Maintain Risk Management Framework artifacts for DevSecOps pipeline inheritance of NIST SP 800-53 controls.
Complete and validate STIG/SRG checklists quarterly and provide monthly application STIG status reports.
Evaluate program risks, document mitigation strategies, and recommend courses of action to ensure continuous ATO compliance.
DecisionPoint is a company providing cloud services and DevSecOps solutions, supporting ARTRANS AWS environments. It is a regular full-time employer fostering a culture of security and compliance, with an active Secret clearance required for this role.
Lead and execute RMF compliance activities in accordance with DoD and NIST requirements, supporting system accreditation and ATO efforts.
Conduct STIG and SRG assessments across Windows, Linux, database, cloud, and application environments using tools such as SCC and STIG Viewer.
Analyze vulnerability scan results, develop and maintain POA&Ms, and track remediation activities to closure.
Peraton is a next-generation national security company that drives missions of consequence across land, sea, space, air, and cyberspace. As a leading mission capability integrator and enterprise IT provider, we deliver trusted solutions to protect our nation and allies, supporting essential government agencies and every branch of the U.S. armed forces.
Design and implement enterprise security controls aligned with NIST SP 800-53 and Zero Trust Architecture principles.
Conduct continuous security monitoring, incident response, and vulnerability management across cloud, network, and endpoint environments.
Develop and maintain cybersecurity SOPs, security baselines, and asset inventories to support audit readiness.
DMI is a leading provider of digital services and technology solutions, headquartered in Tysons Corner, VA, supporting public sector agencies and commercial enterprises globally. Recognized as a Top Workplace, the company delivers secure, efficient, and cost-effective solutions through a culture guided by five core values.
Collaborate with cross-functional teams to apply cybersecurity best practices across systems, applications, and cloud environments.
Lead portions of cybersecurity assessments across the technology stack, identifying vulnerabilities and recommending remediation strategies.
Assist in shaping cybersecurity risk management activities, helping prioritize and guide security initiatives to protect critical assets.
Rise8 builds custom, secure software for government organizations, measuring success by impact: lives saved, time returned, and missions advanced. Certified as a Great Place to Work® with 100% of employees saying they love working here, Rise8 offers a culture rooted in kindness, candor, and continuous learning.
You will own small-to-medium engineering projects end-to-end, configure and operate security controls, and partner with senior engineers on larger initiatives.
You will develop deepening expertise in at least one control domain such as identity, endpoint, vulnerability management, or cloud security.
You will produce clean operational documentation, participate in change reviews, and mentor associate engineers on day-to-day execution.
Aprio is a Top 20 CPA and advisory firm that provides proven expertise and strategic foresight for fast-growing industries. The firm has over 40 U.S. office locations and more than 3,200 team members globally, with a top-rated culture focused on growth and innovation.
Engineer security infrastructure across AWS and Kubernetes including telemetry pipelines, cryptographic lifecycle, and compliance automation.
Build and maintain agentic AI workflows using tools like Claude Code and MCP integrations to automate security engineering tasks.
Embed security controls into deployment pipelines and develop threat models that inform architecture decisions.
Lumin Digital creates cutting-edge digital banking solutions for credit unions and banks as a 100% cloud-native company. Their culture is built on trust, respect, and boldness in a fully remote environment.
Own the architectural shape of the platform on commercial AWS, including VPC, managed PostgreSQL, serverless compute, object storage, observability, and CI/CD defined as code.
Own security and compliance shape for federal identity standards and regulatory frameworks like FedRAMP, HIPAA, SOC 2, and ITAR.
Own internal developer experience, including logs, traces, deploy speed, and the local dev loop, while being on call for systems you design.
LTS is a technology company that applies frontier AI to modernize legacy systems still running in production. The team is small by design, with senior engineers using AI tooling natively, and they value innovation, growth, collaboration, and quality.
Serve as senior cybersecurity authority advising on complex authorization scenarios and ensuring compliance with federal policy.
Lead the AI and automation workstream, identifying high-value use cases and piloting process improvements.
Mentor junior team members and coordinate with cross-functional teams to integrate AI and automation into workflows.
Kentro is a technology solutions company that supports federal missions with innovative IT services. The company holds ISO certifications and CMMI ratings, provides competitive benefits, and invests in professional development.
Perform detailed architecture and technical design reviews on the full stack for vendor solutions.
Conduct architecture reviews of Cloud Service Providers authorization packages to validate secure design and compliance.
Lead and conduct architecture interviews with CSPs to ensure critical control areas are designed to meet program requirements.
Valiant Solutions is a security-focused IT solutions provider with public clients nationwide. Named one of the fastest growing privately held companies by Inc. 5000, Washington Technology’s Fast 50, and Washington Business Journal’s Best Places to Work in the D.C. area, the company prides itself on providing employees with great benefits and career development opportunities.
Lead and own the ongoing operation and maintenance of Samsara’s vulnerability management program.
Collaborate with engineering teams to track and support the remediation of identified vulnerabilities.
Champion Samsara’s cultural principles in daily work.
