Support security and compliance programs aligned with frameworks such as NIST, ISO, PCI DSS, and HIPAA.
Assist in maintaining alignment with global privacy regulations (GDPR, CCPA, and similar frameworks).
Assist in the development, implementation, and maintenance of security, privacy, and AI governance policies, standards, and procedures.
Hims & Hers is a health and wellness platform with a mission to help the world feel great through the power of better health. They are redefining healthcare by putting the customer first and delivering access to care that is affordable, accessible, and personal.
Accelerate Onebrief’s execution of GRC programs supporting NIST RMF, FedRAMP High, CMMC, and SOC2 authorizations
Develop and manage integrated project plans for control implementation, remediation, and continuous monitoring
Coordinate cross-functional teams (Infrastructure, Engineering, Product) to ensure timely delivery of compliance requirements
Onebrief provides collaboration and AI-powered workflow software designed specifically for military staffs, aiming to make them faster, smarter, and more efficient. Valued at $2.15B, the company has raised $320m+ from top-tier investors and operates as an all-remote company.
IFS is a billion-dollar revenue company with 7000+ employees on all continents. Their leading AI technology is the backbone of their award-winning enterprise software solutions, enabling customers to be their best when it really matters–at the Moment of Service™.
Implement and manage the NIST Risk Management Framework (RMF) to achieve and maintain compliance.
Drive the data privacy program by conducting Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
Design and execute a continuous internal audit program to validate the effectiveness of controls.
IonQ delivers solutions to solve the world’s most complex problems with quantum computing. IonQ's newest generation quantum computers, IonQ Tempo and IonQ Forte Enterprise, help customers and partners such as Amazon Web Services, AstraZeneca, and NVIDIA achieve 20x performance results.
Enhances the strategic pillars of a security compliance program and facilitate day-to-day compliance operations.
Involved in multiple areas of the business where compliance and security impact operations.
Works on assignments that are complex and require professional skepticism, judgment, initiative, and knowledge of SaaS Company positions.
Optro is the leading audit, risk, ESG, and InfoSec platform on the market, surpassing $300M ARR and continuing to grow. More than 50% of the Fortune 500 leverage their award-winning technology. They inspire each other to innovate and are proud of what they are producing.
Support client engagements related to CMMC readiness, implementation, and documentation
Develop, update, and maintain System Security Plans (SSPs)
Assist with NIST SP 800-171, NIST SP 800-53, and FedRAMP documentation, control mapping, and related deliverables
Hotman Group is a remote boutique cybersecurity and GRC firm supporting clients across a range of industries and compliance needs. They value strong writing, quality work, collaboration, sound judgment, and practical execution.
Maintain documentation for ISO/IEC 27001 & ISO/IEC 42001; improve activities.
Extract security requirements from client MSAs; identify gaps and risks.
Coordinate internal and client audit requests; collect evidence.
Avalere Health's mission is to ensure every patient is identified, treated, supported, and cared for. They bring Advisory, Medical, and Marketing teams together to forge unconventional connections, building a future where healthcare is not a barrier and no patient is left behind.
Support RMF lifecycle activities in accordance with DoDI 8510.01.
Develop and maintain RMF artifacts including system security plan, plan of action & milestones, security control traceability matrix, security CONOPS and incident response plan.
Maintain the system Body of Evidence within eMASS.
SIXGEN is committed to fair and equitable compensation practices. We take into account various factors including the candidate's relevant experience, education, skills, LCATs rates and position level, and market competitiveness.
Responsible for LINK’s day-to-day IT operations, cybersecurity program, and regulatory compliance posture.
Primary internal owner of IT governance and federal compliance, leading the organization through its Cybersecurity Maturity Model Certification (CMMC) Level 2 third-party assessment.
Build repeatable processes and a maturing IT infrastructure that supports LINK’s continued growth as a government contractor.
LINK is a fast-growing Woman Owned Small Business (WOSB) that leverages human-centered design to support strategy, innovation, communication, change, and branding within the federal government and adjacent industry partners. They partner with engineers, futurists, and thought leaders to untangle complexity, discover opportunity, and communicate clearly with visual stories.
Conduct gap assessments against CMMC/NIST SP 800-171 requirements
Assist with the development and updates to the System Security Plan (SSP) and POA&M
Broadway Ventures transforms challenges into opportunities with expert program management, cutting-edge technology, and innovative consulting solutions. As an 8(a), HUBZone, and Service-Disabled Veteran-Owned Small Business (SDVOSB), they empower government and private sector clients by delivering tailored solutions that drive operational success, sustainability, and growth.
