Lead the end-to-end Certification & Authorization (C&A) process for information systems.
Maintain and update System Security Plans (SSPs), POA&Ms, and other FedRAMP/GovRAMP/NIST documentation artifacts.
Oversee control gap analysis and drive remediation efforts across technical and administrative domains.
EBSCO Information Services (EBSCO) delivers a fully optimized research experience, seamlessly integrated with a powerful discovery platform to support the information needs of our end-users. Headquartered in Ipswich, MA, EBSCO employs more than 2,700 people worldwide, with most embracing hybrid or remote work models.
Manage and develop staff members under Product Compliance.
Oversee and contribute to the vulnerability management lifecycle.
Assess and serve as a subject matter expert for regulatory and compliance requirements.
ExtraHop is a company that focuses on network detection and response (NDR) to help organizations stay ahead of emerging threats. They integrate network threat detection, network performance management, intrusion detection, and packet forensics into a single console.
Own and lead the FedRAMP High authorization program.
Serve as the primary point of accountability for government compliance programs.
Manage compliance roadmaps, milestones, dependencies, risks, and remediation efforts.
Commvault is the gold standard in cyber resilience. The company empowers customers to uncover, take action, and rapidly recover from cyberattacks – keeping data safe and businesses resilient. For over 25 years, more than 100,000 organizations and a vast partner ecosystem have relied on Commvault to reduce risks, improve governance, and do more with data.
Serve as the primary cybersecurity point of contact for assigned DoD Information Systems.
Collaborate with stakeholders to ensure system compliance and readiness.
Develop, maintain, and update all RMF authorization and GRC documentation.
LMI is a digital solutions provider dedicated to accelerating government impact with innovation. Investing in technology and prototypes ahead of need, it brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed, employing agile methodology and collaboration.
Develops and refines performance methodologies that support the cybersecurity requirements.
Oversee independent assessments and review Security Impact Analyses (SIA).
Incorporate compliance data into the Governance, Risk, and Compliance Tool (GRCT).
SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider. It is an established ISO 9001:2015 and ISO/IEC 27001:2013 certified small business and appraised at CMMI Level 3 for Services and Development.
Support the development, implementation, and maintenance of IT compliance policies, standards, procedures, and controls.
Coordinate and support internal and external audits, including preparation of documentation, evidence collection, and remediation tracking.
Perform periodic compliance assessments, gap analyses, and risk assessments against applicable frameworks and standards.
Xcelerate Solutions, founded in 2009 and located in McLean, VA, is a fast-growing company. The company is defined by a diversified workforce of dynamic and versatile professionals, with growth and development opportunities that contribute to individual and firm growth.
Manage certification frameworks, including CMMC, NIST, and SOC 2.
Develop, track, and maintain security and compliance policy documents.
Analyze and review system configurations for security vulnerabilities.
Rubris Inc. provides transformational legal technology and solutions for complex business and legal processes in the mass tort industry. They streamline and automate processes to improve efficiency while delivering unprecedented insights and analytics.
Own end-to-end operational delivery for Keeper’s U.S. Federal deployments.
Serve as a hands-on technical lead for federal platform operations.
Lead cross-functional execution to align Engineering, Security, Product, QA, and Customer Success.
Keeper Security transforms cybersecurity for organizations globally with zero-trust privileged access management. Keeper’s intuitive solutions are built with end-to-end encryption and trusted by federal agencies including the Departments of Justice and Energy.
Performs detailed architecture and technical design reviews on the full stack for vendor solutions.
Conducts architecture reviews of Cloud Service Providers (CSPs) authorization packages to validate the secure design, alignment to FedRAMP and agency requirements.
Completes comprehensive review and comments on documents of CSPs FedRAMP documentation, including but not limited to system security plans, policies and procedures.
Abile Group partners with the Intelligence Community and their Contractors in Enterprise Analytics & Performance Management, IT & Systems Engineering and Program & Project Management. They are an EDWOSB dedicated to their employees and clients, looking for high performing employees who enjoy providing advice and guidance.
Manage and influence both physical and cyber security risk.
Support the development and execution of the information security strategy.
Oversee day-to-day security operations including monitoring and incident response.
Jobgether uses an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Their system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company.
