Own and lead the FedRAMP High authorization program.
Serve as the primary point of accountability for government compliance programs.
Manage compliance roadmaps, milestones, dependencies, risks, and remediation efforts.
Commvault is the gold standard in cyber resilience. The company empowers customers to uncover, take action, and rapidly recover from cyberattacks – keeping data safe and businesses resilient. For over 25 years, more than 100,000 organizations and a vast partner ecosystem have relied on Commvault to reduce risks, improve governance, and do more with data.
Develops and refines performance methodologies that support the cybersecurity requirements.
Oversee independent assessments and review Security Impact Analyses (SIA).
Incorporate compliance data into the Governance, Risk, and Compliance Tool (GRCT).
SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider. It is an established ISO 9001:2015 and ISO/IEC 27001:2013 certified small business and appraised at CMMI Level 3 for Services and Development.
Manage certification frameworks, including CMMC, NIST, and SOC 2.
Develop, track, and maintain security and compliance policy documents.
Analyze and review system configurations for security vulnerabilities.
Rubris Inc. provides transformational legal technology and solutions for complex business and legal processes in the mass tort industry. They streamline and automate processes to improve efficiency while delivering unprecedented insights and analytics.
Support the development, implementation, and maintenance of IT compliance policies, standards, procedures, and controls.
Coordinate and support internal and external audits, including preparation of documentation, evidence collection, and remediation tracking.
Perform periodic compliance assessments, gap analyses, and risk assessments against applicable frameworks and standards.
Xcelerate Solutions, founded in 2009 and located in McLean, VA, is a fast-growing company. The company is defined by a diversified workforce of dynamic and versatile professionals, with growth and development opportunities that contribute to individual and firm growth.
Lead the end-to-end Certification & Authorization (C&A) process for information systems.
Maintain and update System Security Plans (SSPs), POA&Ms, and other FedRAMP/GovRAMP/NIST documentation artifacts.
Oversee control gap analysis and drive remediation efforts across technical and administrative domains.
EBSCO Information Services (EBSCO) delivers a fully optimized research experience, seamlessly integrated with a powerful discovery platform to support the information needs of our end-users. Headquartered in Ipswich, MA, EBSCO employs more than 2,700 people worldwide, with most embracing hybrid or remote work models.
Work with private equity and portfolio company clients, consulting on how to apply an information security vision and strategy in alignment with customer business objectives.
Work with customers to assess and address information security risks.
Assist in managing customer security programs including the achievement and/or maintenance of key compliance initiatives such as SOC, ISO27001, NIST, PCI, and SOX.
Crosslake supports changemakers and helps them buy, build, and run better technology. They believe in a programmatic, proactive approach to actively manage technology throughout the investment lifecycle.
Own the DoW product strategy and execution roadmap.
Ensure the platform aligns with compliance management under the Risk Management Framework (RMF).
Translate customer and mission needs into clear product requirements.
Jobgether uses an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Their system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company.
Serve as the primary cybersecurity point of contact for assigned DoD Information Systems.
Collaborate with stakeholders to ensure system compliance and readiness.
Develop, maintain, and update all RMF authorization and GRC documentation.
LMI is a digital solutions provider dedicated to accelerating government impact with innovation. Investing in technology and prototypes ahead of need, it brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed, employing agile methodology and collaboration.
Lead SOC 2 and ISO programs through the full audit lifecycle.
Build integrations that continuously gather compliance evidence from AWS, GitHub, identity providers, and internal systems.
Evaluate and monitor third-party vendors for security and compliance risk.
Fieldguide is establishing a new state of trust for global commerce and capital markets through automating and streamlining the work of assurance and audit practitioners. The company is based in San Francisco, CA, and built as a remote-first company with a team that is inclusive, driven, humble and supportive.
Manage SOC 2 Type II audits, serving as the primary point of contact for auditors and collaborators.
Coordinate HIPAA compliance assessments, including risk analyses, policy reviews, and Business Associate Agreement (BAA) management.
Conduct structured gap analyses against applicable frameworks to identify control deficiencies and develop prioritized remediation roadmaps.
Rad AI is transforming healthcare with AI-driven solutions, revolutionizing radiology to save time, reduce burnout, and improve patient care. They have secured over $140M in funding and recognized as a fast-growing company, fostering transparency, inclusion, and close collaboration.