Own our security and compliance documentation accurate and up to date.
Support our commercial teams in complex information security and compliance negotiations.
Take ownership of maintaining our current ISO 27001 compliance and certification.
Gearset is trusted by some of the largest companies in the world to handle their Salesforce DevOps. They are committed to protecting data through a modern approach to security and compliance.
Monitor and validate Kubernetes and data lake deployments for compliance.
Maintain continuous monitoring dashboards and conduct vulnerability scans.
Prepare and update system security documentation.
Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. They deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide.
Perform all 7 steps of the Risk Management Framework (RMF) per DoDI 8510.01, producing required deliverables at each step
Develop, maintain, and update RMF packages including System Security Plans (SSP), Security Assessment Reports (SAR), Risk Assessment Reports (RAR), and Plans of Action & Milestones (POA&M)
Ensure compliance with federal, DoD, and DLA cybersecurity requirements, policies, and standards
FWI is building a team to provide Program Management Office (PMO) Support Services for the Defense Agencies Initiative (DAI). It has been recognized as a Top Workplace by the Washington Post in 2024 and 2025, offering excellent growth opportunities in a collaborative environment.
Own CMMC 2.0 and SOC 2 end-to-end, including control design and implementation.
Lead all IT functions supporting corporate and program needs, owning IT architecture and tooling decisions.
Provide guidance and escalation support for IT hardware/software issues; mentor IT Support Specialist & Cloud Infrastructure Engineer.
DEFCON AI leverages artificial intelligence, mathematical optimization, data analytics, and software engineering for resilient optimization of complex systems. They align outcomes with operational goals, better decision making, and empower customers to anticipate, assess, and mitigate the impacts of disruptions.
Support CapIntel’s Governance, Risk, and Compliance program
Manage third-party risk and customer security reviews
Support operational security, privacy, and security awareness initiatives
CapIntel is a software platform built for wealth management enterprises to help financial advisors explain complex investment strategies to their clients. Since launching in 2019, CapIntel has seen rapid adoption and industry recognition, earning top placements in Deloitte’s Technology Fast 50 Canada and Fast 500 North America in 2025, ranking us among the fastest -growing technology companies.
Well-versed in FedRAMP assessment methodology within cloud information systems.
Electrosoft Services, Inc. provides comprehensive technology-based solutions and services to federal customers, specializing in cybersecurity, ICAM, enterprise IT modernization, and software solutions. They are an award-winning company that retains highly qualified employees and offers meaningful work, growth opportunities, and work-life balance.
Own security posture, compliance programs, and audit readiness.
Lead all IT functions supporting corporate and program needs.
Provide guidance and escalation support for IT hardware/software issues as needed.
Red Cell Partners is an incubation firm building and investing in rapidly scalable technology-led companies. They bring revolutionary advancements to market in healthcare, cyber, and national security and are united by a shared sense of duty.
Serves as the premier cybersecurity authority within the TALON program.
Provides strategic advisory services to TSA’s IT leadership on cybersecurity risk management, security architecture, and compliance program maturity.
Serves as the senior cybersecurity advisor, providing real-time technical guidance to TSA stakeholders and the O&M contractor in support of rapid issue resolution.
DMI is a leading provider of digital services and technology solutions, headquartered in Tysons Corner, VA. They focus on end-to-end managed IT services, including managed mobility, cloud, cybersecurity, network operations, and application development, supporting public sector agencies and commercial enterprises around the globe.
Serve as the central point of contact for the Government’s Contracting Officer.
Lead overall contract governance, risk management, staffing oversight, and performance execution.
Ensure compliance with government regulatory cybersecurity requirements.
Electrosoft Services, Inc. provides technology-based solutions and services to federal customers. They focus on cybersecurity, ICAM, enterprise IT modernization, and software solutions and retain qualified employees while offering meaningful work, growth opportunities, and work-life balance.
Own the strategy and maturity roadmap for corporate security engineering and operations.
Manage and develop System Security Engineers and Security Operations Analysts.
Strengthen configuration enforcement, vulnerability remediation, monitoring quality, and detection coverage.
Onebrief is collaboration and AI-powered workflow software designed specifically for military staffs. Founded in 2019, today, Onebrief’s team spans veterans from all forces and global organizations, and technologists from leading-edge software companies.