Serve as a member of Sword's GRC team, contributing to security compliance across all products and services.
Define and maintain the CMMC assessment boundary, working across infrastructure, engineering, and business teams to ensure the scope is accurate and defensible.
Translate identified gaps into prioritized remediation tasks with clear ownership, for audiences ranging from DevOps engineers to clinical operations managers.
Sword Health is building AI to heal billions and unlock humanity’s full potential. As both a clinical-centric frontier AI lab and an applied AI platform, Sword is reimagining how care is delivered at scale. They have over 700,000 members across three continents and have raised more than $500 million from leading investors.
Translate group security frameworks into practical policies, controls, and procedures.
Build and strengthen a Security-by-Design culture across projects, platforms, and teams.
Support teams in identifying risks, defining actions, and tracking real progress.
Q8 is a well-respected, reliable, and trustworthy energy supplier that has been operating since 1983, with nearly 5,000 service stations in Europe. They are committed to developing a wide range of innovative and sustainable products and services. Their culture is focused on growing together in a digital and inspiring environment of trust, focused on continuous learning.
Deliver world-class cyber security assessment and advisory services while ensuring customer satisfaction.
Work effectively as a team member on large engagements and remain current on technical knowledge.
Demonstrate GuidePoint’s Core Values at all times: Take Charge and Complete Our Mission.
GuidePoint Security provides trusted cybersecurity expertise, solutions, and services to help organizations make better decisions and minimize risk. They have over 1,200 employees and focus on core values to establish an enjoyable workplace atmosphere.
Research, draft, and analyze policies to align with stakeholder needs and organizational goals.
Conduct gap analyses against frameworks and regulations to recommend policy enhancements.
Collaborate with security engineers and compliance officers to ensure policies are technically sound.
Tier One Technologies is a contractor seeking personnel for US Government client projects. The company operates in the information technology sector and engages in contract-to-hire staffing.
Lead the development of security architecture guidance, standards, and reference diagrams for on-premise and cloud platforms, supporting macro and micro security design for a large government agency.
Design Zero Trust security architectures and associated guidance, working in iterations to tighten least privilege access controls and automate Zero Trust controls.
Assess and evaluate security postures, review candidate architectures, identify protection needs, and determine how new systems impact enterprise security.
Abile Group LLC partners with the Intelligence Community and their Contractors in Enterprise Analytics & Performance Management, IT & Systems Engineering, and Program & Project Management. It is an EDWOSB dedicated to its employees and clients, focusing on high-performing talent to develop solutions combining industry best practices with client expertise.
Administer and maintain AWS cloud environments, ensuring availability, performance, and security.
Support the implementation of existing and new enterprise architecture by duplicating existing production environments.
Ensure compliance with RMF, NIST 800-53, DISA STIGs, and DoD cybersecurity standards.
Tlingit Haida Tribal Business Corporation delivers mission-critical services to federal clients globally. They are united by a single purpose: to generate meaningful economic opportunity and sustainable growth for the Tlingit & Haida Tribes of Alaska.
Manage day-to-day security operations and maintain ATO for DoD information systems under the RMF framework.
Develop and maintain RMF artifacts like SSP, SAP, and POA&M, and shepherd packages through eMASS or equivalent.
Track vulnerabilities and STIG compliance, manage POA&M closure, coordinate audits, and translate policy into clear engineering guidance.
LMI is a digital solutions provider dedicated to accelerating government impact with innovation and speed by bringing commercial-grade platforms and mission-ready AI to federal agencies. With a focus on agility and collaboration, the company serves defense, space, healthcare, and energy sectors, and is headquartered in Tysons, Virginia, committed to delivering impactful results.
Develop cybersecurity policy and provide RMF support for cloud deployment in support of the US Army.
Develop plans delineating how to work within existing policies and procedures.
Oversee the delivery of continuous monitoring tools and capabilities that deliver accountable governance.
Millennium is part of the Markon enterprise, a network supporting critical national security missions. They have an elite team of over 300 professionals with expertise in cybersecurity, red team operations, defensive cyber operations, software engineering, and technical engineering.
Assess customer's Falcon environment and ensure alignment with Falcon Complete standards.
Provide customers with security recommendations and create remediations to improve their security posture.
Partner with internal teams to troubleshoot issues and ensure customer satisfaction.
CrowdStrike is a global leader in cybersecurity with an AI-native platform designed to stop breaches. The company has a mission-driven culture that provides employees flexibility and autonomy, and it supports customers across all industries.
Partner with clients to assess, design, and enhance privacy programs aligned with regulatory and industry requirements.
Interpret and advise on European data protection and privacy laws, including the GDPR, ePrivacy requirements, and applicable EU regulatory obligations.
Conduct privacy assessments, risk evaluations, and audits to identify gaps and create remediation strategies.
Zaviant is a boutique consulting firm specializing in Data Security, Privacy, and Third-Party Risk Management. They partner with organizations to build effective and sustainable solutions that safeguard sensitive data and support compliance with complex, evolving regulatory requirements.
Monitor and ensure compliance with international sanctions regulations.
Manage data protection matters both internally and externally.
Supervise internal compliance processes, including conducting KYC and KYS procedures.
Gcore provides infrastructure and software solutions for AI, cloud, network, and security. They are a global team of 550+ professionals building infrastructure and software that supports the entire digital ecosystem.
Maintain and improve information security policies, standards, and procedures.
Support SOC 2, ISO 27001, and HITRUST readiness, audit preparation, and evidence collection.
Support vendor security reviews, third-party risk assessments, and remediation tracking.
Benepass is making benefits easy through its customizable fintech platform. They enable People teams to implement, administer, and track benefits that meet employees where they are. The company has raised approximately $75 million in equity capital and is backed by leading investors.
Design, implement, and harden security controls across cloud, on-premises, and hybrid environments supporting a fast-moving technical organization.
Lead vulnerability management, conduct security architecture reviews, configure security tooling, respond to incidents, and produce artifacts for Authorization to Operate.
Translate NIST 800-53, DISA STIGs, and CNSSI guidance into practical engineering decisions and work directly with ISSO/ISSM to maintain a defensible security posture.
LMI is a digital solutions provider that accelerates government impact with innovation and speed by investing in technology ahead of need and bringing commercial-grade platforms and mission-ready AI to federal agencies. It is a federally focused organization headquartered in Virginia, serving defense, space, healthcare, and energy sectors with a collaborative and agile culture.
Lead and maintain the IT Compliance Program, ensuring alignment with industry best practices and regulatory requirements.
Stay abreast of relevant laws, regulations, and industry standards (e.g. GDPR, ISO 27001, NIS2, SOC 2,...).
Serve as a main point of contact for senior management and stakeholders on regulatory and IT compliance matters.
EcoVadis is the leading provider of business sustainability ratings, offering solutions backed by experts and technology. They analyze data to provide companies with insights into their environmental, social, and ethical risks, fostering a culture of global sustainability change.