Their leading AI technology is the backbone of their award-winning enterprise software solutions, enabling customers to be their best when it really matters–at the Moment of Service™.
Manage certification frameworks, including CMMC, NIST, and SOC 2.
Develop, track, and maintain security and compliance policy documents.
Analyze and review system configurations for security vulnerabilities.
Rubris Inc. provides transformational legal technology and solutions for complex business and legal processes in the mass tort industry. They streamline and automate processes to improve efficiency while delivering unprecedented insights and analytics.
Lead the end-to-end Certification & Authorization (C&A) process for information systems.
Maintain and update System Security Plans (SSPs), POA&Ms, and other FedRAMP/GovRAMP/NIST documentation artifacts.
Oversee control gap analysis and drive remediation efforts across technical and administrative domains.
EBSCO Information Services (EBSCO) delivers a fully optimized research experience, seamlessly integrated with a powerful discovery platform to support the information needs of our end-users. Headquartered in Ipswich, MA, EBSCO employs more than 2,700 people worldwide, with most embracing hybrid or remote work models.
Serve as the primary cybersecurity point of contact for assigned DoD Information Systems.
Collaborate with stakeholders to ensure system compliance and readiness.
Develop, maintain, and update all RMF authorization and GRC documentation.
LMI is a digital solutions provider dedicated to accelerating government impact with innovation. Investing in technology and prototypes ahead of need, it brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed, employing agile methodology and collaboration.
Support the development, implementation, and maintenance of IT compliance policies, standards, procedures, and controls.
Coordinate and support internal and external audits, including preparation of documentation, evidence collection, and remediation tracking.
Perform periodic compliance assessments, gap analyses, and risk assessments against applicable frameworks and standards.
Xcelerate Solutions, founded in 2009 and located in McLean, VA, is a fast-growing company. The company is defined by a diversified workforce of dynamic and versatile professionals, with growth and development opportunities that contribute to individual and firm growth.
Organize and direct the configuration, operation, and maintenance of information management systems.
Analyze and resolve end-user software, application, and connectivity issues.
Conduct capacity and performance analysis and recommend system configuration changes and upgrades.
CompTech is a service-oriented program management and technical company working to build lasting relationships. They are headquartered in Dayton, OH and provide services in client-focused practice areas to small and large companies, municipalities, and Government agencies.
Monitor and validate Kubernetes and data lake deployments for compliance.
Maintain continuous monitoring dashboards and conduct vulnerability scans.
Prepare and update system security documentation.
Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. They deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide.
Own the strategy and maturity roadmap for corporate security engineering and operations.
Manage and develop System Security Engineers and Security Operations Analysts.
Strengthen configuration enforcement, vulnerability remediation, monitoring quality, and detection coverage.
Onebrief is collaboration and AI-powered workflow software designed specifically for military staffs. Founded in 2019, today, Onebrief’s team spans veterans from all forces and global organizations, and technologists from leading-edge software companies.
Manage the company's technology infrastructure, including cloud services, networking, and internal application stack.
Develop and execute the long-term IT roadmap to support Zócalo Health’s rapid growth and scalability.
Own and lead the HITRUST certification program, including control implementation, documentation, and audit readiness.
Zócalo Health is a tech-enabled, community-oriented primary care organization serving people who have historically been underserved by the healthcare system. Founded in 2021, Zócalo Health is backed by leading healthcare and mission-aligned investors and is scaling rapidly across states and populations.
Serves as a cybersecurity Subject Matter Expert (SME) regarding OT Authorization of information systems and all associated cybersecurity policies and procedures.
Performs a DOD cybersecurity process while either authorizing an information system or serving as a SME for an information system undergoing authorization.
Determines the applicable severity value for an identified vulnerability (e.g., non-compliant security control), and determines the possible ramifications on the system’s current or future authorization.
Amyx is an equal-opportunity employer and a VEVRAA federal contractor. They are committed to considering all qualified candidates regardless of race, color, religion, national origin, age, disability, sexual orientation, gender identity, status as a protected veteran, or any other characteristic protected by law.
