Apply the Risk Management Framework (RMF) to support system authorization activities.
Develop and maintain RMF artifacts and coordinate with stakeholders to ensure systems meet security compliance requirements.
Support the design, implementation, and maintenance of secure cloud architectures.
EXPANSIA delivers high-impact technologies, technology-enabled services and advanced manufacturing solutions to the U.S. Department of Defense and related national security customers. They operate as a multi-entity aerospace and defense technology and tech-enabled services and manufacturing enterprise positioned for scalable growth, operational excellence, and long-term value creation.
Design and implement InfoSec engineering for cloud implementations.
Oversee system security risks and compliance with cybersecurity standards.
Support authorizations and develop artifacts for security milestones.
EXPANSIA, along with JHNA and CTSi, forms a Defense Technology platform delivering high-impact technologies and services to the U.S. Department of Defense. Backed by Falfurrias Management Partners, they offer expertise across various military programs, digital engineering, and specialized manufacturing.
IFS is a billion-dollar revenue company with 7000+ employees on all continents. Their leading AI technology is the backbone of their award-winning enterprise software solutions, enabling customers to be their best when it really matters–at the Moment of Service™.
Performs detailed architecture and technical design reviews on the full stack for vendor solutions.
Conducts architecture reviews of Cloud Service Providers (CSPs) authorization packages to validate the secure design, alignment to FedRAMP and agency requirements.
Completes comprehensive review and comments on documents of CSPs FedRAMP documentation, including but not limited to system security plans, policies and procedures.
Abile Group partners with the Intelligence Community and their Contractors in Enterprise Analytics & Performance Management, IT & Systems Engineering and Program & Project Management. They are an EDWOSB dedicated to their employees and clients, looking for high performing employees who enjoy providing advice and guidance.
Monitor and validate Kubernetes and data lake deployments for compliance.
Maintain continuous monitoring dashboards and conduct vulnerability scans.
Prepare and update system security documentation.
Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. They deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide.
Conduct gap assessments against CMMC/NIST SP 800-171 requirements
Assist with the development and updates to the System Security Plan (SSP) and POA&M
Broadway Ventures transforms challenges into opportunities with expert program management, cutting-edge technology, and innovative consulting solutions. As an 8(a), HUBZone, and Service-Disabled Veteran-Owned Small Business (SDVOSB), they empower government and private sector clients by delivering tailored solutions that drive operational success, sustainability, and growth.
Provide authoritative guidance on complex enterprise architecture decisions.
Provide technical review and approval authority for major system designs.
Apply expertise across the full breadth of TSA’s IT domains.
DMI is a leading provider of digital services and technology solutions, headquartered in Tysons Corner, VA. With a focus on end-to-end managed IT services, DMI supports public sector agencies and commercial enterprises around the globe.
Manage and develop staff members under Product Compliance.
Oversee and contribute to the vulnerability management lifecycle.
Assess and serve as a subject matter expert for regulatory and compliance requirements.
ExtraHop is a company that focuses on network detection and response (NDR) to help organizations stay ahead of emerging threats. They integrate network threat detection, network performance management, intrusion detection, and packet forensics into a single console.
Defining and driving cloud architecture strategy across AWS, Azure, and hybrid multi-cloud environments.
Developing cloud reference architectures and producing cost/benefit analyses for cloud migration options.
Leading cloud security architecture design in alignment with DHS Zero Trust requirements and FISMA standards.
DMI is a leading provider of digital services and technology solutions. They are committed to delivering secure, efficient, and cost-effective solutions that drive measurable results.
Provide expert-level cybersecurity support across cloud and enterprise computing environments.
Evaluate security requirements, identify vulnerabilities, and recommend mitigation strategies.
Weigh business needs against cybersecurity risks and communicate security implications.
JHNA, CTSI, and EXPANSIA have come together to form a Defense Technology platform focused on delivering high-impact technologies and technology-enabled services to the U.S. Department of Defense. The organization operates as a multi-entity aerospace and defense technology, tech-enabled services, and manufacturing enterprise positioned for scalable growth and long-term value creation.
