Monitor security alerts, vulnerabilities, and incidents across enterprise systems and assist in incident response.
Maintain compliance with standards such as NIST CSF, ISO 27001, and SOC 2 through audits and policy development.
Conduct security risk assessments, evaluate controls, and track remediation plans.
Mission Critical Group is an end-to-end power solutions and services provider that accelerates time-to-power for mission critical environments. With over 1.5 million square feet of U.S. manufacturing capacity, they support data centers, healthcare, and industrial facilities.
Conduct IT and cybersecurity risk assessments across systems, applications, and business processes.
Lead audit readiness activities for frameworks like SOC 2, HIPAA, and NYDFS.
Manage security policies, third-party vendor assessments, and develop risk dashboards.
Jobgether uses an AI-powered matching process to connect candidates with hiring companies. They focus on efficient, objective application review and are a remote-first organization.
Focus on developing and delivering compliance solutions and strategies for Commercial, Defense Industrial Base, and State/Local customers.
Conduct compliance audits, assessments, and gap analyses to identify areas for improvement.
Author policies, plans, and procedures in CJIS and FedRAMP environments while serving as a trusted advisor to customers.
Planet Technologies is the leading provider of Microsoft consulting services to public sector and commercial organizations, specializing in building custom solutions that transform business operations. They are a growing team with collaborative peers and caring leaders, focused on high-profile client projects.
Perform project tasks independently while contributing to cybersecurity assessment engagements and client deliverables.
Collect, organize, and analyze documentation, evidence, and technical artifacts required for security reviews.
Support assessments related to cybersecurity, compliance, and information security programs.
Our partner is a company focused on helping organizations strengthen their security posture and maintain compliance with industry standards. They offer a dynamic and collaborative work environment with career growth opportunities in cybersecurity.
Provide quality customer service and monitor compliance mailbox for client requests.
Prepare written responses to security inquiries and handle due diligence questionnaires.
Support audit activities and coordinate with departments on policy development and remediation.
TierPoint provides information security and compliance solutions. The company fosters a collaborative, team-oriented culture with a focus on confidentiality and accuracy.
Collaborate with cross-functional teams to apply cybersecurity best practices across systems, applications, and cloud environments.
Lead portions of cybersecurity assessments across the technology stack, identifying vulnerabilities and recommending remediation strategies.
Assist in shaping cybersecurity risk management activities, helping prioritize and guide security initiatives to protect critical assets.
Rise8 builds custom, secure software for government organizations, measuring success by impact: lives saved, time returned, and missions advanced. Certified as a Great Place to Work® with 100% of employees saying they love working here, Rise8 offers a culture rooted in kindness, candor, and continuous learning.
Serve as a trusted advisor to clients, defining and advancing cybersecurity strategy over multi-year engagements.
Develop prioritized security roadmaps and advise on governance, risk, and compliance frameworks.
Translate technical risk into business language for executives and boards, owning the advisory relationship.
Apollo Information Systems is a cybersecurity services company delivering comprehensive security and compliance programs, pioneering a cybersecurity-as-a-service model. Backed by Series A funding, we foster a collaborative, mission-driven culture with deep expertise, and primarily work remotely with a hub in Denver.
Monitors, investigates, and responds to cybersecurity events and alerts across various security platforms.
Manages data loss prevention and insider risk alerts, collaborating with IT and business stakeholders.
Supports continuous improvement of detection capabilities through alert tuning and process optimization.
USAP is a company that safeguards organizational data and technology assets through cybersecurity operations. The size and culture are not specified, but the job emphasizes collaboration, continuous improvement, and a secure technology environment.
Execute the security architecture process for business initiatives, from engagement through to implementation.
Support the Information Security Architect across analysis, reviews, and outputs as needed.
Act as a point of contact for InfoSec queries and use security tooling to identify and analyze risks.
StackAdapt is a leading technology company that provides an AI-powered marketing platform for programmatic advertising. The company has a diverse, remote-first culture with a supportive workplace.
Maintain Risk Management Framework artifacts for DevSecOps pipeline inheritance of NIST SP 800-53 controls.
Complete and validate STIG/SRG checklists quarterly and provide monthly application STIG status reports.
Evaluate program risks, document mitigation strategies, and recommend courses of action to ensure continuous ATO compliance.
DecisionPoint is a company providing cloud services and DevSecOps solutions, supporting ARTRANS AWS environments. It is a regular full-time employer fostering a culture of security and compliance, with an active Secret clearance required for this role.
Own and manage the compliance program including SOC 2 and ISO 27001 readiness and audits.
Lead risk assessments, control testing, and enterprise risk management processes.
