Serve as the primary subject matter expert for IAM and ERP security across the CAPPS program, managing the full identity lifecycle and enforcing RBAC and least-privilege modeling.
Monitor authentication and authorization logs for anomalies, coordinate with the client's Information Security Office, and oversee secure integration of third-party applications via SAML, OAuth, OIDC, SCIM, and custom APIs.
Participate in annual IT control audits, review technical deliverables for CAPPS architecture and security system plans, and serve as a security advisor during procurement cycles.
Partner with engineers and security SMEs to design, improve, and implement Identity and Access Management (IAM) solutions for VA.gov products.
Analyze security metrics and access management trends to inform how the program approaches security architecture.
Develop and document requirements for IAM solutions including identity lifecycle, role management, separation of duties, and access workflows.
Oddball believes that the best products are built when companies understand and value the things they are working on. They value learning and growth and the ability to make a big impact at a small company.
Design and support end-to-end lifecycle of workforce identity systems.
Define and enforce RBAC and group-based access policies.
Support other operational and on-call duties.
Valon is building the AI-native operating system for regulated finance, starting with mortgage servicing. They are a Series C company backed by a16z, transforming industries that others have written off as too complex to innovate.
Identity & Access Management system improvement and maintenance.
Conduct research of key stakeholders to ensure the best possible alignment of the IAM system.
Create and update internal system, process, and workflow documentation.
Oregon Health & Science University (OHSU) has a comprehensive approach to digital identity and access management, with a focus on new integrations and constant improvement. ITG is committed to service excellence and they meet their mission by creating positive experiences for their customers by understanding their needs and keeping their promises.
Serve as primary technical oversight resource for a statewide ERP program, developing strategic roadmaps and translating complex technical concepts for executive audiences.
Monitor managed services vendor performance against contractual SLAs, identify gaps, escalate risks, and drive resolution across PeopleSoft FSCM and HCM 9.2 environments.
Provide technical oversight of CAPPS Central production and deployment activities supporting 100+ Texas state agencies and multiple Hub instances, ensuring platform stability and compliance.
RESPEC is an employee-owned company that tackles complex challenges in energy transition, infrastructure resilience, digital transformation, and sustainability. Since 1969, the company has grown to work alongside clients globally, fostering a culture of ownership and real impact where employee ideas drive solutions.
Lead the design and evolution of Kaseya’s IAM platform, defining architecture and technical direction across multiple products.
Build and operate core IAM platform services, APIs, and integrations for authentication, authorization, and identity governance.
Partner with Security, Compliance, and Product teams to meet governance and regulatory requirements while mentoring engineers.
Kaseya is the leading provider of AI-powered IT management and cybersecurity software, serving Managed Service Providers (MSPs) and internal IT organizations worldwide. Backed by Insight Partners, Kaseya has experienced sustained double-digit growth, supports customers in over 20 countries, and manages over 15 million endpoints worldwide.
Serve as a member of Sword's GRC team, contributing to security compliance across all products and services.
Define and maintain the CMMC assessment boundary, working across infrastructure, engineering, and business teams to ensure the scope is accurate and defensible.
Translate identified gaps into prioritized remediation tasks with clear ownership, for audiences ranging from DevOps engineers to clinical operations managers.
Sword Health is building AI to heal billions and unlock humanity’s full potential. As both a clinical-centric frontier AI lab and an applied AI platform, Sword is reimagining how care is delivered at scale. They have over 700,000 members across three continents and have raised more than $500 million from leading investors.
Act as the primary point of contact for external auditors and lead the end-to-end execution of PCI DSS audits.
Orchestrate and lead the quarterly and semi-annual user access review process across all critical systems.
Execute and maintain a comprehensive, year-round Security Awareness Training program.
Subsplash builds The Ultimate Engagement Platform™ for churches, Christian ministries, non-profits, and businesses around the world. They are an award-winning team of 280+ mission-driven people who are committed to humility, innovation, and excellence.
Design and implement automation, dashboards, and integrations that power our Governance, Risk, and Compliance (GRC) operations.
Operationalizing and expanding our GRC platform (Drata), building AI-assisted workflows that automate evidence collection, control monitoring, and vendor risk.
Manage project delivery across multiple GRC automation initiatives simultaneously — maintaining clear scope, milestones, and stakeholder visibility without sacrificing quality.
1Password is building the foundation for a safe, productive digital future. They innovated the market-leading enterprise password manager and pioneered Unified Access Management, a new cybersecurity category built for the way people and AI agents work today. 1Password has surpassed $400M in ARR and has over 180,000 businesses using their product.
Maintain and improve information security policies, standards, and procedures.
Support SOC 2, ISO 27001, and HITRUST readiness, audit preparation, and evidence collection.
