Support the ISSO with information system security activities.
Perform Assessment and Authorization efforts under the Risk Management Framework.
Develop and maintain RMF documentation and coordinate vulnerability remediation.
GovCIO transforms government IT with innovative services and solutions. They foster a collaborative, team-oriented culture where employees' talents drive success.
Manage certification frameworks, including CMMC, NIST, and SOC 2.
Develop, track, and maintain security and compliance policy documents.
Analyze and review system configurations for security vulnerabilities.
Rubris Inc. provides transformational legal technology and solutions for complex business and legal processes in the mass tort industry. They streamline and automate processes to improve efficiency while delivering unprecedented insights and analytics.
Own and drive remediation of security vulnerability tickets across environments
Analyze vulnerability trends to identify process gaps and recommend improvements
Track remediation progress and provide weekly status updates to management
ItD is a consulting and software development company blending diversity, innovation, and integrity with real business results. They are a woman- and minority-led firm that rejects strong hierarchies, empowering them to deliver great results with Fortune 500 companies and high-performance teams.
Perform internal audits and vulnerability testing, ensuring security controls are monitored.
Lead security architecture governance for internal IT and projects, using Unified Architecture Framework.
Maintain compliance with security requirements and develop roadmaps to address evolving threats.
Jobgether is a platform connecting job seekers with companies. It uses AI-powered matching to ensure applications are reviewed quickly and fairly, identifying top candidates for employers.
Test cloud and infrastructure with penetration testing
Pismo, founded in 2016, provides a comprehensive processing platform for banking, card issuing, and financial market infrastructure, helping customers innovate and build next-generation banking and payment solutions. With over 500 employees across 10 countries, Pismo joined Visa in 2024 and leverages their solutions to address technological challenges faced by large banks, marketplaces, and fintech companies.
Work with private equity and portfolio company clients, consulting on how to apply an information security vision and strategy in alignment with customer business objectives.
Work with customers to assess and address information security risks.
Assist in managing customer security programs including the achievement and/or maintenance of key compliance initiatives such as SOC, ISO27001, NIST, PCI, and SOX.
Crosslake supports changemakers and helps them buy, build, and run better technology. They believe in a programmatic, proactive approach to actively manage technology throughout the investment lifecycle.
Manage a worldwide portfolio of vendor assessments using a defined methodology.
Assess responses to Information Security controls and identify risks.
Liaise with stakeholders to ensure appropriate escalation and timely remediation.
TELUS Agriculture & Consumer Goods tackles the challenge of efficient production with lower environmental impact. They deliver data insights and technology solutions connecting producers to consumers, improving the quality, safety and sustainability of food and consumer goods globally.
Perform physical pentests and social engineering analysis
Evaluate the impact of new development on the operational security posture of IT systems
Propose, assess, coordinate, implement, and enforce information systems security policies, standards, and methodologies
Eurofins Scientific provides analytical testing services to clients across multiple industries, ensuring safety and sustainability. With 55,000 staff across 900 laboratories in over 50 countries, it is a global leader in food, environment, pharmaceutical, and cosmetic product testing.
Mentor and develop security engineers and analysts.
Define and own the security strategy and roadmap.
Lead and scale the security function across vulnerability management.
Attentive is the AI marketing platform for 1:1 personalization redefining the way brands and people connect. They combine technology with human expertise to build authentic customer relationships, partnering with more than 8,000 customers across 70+ industries.
Serve as the primary cybersecurity point of contact for assigned DoD Information Systems.
Collaborate with stakeholders to ensure system compliance and readiness.
Develop, maintain, and update all RMF authorization and GRC documentation.
LMI is a digital solutions provider dedicated to accelerating government impact with innovation. Investing in technology and prototypes ahead of need, it brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed, employing agile methodology and collaboration.
Develops and refines performance methodologies that support the cybersecurity requirements.
Oversee independent assessments and review Security Impact Analyses (SIA).
Incorporate compliance data into the Governance, Risk, and Compliance Tool (GRCT).
SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider. It is an established ISO 9001:2015 and ISO/IEC 27001:2013 certified small business and appraised at CMMI Level 3 for Services and Development.
Manage and influence both physical and cyber security risk.
Support the development and execution of the information security strategy.
Oversee day-to-day security operations including monitoring and incident response.
Jobgether uses an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Their system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company.
Develop and maintain long term strategic information security program.
Manage vendor relationships with information security vendors that support the company programs and plans.
Develop, implement, monitor, maintain and enforce security policies and procedures across the company.
Netrix Global provides the people, processes, and technology needed to run and scale modern, data-driven businesses that are always on and always secure. They offer holistic offerings that solve complex business challenges, delivering integrated, optimized, and future-proof solutions.
Provide SA/OSA subject matter expertise to the Information System Security and Authorization program.
Review ATO packages under the RMF for customer systems and the systems of the external partners.
Coordinate and assist with data calls and data collection efforts for audit and compliance reporting.
SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider. With operations across the U.S., they deliver innovative enterprise-wide solutions and targeted services to federal government clients. They value their people and systems to create value for their clients and foster a collaborative team culture.
Design, deploy, and manage security tools and infrastructure to detect and prevent threats across cloud (AWS and GCP), corporate, and product environments.
Work collaboratively with engineering and product teams to integrate security into the SDLC (Secure Software Development Life Cycle) via threat modeling, code reviews, and automated testing.
Conduct security assessments, penetration testing, and vulnerability management to identify and remediate risks in our applications and services.
Acorns is a financial wellness app helping people and families save and invest money for the long term. Since 2014, Acorns has grown into a global company with multiple life-stage products serving the needs of kids, teens, adults, and parents.
Drive and enable proactive identification, analysis, and remediation of security vulnerabilities.
Respond to manage pen testing and bug bounty programs.
Work in partnership with Software Architecture, Risk/Compliance, the SRE team, and other partners, to integrate security capabilities into the SDLC.
Subsplash builds The Ultimate Engagement Platform™ for churches, Christian ministries, non-profits, and businesses around the world. They are a family-owned and operated company of 290+ mission-driven people.
Own and lead Impiricus’s security architecture across AWS.
Design and implement application and infrastructure security controls across the SDLC.
Build and operate detection and response capabilities, including logging, monitoring, and alerting.
Impiricus is an AI-powered HCP Engagement Engine transforming how life sciences companies support physicians. They ethically connect HCPs to pharma resources and are known for their unique access to a large network of HCP advisors.
Assist in the preparation and execution of third-party audits and assessments.
Support the development and maintenance of Eltropy’s GRC program.
Conduct and manage vendor security assessments, maintain risk tracking, and ensure third-party compliance.
Eltropy is a FinTech company aiming to transform financial service access. They provide an AI-enabled digital conversations platform for community financial institutions to enhance operations, engagement, and productivity.