Provide SA/OSA subject matter expertise to the Information System Security and Authorization program.
Review ATO packages under the RMF for customer systems and the systems of the external partners.
Coordinate and assist with data calls and data collection efforts for audit and compliance reporting.
SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider. With operations across the U.S., they deliver innovative enterprise-wide solutions and targeted services to federal government clients. They value their people and systems to create value for their clients and foster a collaborative team culture.
Serve as the primary cybersecurity point of contact for assigned DoD Information Systems.
Collaborate with stakeholders to ensure system compliance and readiness.
Develop, maintain, and update all RMF authorization and GRC documentation.
LMI is a digital solutions provider dedicated to accelerating government impact with innovation. Investing in technology and prototypes ahead of need, it brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed, employing agile methodology and collaboration.
Administer, configure, manage, patch, upgrade, design, and optimize network and host-based security tools and systems
Evaluate, install, configure, test, and update network and host-based security systems and hardware
Develop network and host-based security systems and security operation center knowledge base articles, how-to documents, standard operating procedures, and policies
Tyto Athene delivers mission-focused digital transformation. With over 50 years of experience, they support Defense, Intelligence, Space, National Security, Civilian, Health, and Public Safety clients across the United States and worldwide.
Conduct structured interviews with partner organizations, operational teams, and technical stakeholders.
Documents end‑to‑end operational workflows and surface implicit, non‑documented practices.
Identify workflow fragility zones, handoff risks, and transition‑period vulnerabilities.
Element serves as a partner at the intersection of innovation and our clients' needs, efficiently crafting meaningful user experiences for government and commercial customers. Our talented professionals bring unparalleled energy engagement, setting a higher standard for impactful work.
AECOM delivers a better world by improving commutes, providing access to clean water, and transforming skylines. They are a trusted infrastructure consulting firm with over 50,000 employees globally, partnering with clients to solve complex challenges and build legacies for future generations.
Manage certification frameworks, including CMMC, NIST, and SOC 2.
Develop, track, and maintain security and compliance policy documents.
Analyze and review system configurations for security vulnerabilities.
Rubris Inc. provides transformational legal technology and solutions for complex business and legal processes in the mass tort industry. They streamline and automate processes to improve efficiency while delivering unprecedented insights and analytics.
Performs detailed architecture and technical design reviews on the full stack for vendor solutions.
Conducts architecture reviews of Cloud Service Providers (CSPs) authorization packages to validate the secure design, alignment to FedRAMP and agency requirements.
Completes comprehensive review and comments on documents of CSPs FedRAMP documentation, including but not limited to system security plans, policies and procedures.
Abile Group partners with the Intelligence Community and their Contractors in Enterprise Analytics & Performance Management, IT & Systems Engineering and Program & Project Management. They are an EDWOSB dedicated to their employees and clients, looking for high performing employees who enjoy providing advice and guidance.
Own the deployment, configuration, and lifecycle management of endpoint security tooling.
Design and enforce security configuration baselines across Windows, macOS, and Linux systems.
Build and manage configuration enforcement mechanisms to detect and remediate drift on endpoints.
Shield AI, founded in 2015, is a venture-backed deep-tech company with the mission of protecting service members and civilians with intelligent systems. With offices and facilities across the U.S., Europe, the Middle East, and the Asia-Pacific, this company's technology actively supports operations worldwide.
Support and execute security incident response activities.
Operate and improve enterprise security controls and tooling.
Coordinate security investigations with DevOps, IT, and Engineering teams.
Keeper Security transforms cybersecurity for organizations around the world with next-generation privileged access management. Keeper’s zero-trust and zero-knowledge cybersecurity solutions are FedRAMP and GovRAMP Authorized, FIPS 140-2 validated, as well as SOC 2 and ISO 27001 certified.
Manage and optimize security tools such as email security, DLP, SIEM, IDS/IPS, EDR, threat intelligence platforms, and other tooling
Design and implement AI-enabled workflows to scale enterprise security and threat operations
Monitor and manage security alerts and incidents, analyze data, and respond to security events
Valon is building the AI-native operating system for regulated finance, starting with mortgage servicing. They are a Series C company backed by a16z, transforming industries that others have written off as too complex to innovate.
Partner with engineering teams to conduct threat modeling.
Build and maintain automated scanning, penetration testing frameworks, and monitoring tools within our AWS CI/CD pipelines.
Champion a "security-first" mindset and host workshops that empower developers to write secure code.
Panopto is a customer-centric learning technology company and the leader in visual and audio-based learning. They empower organizations to share knowledge effortlessly. Panopto has been adopted by more than 1,600 companies and universities worldwide with over 11 million end users.
Serves as a cybersecurity Subject Matter Expert (SME) regarding OT Authorization of information systems and all associated cybersecurity policies and procedures.
Performs a DOD cybersecurity process while either authorizing an information system or serving as a SME for an information system undergoing authorization.
Determines the applicable severity value for an identified vulnerability (e.g., non-compliant security control), and determines the possible ramifications on the system’s current or future authorization.
Amyx is an equal-opportunity employer and a VEVRAA federal contractor. They are committed to considering all qualified candidates regardless of race, color, religion, national origin, age, disability, sexual orientation, gender identity, status as a protected veteran, or any other characteristic protected by law.