Assess and improve client security and IT controls.
Develop policies, processes, and risk assessments aligned to top frameworks like NIST, ISO 27001, and SOC 2.
Translate technical and regulatory requirements into clear, actionable steps for our clients.
Hotman Group is a rapidly growing boutique firm redefining cybersecurity and GRC. They help business leaders earn and keep customer trust through expert guidance and a commitment to quality, fostering a collaborative environment where every voice matters.
Lead, mentor, and coach a team of high-performing Vanta for Government Account Executives.
Drive new business growth for CMMC, FedRAMP, NIST frameworks through strategic selling.
Develop clear business plans and identify necessary resources to effectively close new business.
Vanta helps businesses earn and prove trust by ensuring security is monitored and verified continuously. They empower companies to practice better security and prove it with ease, creating a kind and talented team, even for those without prior security experience.
Oversee third-party and internal risk assessments to support enterprise information security and governance, risk, and compliance (GRC) initiatives.
Manage vendor due diligence, maintains an accurate risk register, partners with internal stakeholders on mitigation strategies.
Drive continuous improvement of the risk and compliance framework.
Concorde Career Colleges is committed to a policy of Equal Employment Opportunity and will not discriminate against an applicant or employee based on race, color, religion, religious creed, national origin, ancestry, sex, age, veteran or military status, or any other legally protected characteristic. Concorde Career Colleges offer short career-focused programs preparing students for the healthcare industry.
Drive vulnerability management activities with cross-functional teams.
Execute application security testing and lead cyber risk management efforts.
Oversee remediation of findings from security assessments and testing.
The American Institutes for Research (AIR) is a nonpartisan, not-for-profit organization. They conduct behavioral and social science research and deliver technical assistance to address pressing challenges. They employ data-driven solutions, expanding opportunities and improving lives.
Assist in the preparation and execution of third-party audits and assessments.
Support the development and maintenance of Eltropy’s GRC program.
Conduct and manage vendor security assessments, maintain risk tracking, and ensure third-party compliance.
Eltropy is a FinTech company aiming to transform financial service access. They provide an AI-enabled digital conversations platform for community financial institutions to enhance operations, engagement, and productivity.
Own and lead enterprise-level compliance programs.
Define and mature ISO 27001 and ISO 42001 control environments and SOX 404 ITGCs.
Act as a subject matter expert and internal consultant for various teams.
Spring Health aims to eliminate mental health barriers with its clinically validated technology, Precision Mental Healthcare. They partner with over 450 companies, providing care for 10 million people and are valued at $3.3 billion.
Lead current ISO 27001, SOC 2, and PCI compliance initiatives.
Spearhead initiatives to identify and improve security risks.
Conduct Risk Assessments within customer systems.
Canadian Bank Note Company (CBN) is a leader and trusted provider of secure document and adjacent enterprise-level system solutions across various domains. They seek long-term relationships with their employees and offer a competitive compensation package, including health, medical, life insurance benefits, and a defined contribution pension plan with company matching.
Serve as a security point of contact for external customers deploying into regulated cloud environments.
Implement and operate security controls required for FedRAMP Moderate/High, aligned to NIST SP 800-53.
Implement security and compliance gates in CI/CD pipelines to prevent non-compliant infrastructure or code from reaching production.
Knox runs the largest Federal managed cloud, building and operating secure cloud and AI environments that support the U.S. government’s most critical missions. Their work is high-impact and purpose-driven, expecting speed, rigor, and trust.
Support vulnerability management services, including vulnerability scanning and assessments.
Operate and configure agency tools for vulnerability testing and identification.
Develop and disseminate reports on vulnerability status to stakeholders.
Tyto Athene is a trusted leader in IT services, delivering mission-focused digital transformation. They have over 50 years of experience and foster a collaborative, innovative, and mission-driven environment where every team member plays a critical role.
Lead security governance, risk management, and compliance efforts.
Oversee security operations and incident response.
Partner with IT, Clinical Operations, Privacy, and Compliance to ensure regulatory requirements and industry frameworks.
Tuesday Health is a value-based palliative care provider group dedicated to transforming serious illness and end-of-life care. Through their leading-edge care model, Tuesday Health is shaping the future of community-based palliative care nationwide.