Support vendor security reviews, third-party risk assessments, and remediation tracking.
Benepass is making benefits easy through its customizable fintech platform. They enable People teams to implement, administer, and track benefits that meet employees where they are. The company has raised approximately $75 million in equity capital and is backed by leading investors.
Design and evolve identity services that power secure access across 1Password products.
Architect scalable systems for authentication, authorization, federation, session management, and policy enforcement.
Mentor engineers at various stages of their careers and foster technical growth.
1Password is building the foundation for a safe, productive digital future. As one of the most loved brands in cybersecurity, they take a human-centric approach from product strategy to user experience. They have surpassed $400M in ARR and have over 180,000 businesses trusting their platform.
Partner with Security Engineering, Risk, Product, and Infrastructure teams to bake security and compliance into the process.
Dive deep into the security stack to identify execution blockers and actively architect the technical solutions to implement them.
Define the technical milestones for high-stakes initiatives like Zero Trust and IAM overhauls, translating a broad vision into a precise execution roadmap.
Human Interest aims to provide all workers access to retirement benefits. They are a high-growth fintech company that is financially backed by investors such as BlackRock, TPG, and SoftBank.
Play a pivotal role in promoting a culture of security awareness and ensuring the protection of organizational assets against cyber threats.
Monitor various security systems to promptly detect and respond to any security incidents, and lead in investigating security breaches and incidents.
Conduct comprehensive assessments of security risks and evaluate third-party vendor security measures to gauge the effectiveness of existing security controls and identify areas for enhancement.
Numeris is Canada’s most trusted and authoritative source for broadcast measurement and consumer behaviour data. We have been recognized for over 75 years as providing the gold standard in audience intelligence. The company values continuous learning and career advancement opportunities with collaborative, curious, and dedicated teams.
Work collaboratively with a team of assessors as a federal compliance specialist, planning and executing assessments for clients.
Draft audit observations, lead interview walkthroughs, and assess security vulnerabilities against appropriate frameworks.
Prepare and review assessment reports, educate clients on compliance activities, and manage priorities to achieve delivery targets.
Coalfire is on a mission to make the world a safer place by solving clients’ hardest cybersecurity challenges. They are thought leaders, consultants, and cybersecurity experts, and a team of passionate problem-solvers with offices across the U.S. and U.K.
Design and implement comprehensive security architectures for network, application, data protection, and identity management.
Identify and assess security risks, developing mitigation strategies to reduce organizational risk.
Leverage automation across the technology stack to ensure best practices in Identity and Access Management.
HealthEdge provides software solutions for the healthcare industry. The company fosters a positive, fun, and collaborative work environment with an emphasis on mentoring and building influence.
Diagnose, prioritize, and drive security program maturity.
Translate security requirements into engineering practice.
Own the compliance surface without losing sight of real risk.
Aledade helps independent primary care practices survive and thrive, aiming to bend the healthcare cost curve. They are the largest network of independent primary care in the country.
Manage privileged access controls, identity governance, and security across cloud and enterprise environments.
Design and implement automation for identity workflows, access validation, and remediation activities.
Collaborate with Security, Infrastructure, and Engineering teams to strengthen identity security.
Sporty Group is a remote-first company focused on building scalable and secure software systems. They have a distributed team with a culture of sustainability and performance-based bonuses.
Own complex post-sale technical relationships, guiding onboarding through adoption and renewal.
Lead technical implementation, including integrations, configuration, and security reviews.
Partner with Customer Success Managers to proactively identify risks and drive expansion opportunities.
1Password is building the foundation for a safe, productive digital future. We ensure every identity is authentic, every application sign-in is secure, and every device is trusted. We are a fast-paced, dynamic environment, with over 180,000 businesses trusting our products.
Improve Ophelia's IT systems by focusing on seamless integration, automation, and security to elevate our employee experience.
Develop plans and execute our IT strategy, ensuring the highest quality standards across all projects, and communicating clearly and proactively to bring stakeholders along with you.
Manage our IT MSP towards constant improvement.
Ophelia is a healthcare startup that provides FDA-approved medication and clinical care through a telehealth platform to individuals with OUD. They are a team of physicians, scientists, entrepreneurs, researchers and White House advisors, backed by leading technology and healthcare investors working to re-imagine and re-build OUD treatment in America.
Lead and manage technology-focused projects and programs targeting IAM strategy across the enterprise.
Drive program roadmap, features, prioritization, and releases for assigned vertical, managing risks and issues.
Provide clear communication of program and project status to cross-functional teams, leadership, and stakeholders.
NBCUniversal is a leading media and entertainment company that creates world-class content across film, television, and streaming. They operate entertainment and news brands, including NBC, Telemundo, Bravo, and Peacock, and are a subsidiary of Comcast Corporation.