Perform all 7 steps of the Risk Management Framework (RMF) per DoDI 8510.01, producing required deliverables at each step
Develop, maintain, and update RMF packages including System Security Plans (SSP), Security Assessment Reports (SAR), Risk Assessment Reports (RAR), and Plans of Action & Milestones (POA&M)
Ensure compliance with federal, DoD, and DLA cybersecurity requirements, policies, and standards
FWI is building a team to provide Program Management Office (PMO) Support Services for the Defense Agencies Initiative (DAI). It has been recognized as a Top Workplace by the Washington Post in 2024 and 2025, offering excellent growth opportunities in a collaborative environment.
Partner with organizations of all sizes and industries
Evaluate IT and security controls for compliance and effectiveness
Advise on security + privacy requirements (state & federal)
Clark Schaefer Hackett provides customized solutions leveraging strategic skills, financial and operational leadership, and technological advances. They are an elite community that includes trusted advisors with Clark Schaefer Hackett, Clark Schaefer Consulting, and Clark Schaefer Strategic HR.
Conduct structured interviews with partner organizations, operational teams, and technical stakeholders.
Documents end‑to‑end operational workflows and surface implicit, non‑documented practices.
Identify workflow fragility zones, handoff risks, and transition‑period vulnerabilities.
Element serves as a partner at the intersection of innovation and our clients' needs, efficiently crafting meaningful user experiences for government and commercial customers. Our talented professionals bring unparalleled energy engagement, setting a higher standard for impactful work.
Design, deploy, and manage security solutions within Cloud environments( Azure experience preferred).
Assist other security engineering and consulting needs as they arise.
Implement cloud security controls and monitor compliance frameworks (Azure Security Center, Azure Policy, etc.).
UChicago Medicine is a world-class academic healthcare system. We provide superior healthcare with compassion, always mindful that each patient is a person, an individual.
Accelerate Onebrief’s execution of GRC programs supporting NIST RMF, FedRAMP High, CMMC, and SOC2 authorizations
Develop and manage integrated project plans for control implementation, remediation, and continuous monitoring
Coordinate cross-functional teams (Infrastructure, Engineering, Product) to ensure timely delivery of compliance requirements
Onebrief provides collaboration and AI-powered workflow software designed specifically for military staffs, aiming to make them faster, smarter, and more efficient. Valued at $2.15B, the company has raised $320m+ from top-tier investors and operates as an all-remote company.
Identify and remediate security risks across cloud configurations to strengthen overall security posture.
Design and implement scalable security controls aligned with cloud, network, and identity management best practices.
Partner with cross-functional teams to integrate security into system design, development, and deployment processes.
Clario transforms lives by unlocking better evidence for the clinical trials industry. They are a leading provider of endpoint data solutions, with a global team of science, technology, and operational experts supporting over 70% of all FDA drug approvals since 2015.
Support client engagements related to CMMC readiness, implementation, and documentation
Develop, update, and maintain System Security Plans (SSPs)
Assist with NIST SP 800-171, NIST SP 800-53, and FedRAMP documentation, control mapping, and related deliverables
Hotman Group is a remote boutique cybersecurity and GRC firm supporting clients across a range of industries and compliance needs. They value strong writing, quality work, collaboration, sound judgment, and practical execution.
GovCIO transforms government IT with innovative services and solutions. We are a team of passionate people making a positive impact. We are changing the face of government IT and building a workforce that fuels this mission.
Serve as the central point of contact for the Government’s Contracting Officer.
Lead overall contract governance, risk management, staffing oversight, and performance execution.
Ensure compliance with government regulatory cybersecurity requirements.
Electrosoft Services, Inc. provides technology-based solutions and services to federal customers. They focus on cybersecurity, ICAM, enterprise IT modernization, and software solutions and retain qualified employees while offering meaningful work, growth opportunities, and work-life balance.