Define and execute the ATO pathway, including responsibility allocation across government and contractor teams.
Define security requirements for cross-domain data flows and ensure classification-aware data segmentation is enforceable and auditable.
Serve as the authoritative internal resource for DoW security and RMF-related questions, advising on container security, RBAC, and PKI/CAC integration.
Develop cybersecurity policy and provide RMF support for cloud deployment in support of the US Army.
Develop plans delineating how to work within existing policies and procedures.
Oversee the delivery of continuous monitoring tools and capabilities that deliver accountable governance.
Millennium is part of the Markon enterprise, a network supporting critical national security missions. They have an elite team of over 300 professionals with expertise in cybersecurity, red team operations, defensive cyber operations, software engineering, and technical engineering.
Lead the design and evolution of complex enterprise platform architectures for the Department of War.
Oversee platform governance, automation, and daily operations to ensure high availability and security.
Mentor distributed engineering teams and collaborate with cybersecurity to maintain Authorization to Operate.
DecisionPoint Corp provides enterprise platform architecture and management services for the Department of War (DoW). It is a regular full-time employer with a focus on secure, scalable systems and team collaboration.
Serve as a member of Sword's GRC team, contributing to security compliance across all products and services.
Define and maintain the CMMC assessment boundary, working across infrastructure, engineering, and business teams to ensure the scope is accurate and defensible.
Translate identified gaps into prioritized remediation tasks with clear ownership, for audiences ranging from DevOps engineers to clinical operations managers.
Sword Health is building AI to heal billions and unlock humanity’s full potential. As both a clinical-centric frontier AI lab and an applied AI platform, Sword is reimagining how care is delivered at scale. They have over 700,000 members across three continents and have raised more than $500 million from leading investors.
Administer and maintain AWS cloud environments, ensuring availability, performance, and security.
Support the implementation of existing and new enterprise architecture by duplicating existing production environments.
Ensure compliance with RMF, NIST 800-53, DISA STIGs, and DoD cybersecurity standards.
Tlingit Haida Tribal Business Corporation delivers mission-critical services to federal clients globally. They are united by a single purpose: to generate meaningful economic opportunity and sustainable growth for the Tlingit & Haida Tribes of Alaska.
Serve as the primary subject matter expert for IAM and ERP security across the CAPPS program, managing the full identity lifecycle and enforcing RBAC and least-privilege modeling.
Monitor authentication and authorization logs for anomalies, coordinate with the client's Information Security Office, and oversee secure integration of third-party applications via SAML, OAuth, OIDC, SCIM, and custom APIs.
Participate in annual IT control audits, review technical deliverables for CAPPS architecture and security system plans, and serve as a security advisor during procurement cycles.
RESPEC is a 100% employee-owned company that tackles complex challenges in energy transition, infrastructure resilience, digital transformation, and sustainability. Since 1969, they have built a culture of ownership where employees drive real solutions across global projects.
Establish long-term relationships within assigned accounts while developing an understanding of the client’s strategic goals.
Provide project leadership, coordination, and architectural guidance for the customer’s cybersecurity, Zero Trust, and Illumio product initiatives.
Be a customer advocate within Illumio to ensure escalations are resolved in a timely fashion.
Illumio is the leader in ransomware and breach containment, redefining how organizations contain cyberattacks and enable operational resilience. They are recognized as a Leader in the Forrester Wave™ for Microsegmentation, and they enable Zero Trust, strengthening cyber resilience.
Design and maintain data security architecture across Microsoft Azure and Databricks Lakehouse Platform.
Define and enforce data classification, labeling, and handling standards aligned with Microsoft Purview Information Protection.
Serve as security advisor to data engineering, analytics engineering, and BI teams throughout the development lifecycle.
GuidePoint Security provides cybersecurity expertise, solutions, and services to help organizations make better decisions and minimize risk. The company has over 1,200 employees and focuses on collaboration, mentorship, and guidance in an enjoyable workplace atmosphere.
Perform detailed architecture and technical design reviews on the full stack for vendor solutions.
Conduct architecture reviews of Cloud Service Providers authorization packages to validate secure design and compliance.
Lead and conduct architecture interviews with CSPs to ensure critical control areas are designed to meet program requirements.
Valiant Solutions is a security-focused IT solutions provider with public clients nationwide. Named one of the fastest growing privately held companies by Inc. 5000, Washington Technology’s Fast 50, and Washington Business Journal’s Best Places to Work in the D.C. area, the company prides itself on providing employees with great benefits and career development opportunities.
Serve as the primary security owner for key leadership stakeholders, owning the design, implementation, and lifecycle management of security controls.
Architect and operate security controls for systems supporting Circle’s infrastructure, ensuring strong access, monitoring, and auditability.
Own Circle's endpoint and mobile security program end-to-end: endpoint protection platforms, device compliance policies, network, secure email gateway, and secure configuration baselines.
Circle is a financial technology firm building the foundation for a more open, global economy through digital assets, payment applications, and blockchain infrastructure. They are committed to building a flexible work environment, encouraging new ideas, and ensuring everyone is a stakeholder.
Partner with Security Engineering, Risk, Product, and Infrastructure teams to bake security and compliance into the process.