Partner with organizations of all sizes and industries
Evaluate IT and security controls for compliance and effectiveness
Advise on security + privacy requirements (state & federal)
Clark Schaefer Hackett provides customized solutions leveraging strategic skills, financial and operational leadership, and technological advances. They are an elite community that includes trusted advisors with Clark Schaefer Hackett, Clark Schaefer Consulting, and Clark Schaefer Strategic HR.
Develops and refines performance methodologies that support the cybersecurity requirements.
Oversee independent assessments and review Security Impact Analyses (SIA).
Incorporate compliance data into the Governance, Risk, and Compliance Tool (GRCT).
SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider. It is an established ISO 9001:2015 and ISO/IEC 27001:2013 certified small business and appraised at CMMI Level 3 for Services and Development.
Manage and develop staff members under Product Compliance.
Oversee and contribute to the vulnerability management lifecycle.
Assess and serve as a subject matter expert for regulatory and compliance requirements.
ExtraHop is a company that focuses on network detection and response (NDR) to help organizations stay ahead of emerging threats. They integrate network threat detection, network performance management, intrusion detection, and packet forensics into a single console.
Collaborate with specialist teams to develop and execute the company's technology, security, and AI strategy.
Oversee all IT operations including Helpdesk/Service Desk, Systems Operations, Infrastructure/Network Operations, and End-user Computing/Device Management.
Lead incident, problem, and change management processes, ensuring timely resolution of issues and minimal business disruption.
GuidePoint Security provides cybersecurity expertise, solutions, and services to help organizations make decisions and minimize risk. They have over 1,200 employees and have established strategic partnerships with security vendors, serving as a trusted advisor to more than 6,200 customers.
Lead the internal IT Helpdesk team, ensuring timely support for hardware, software, connectivity, and access issues across the organization.
Oversee the design, implementation, and maintenance of enterprise IT infrastructure.
Ensure enterprise-wide compliance with cybersecurity best practices (NIST, ISO 27001, SOC 2).
AireSpring is a leading provider of Cloud Communications, Managed Connectivity and Managed Security. They have earned a stellar reputation by taking service and support to the next level, delivering an award-winning customer experience and have delivered 20 years of outstanding service.
Own and lead the FedRAMP High authorization program.
Serve as the primary point of accountability for government compliance programs.
Manage compliance roadmaps, milestones, dependencies, risks, and remediation efforts.
Commvault is the gold standard in cyber resilience. The company empowers customers to uncover, take action, and rapidly recover from cyberattacks – keeping data safe and businesses resilient. For over 25 years, more than 100,000 organizations and a vast partner ecosystem have relied on Commvault to reduce risks, improve governance, and do more with data.
Own end-to-end operational delivery for Keeper’s U.S. Federal deployments.
Serve as a hands-on technical lead for federal platform operations.
Lead cross-functional execution to align Engineering, Security, Product, QA, and Customer Success.
Keeper Security transforms cybersecurity for organizations globally with zero-trust privileged access management. Keeper’s intuitive solutions are built with end-to-end encryption and trusted by federal agencies including the Departments of Justice and Energy.
Provide SA/OSA subject matter expertise to the Information System Security and Authorization program.
Review ATO packages under the RMF for customer systems and the systems of the external partners.
Coordinate and assist with data calls and data collection efforts for audit and compliance reporting.
SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider. With operations across the U.S., they deliver innovative enterprise-wide solutions and targeted services to federal government clients. They value their people and systems to create value for their clients and foster a collaborative team culture.
Administer and optimize Microsoft Azure environments (IaaS, PaaS, SaaS)
Manage and support Active Directory, Azure AD, group policies, and multifactor authentication
Monitor and maintain system performance, capacity, and availability
Helpware provides outsourcing and customer operations with teams in the USA, Mexico, Ukraine, Albania, and the Philippines. They partner with innovative companies and help them scale by taking over operational processes so their teams can focus on strategic, high-value work.