Lead the organization’s cybersecurity strategy, governance, and operational security programs.
Protect company systems, networks, and data by developing security policies and managing risk.
Oversee security operations and lead incident response efforts.
Lightcast is a global leader in labor market insights with headquarters in Moscow, ID (US) and offices in the United Kingdom, Europe, and India. They drive economic prosperity and mobility by providing insights to build and develop people, institutions, companies, and communities.
Lead, mentor, and coach a team of high-performing Vanta for Government Account Executives.
Drive new business growth for CMMC, FedRAMP, NIST frameworks through strategic selling.
Develop clear business plans and identify necessary resources to effectively close new business.
Vanta helps businesses earn and prove trust by ensuring security is monitored and verified continuously. They empower companies to practice better security and prove it with ease, creating a kind and talented team, even for those without prior security experience.
Lead security governance, risk management, and compliance efforts.
Oversee security operations and incident response.
Partner with IT, Clinical Operations, Privacy, and Compliance to ensure regulatory requirements and industry frameworks.
Tuesday Health is a value-based palliative care provider group dedicated to transforming serious illness and end-of-life care. Through their leading-edge care model, Tuesday Health is shaping the future of community-based palliative care nationwide.
Lead the technical design, implementation, and ongoing security operations of a Microsoft 365 GCC High environment supporting Controlled Unclassified Information (CUI).
Implement and evidence compliance with CMMC Level 2, DFARS 7012, and NIST 800-171 controls.
Act as the technical owner of the GCC High enclave, partnering with Security, Legal, and IT to ensure audit readiness and successful certification by May 2026.
ServiceNow, founded in 2004, is a global market leader providing AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500. They offer an intelligent cloud-based platform that connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work.
Support and execute security incident response activities.
Operate and improve enterprise security controls and tooling.
Coordinate security investigations with DevOps, IT, and Engineering teams.
Keeper Security transforms cybersecurity for organizations around the world with next-generation privileged access management. Keeper’s zero-trust and zero-knowledge cybersecurity solutions are FedRAMP and GovRAMP Authorized, FIPS 140-2 validated, as well as SOC 2 and ISO 27001 certified.
Ensure accuracy and consistency with compliance mandates and supporting documentation standards.
Develop and present data visualization solutions using PowerBI and Power Automate to provide to senior leadership.
Ensure that documentation, policy guidance, and reporting comply with federal standards (e.g., NIST, DHS, and OCIO) and support the ATO, SSA, and OSA processes.
SkyePoint Decisions is a Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider. They focus on enabling their clients to deliver their mission most efficiently and effectively. They are an established ISO 9001:2015 and ISO/IEC 27001:2013 certified small business and appraised at CMMI Level 3 for Services and Development with a collaborative team culture built upon individual performance and accountability.
Own and evolve the GRC program in partnership with Legal and our CCO.
Develop, maintain, and enforce clear, practical security policies across all departments.
Develop and execute a comprehensive information security roadmap aligned with business objectives.
Allocate is a fintech company handling sensitive investor data and financial transactions. They are a rapidly growing organization that values client service, relentless problem-solving, and continuous improvement.
Own, manage and be accountable for supporting our revenue team both on net new deals as well as renewals and RFIs when it comes to customer security reviews.
Flock Safety is a safety technology platform that helps communities thrive by taking a proactive approach to crime prevention and security. They're a high-performance, low-ego team driven by urgency, collaboration, and bold thinking.
Conduct structured interviews with partner organizations, operational teams, and technical stakeholders.
Documents end‑to‑end operational workflows and surface implicit, non‑documented practices.
Identify workflow fragility zones, handoff risks, and transition‑period vulnerabilities.
Element serves as a partner at the intersection of innovation and our clients' needs, efficiently crafting meaningful user experiences for government and commercial customers. Our talented professionals bring unparalleled energy engagement, setting a higher standard for impactful work.
Assist in the preparation and execution of third-party audits and assessments.
Support the development and maintenance of Eltropy’s GRC program.
Conduct and manage vendor security assessments, maintain risk tracking, and ensure third-party compliance.
Eltropy is a FinTech company aiming to transform financial service access. They provide an AI-enabled digital conversations platform for community financial institutions to enhance operations, engagement, and productivity.