Samsara is the pioneer of the Connected Operations Cloud, enabling organizations to harness IoT data for actionable insights. As a recently public company with a global team, they foster a culture of rapid career development and encourage employees to architect their own careers.
Design, deploy, and manage cloud infrastructure on FedRAMP-authorized platforms (AWS GovCloud, Azure Government, Google Cloud for Government) supporting Army workloads.
Lead technical execution of cloud migration efforts including workload assessment, lift-and-shift, re-platforming, and cloud-native refactoring.
Implement Infrastructure as Code (IaC) using Terraform, AWS CloudFormation, Azure Bicep, or equivalent tools to automate provisioning and configuration management.
Empower AI provides AI solutions for government agencies, helping federal leaders enhance workforce potential through practical transformation. Headquartered in Reston, VA, the company leverages over 30 years of experience in Health, Defense, and Civilian missions, and is recognized as a 2024 Military Friendly Employer.
Design, deploy, and operate secure cloud infrastructure across AWS and AWS GovCloud to support regulated deployments.
Drive platform reliability, release operations, and incident response for production and customer-facing systems.
Translate compliance obligations into practical engineering work, including access controls, monitoring, and documentation.
Arch Systems empowers discrete manufacturing facilities with deep data insights for optimal efficiency and proactive decision-making. As a remote-first company with a passionate, multidisciplinary team, they foster innovation and collaboration among employees.
Own the operational health of one or two engineering domains (identity, network, cloud, endpoint, monitoring) and lead cross-team security initiatives.
Design security patterns, reference architectures, and standards that the team executes against, ensuring audit-ready documentation.
Mentor mid and associate engineers through pairing, code review, and clear standards to elevate team capability.
Aprio is a Top 20 CPA and advisory firm with over 40 U.S. office locations, international offices, and more than 3,200 team members speaking 60+ languages. They provide expertise and strategic foresight for fast-growing industries, fostering a progressive and innovative culture.
Design, deploy, and maintain secure cloud environments in AWS and Azure with compliance to DoD frameworks.
Configure IAM, RBAC, and cloud networking like VPC peering and VPNs for secure operations.
Support Infrastructure-as-Code using Terraform, CloudFormation, and optimize cloud resources for cost and security.
Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. They deliver tailored solutions and trusted results to enable national security missions worldwide.
Champion a security-first mindset within Engineering to set the security posture of platform infrastructure.
Design and build automation that makes compliance evidence continuous and translates HITRUST controls into tests.
Embed security into the platform by default through guardrails, policy-as-code, and well-documented patterns.
Redox accelerates healthcare transformation with useful data via its interoperability platform. The fully remote US-based team operates with radical transparency and ownership.
Design and implement security best practices for application modernization and cloud migration initiatives.
Secure ASP.NET Core applications using modern authentication and authorization frameworks.
Configure and manage AWS security services including IAM, Secrets Manager, KMS, WAF, GuardDuty, and CloudTrail.
Fastwater Staffing is a staffing firm connecting talent with contract opportunities. They focus on matching skilled professionals with government and enterprise clients.
Lead the technical work to achieve and maintain compliance certifications (SOC 2, ISO 27001, and the upcoming FedRAMP process)
Design and implement security controls across AWS infrastructure, CI/CD pipelines, Kubernetes, and application deployments
Build the automation, logging, and evidence collection required for continuous compliance
Zafran's mission is to stop the exploitation of vulnerabilities everywhere, using an Exposure Graph that maps and neutralizes real attack paths. Backed by Menlo Ventures, Sequoia Capital, and Cyberstarts, they are one of the fastest-growing companies in cybersecurity, with a culture of meaningful work and challenging teammates.
Define security architecture and build controls for AI platforms, training and inference workflows, and agentic systems.
Design reusable security patterns for identity, authorization, and runtime controls to constrain execution and data exposure.
Lead hands-on security reviews and influence security architecture through practical design changes and reusable controls.
Cerebras Systems builds the world's largest AI chip, 56 times larger than GPUs, delivering industry-leading training and inference speeds. With dozens of model releases and rapid growth, they have a non-corporate work culture that respects individual beliefs.
Lead a specialized team of security engineers focused on application, cloud, and AI system security.
Champion shift-left security practices including threat modeling, secure code review, and developer training.
Define cloud security standards and enforce security for AI systems including LLM-based agents.
Acquia empowers ambitious brands to create digital customer experiences using open source Drupal. Headquartered in Boston, MA, it is a Great Place to Work-Certified company and among the world's top software companies.
Support the day-to-day security posture of systems across cloud and on-prem environments, including vulnerability management and remediation tracking.
Partner with infrastructure, platform, and engineering teams on secure configuration, access control, logging, and incident readiness.
Support compliance activities related to GovRAMP, FedRAMP, PCI DSS, and internal reviews using AWS security tooling.
Grant Street Group is a growing company that provides SaaS products for electronic payments, auctions, and tax collection. The company fosters a culture of teamwork, professional excellence, and individual responsibility in a technology-rich remote environment.