Dive deep into the security stack to identify execution blockers and actively architect the technical solutions to implement them.
Define the technical milestones for high-stakes initiatives like Zero Trust and IAM overhauls, translating a broad vision into a precise execution roadmap.
Human Interest aims to provide all workers access to retirement benefits. They are a high-growth fintech company that is financially backed by investors such as BlackRock, TPG, and SoftBank.
Own the product strategy and execution that strengthens our defense-in-depth architecture and operational controls.
Define and own the roadmap for security platform capabilities across cloud defense and secure-by-default developer tooling.
Translate regulatory, audit, and risk requirements into usable product surfaces and guardrails for internal teams.
Anchorage Digital is building a digital asset platform for institutions to participate in crypto. It is funded by institutions including Andreessen Horowitz, GIC, and Goldman Sachs, and has a Series D valuation over $3 billion.
Lead and execute CMMC Level 2 gap assessments against all 110 NIST SP 800-171 Rev 2 practices.
Author and maintain SSPs, POA&Ms, policies, and procedures using NIST SP 800-171A methodology.
Serve as the primary technical point of contact for DIB accounts across the compliance lifecycle.
Agile IT is a Microsoft partner and Cyber AB RPO that helps defense contractors meet CMMC compliance in Microsoft cloud environments. The company is in a high-growth phase and lives by its RISE values of Reliability, Integrity, Stewardship, and Excellence.
Define and build the integration platform connecting Defcon AI software to the broader logistics C2 ecosystem.
Design and implement bidirectional data layers, common data models, and production-grade adapters for government environments.
Architect data flows across multiple classification levels and ensure reliable synchronization in DDIL environments.
Defcon AI leverages artificial intelligence, mathematical optimization, data analytics, and software engineering for resilient optimization of complex systems. They offer a fully remote, results-based environment and are an equal opportunity employer.
Design and implement automation, dashboards, and integrations that power our Governance, Risk, and Compliance (GRC) operations.
Operationalizing and expanding our GRC platform (Drata), building AI-assisted workflows that automate evidence collection, control monitoring, and vendor risk.
Manage project delivery across multiple GRC automation initiatives simultaneously — maintaining clear scope, milestones, and stakeholder visibility without sacrificing quality.
1Password is building the foundation for a safe, productive digital future. They innovated the market-leading enterprise password manager and pioneered Unified Access Management, a new cybersecurity category built for the way people and AI agents work today. 1Password has surpassed $400M in ARR and has over 180,000 businesses using their product.
Translate group security frameworks into practical policies, controls, and procedures.
Build and strengthen a Security-by-Design culture across projects, platforms, and teams.
Support teams in identifying risks, defining actions, and tracking real progress.
Q8 is a well-respected, reliable, and trustworthy energy supplier that has been operating since 1983, with nearly 5,000 service stations in Europe. They are committed to developing a wide range of innovative and sustainable products and services. Their culture is focused on growing together in a digital and inspiring environment of trust, focused on continuous learning.
Lead, coach, and grow the Security Engineering team.
Design and implement security controls across Cloud environments.
Partner with engineering teams to embed security into the SDLC.
Horizon3.ai is a cybersecurity company dedicated to enabling organizations to proactively find, fix, and verify exploitable attack vectors. They are a fast-growing company with a culture of respect, collaboration, ownership, and results.
Design and operationalize AI security architecture, guardrails, and secure-by-design patterns across the enterprise.
Engineer security controls for AI-enabled applications, internal AI agents, model hosting, RAG architectures, and training pipelines.
Implement data security controls with Microsoft Purview, focusing on AI-driven data access, classification, and protection.
J.S. Held is a global consulting firm that combines technical, scientific, financial, and strategic expertise to advise clients on value realization and risk mitigation. The firm provides a comprehensive suite of services and has a high-energy, collaborative environment that rewards hard work.
Lead the development of security architecture guidance, standards, and reference diagrams for on-premise and cloud platforms.
Assess and evaluate security postures, review candidate architectures, and identify protection needs.
Support risk management and compliance, performing architecture reviews and maintaining documentation throughout the acquisition lifecycle.
Valiant Solutions is a security-focused IT solutions provider with public clients nationwide. Named one of the Best Places to Work in the Washington DC area for 12 consecutive years, the company prides itself on an employee-centric culture and commitment to excellence.
Work collaboratively with a team of assessors as a federal compliance specialist, planning and executing assessments for clients.
Draft audit observations, lead interview walkthroughs, and assess security vulnerabilities against appropriate frameworks.
Prepare and review assessment reports, educate clients on compliance activities, and manage priorities to achieve delivery targets.
Coalfire is on a mission to make the world a safer place by solving clients’ hardest cybersecurity challenges. They are thought leaders, consultants, and cybersecurity experts, and a team of passionate problem-solvers with offices across the U.S. and U.K.
Manage security and IT service desk tickets, access controls, and user provisioning.
Administer Atlassian cloud products, endpoint protection, and SOC/SIEM alerts.
Document processes, support compliance, and maintain security best practices.
Bitwarden is the trusted identity security leader for millions of users worldwide, empowering enterprises, developers, and individuals to securely manage and share sensitive information anywhere. The company is headquartered in Santa Barbara, California, and operates as a fully remote team with a collaborative culture.