Partner with Engineering, Security, Product, Legal, HR, and Operations to embed compliance into business processes.
Calendly is a scheduling platform used by millions to automate meetings and streamline time management. They are a rapidly growing SaaS company fostering a culture of learning and high performance.
Partner with the CISO to drive security strategy, roadmap, and execution across application security, GRC, and operations.
Support compliance initiatives including PCI, SOC 2, ISO 27001, DORA, and FedRAMP readiness.
Serve as a trusted security leader in customer-facing settings, translating technical risks into business language.
Sardine is the leading agentic risk platform for fighting financial crime, integrating data across risk teams to stop fraud and automate AML operations. With over 6 billion profiled devices and 800 million consumers, we maintain a remote-first culture that values performance over hours worked.
Own and drive the compliance roadmap across multiple frameworks like ISO 27001, TISAX, SOC 2, and GDPR.
Implement ISO 27001 and adjacent frameworks end-to-end for customers, ensuring successful audits.
Mentor the compliance team, conduct internal audits, and act as the senior compliance voice for customers, auditors, and product.
Secfix automates security compliance for companies, helping them achieve ISO 27001, GDPR, TISAX, and SOC 2 quickly. They are a high-performing 100% remote team with hubs in Germany and the UK, backed by top VCs.
Own Filevine's FedRAMP 20x strategy and execution, including evidence automation, continuous monitoring, and certification readiness.
Drive the security compliance and trust program across FedRAMP, SOC 2, ISO, HIPAA, and PCI-DSS, converting obligations into engineering work.
Lead cross-functional alignment and executive reporting to ensure compliance, privacy, and security priorities are shipped on time.
Filevine is a Legal AI company delivering Legal Operating Intelligence for the future of legal work. Fueled by a team of exceptional collaborators and innovators, Filevine’s rapid growth has earned AI awards and recognition from Deloitte and Inc. as one of the most innovative and fastest-growing technology companies in the country.
Manage security compliance programs against frameworks like PCI-DSS, NIST, and SOC 1/2, leveraging automation tools for continuous assessment.
Oversee identity and access management, including automated provisioning audits and anomaly detection.
Collaborate with engineering, DevOps, and product teams to integrate compliance into CI/CD and cloud infrastructure.
Prosper is a FinTech company focused on improving financial well-being. It is a growing company with a collaborative culture and offers resources for professional growth and holistic well-being.
Manage and conduct internal and external compliance audits for frameworks like ISO, SOC, and NIST.
Work with global teams to implement and update compliance controls, policies, and training.
Stay updated on regulatory changes and perform gap analysis to maintain certifications.
QAD is building a world-class SaaS company that solves real-world problems in manufacturing and supply chain. They are a growing, virtual-first company with a collaborative culture that values idea-sharing and growth.
Own RMF authorizations across Department of War components and FedRAMP High, alongside CMMC 2.0 and SOC 2 compliance for corporate systems.
Maintain authorization and audit evidence, including SSPs, SARs, POA&Ms, STIGs, and control mappings.
Partner with Engineering, Product, and Security to embed compliance requirements into system design and CI/CD workflows.
Onebrief builds collaboration and AI-powered workflow software for military planning and operational coordination. Founded in 2019, valued at over $2 billion, they are a distributed team of builders from military, operational, and technology backgrounds.
Manage ISACA's credentialing program policies and ensure compliance with ISO/IEC 17024:2026 standard.
Design and implement controls to mitigate risks associated with exam IP and certification fraud.
Oversee credentialing policy-driven activities and collaborate with internal teams to maintain exam integrity.
ISACA champions the global workforce advancing trust in technology. For more than 55 years, ISACA has empowered its community of 195,000+ members with knowledge, credentials, training and network.
Develop and maintain the enterprise IT GRC strategy, framework, and roadmap, presenting updates to executive leadership.
Lead enterprise IT risk assessments, maintain risk registers, and oversee remediation efforts.
Ensure compliance with regulations like NIST, ISO 27001, SOC, PCI-DSS, HIPAA, GDPR, and SOX.
Mission Critical Group is an end-to-end power solutions and services provider that accelerates time-to-power for mission critical environments. With over 1.5 million square feet of U.S. manufacturing capacity, the company supports data centers, healthcare, and industrial facilities where uptime is non-negotiable.
Respond to customer and prospect security/compliance questions and improve repeatable processes and evidence quality.
Upsun is the cloud application platform for hybrid teams, enabling developers to build, ship, and scale confidently without managing backend infrastructure. The company has a remote, global workforce and fosters a multicultural, open, and inclusive culture with a focus on open source and innovation.