Zermount, Inc

Role Description Zermount Inc. is seeking a Scrum Master who can drive Agile excellence and empower teams to deliver high-quality products and services to our government clients. As a Scrum Master on our project, you will: - Coach and guide cross-functional teams through Scrum events. - Remove impediments and foster a culture of continuous improvement. - Partner with stakeholders at all levels to align priorities and drive decision making. - Translate complex requirements into actionable sprint goals that deliver measurable outcomes. - Champion Agile best practices and elevate team performance through coaching, mentoring, and data-driven retrospectives. - Balance Business as Usual operational demands with strategic initiatives. - Build trust, resolve blockers, and inspire high performance. - Help teams navigate ambiguity and deliver results in a fast-paced environment. Qualifications - Prior experience on a scrum team. - Knowledge of scrum and agile techniques. - Strong communication, interpersonal and mentoring skills. - Technical knowledge of complex enterprise IT systems. - Ability to work with and lead a team. - Experience communicating effectively, both oral and written, with technical, non-technical, and executive-level customers. - Knowledge in risk assessment methodologies. - Experience with cloud-based environments and technologies is preferred. - Excellent communication skills, with the ability to explain complex concepts in a clear, concise manner. - Strong problem-solving skills, proactive attitude towards identifying potential issues and implementing solutions. - The ability to organize and motivate a project team. Requirements - Expertise in Agile frameworks and methodologies including Scrum, Kanban, and hybrid approaches. - Advanced proficiency in Agile project management tools including Jira for sprint management, backlog refinement, velocity tracking, and delivery metrics reporting. - Experience with Power BI or similar dashboarding tools for data-driven retrospectives and program visibility. Preferred Qualifications - Experience coaching teams through Agile adoption and transformation. - Certifications such as PSM, PSPO, CSM, SAFe, PMI-ACP, PMP, or ITIL. - Familiarity with ITIL, PMBOK, Scrum Guide, Kanban, and Agile best practices. - Experience in regulated, compliance-driven, or governance-heavy environments. - Data visualization and reporting experience (Power BI or similar dashboarding tools). - Planning and managing IT projects. Competencies - Agile Coaching & Facilitation. - Impediment Resolution & Risk Assessment. - Communication & Facilitation. - Continuous Improvement & Process Optimization. - Mentorship & Coaching. - Program & Project Management. - Innovation & Process Improvement. - Stakeholder Collaboration. Education and Certifications - Master's degree preferable but professional experience is permitted. - Bachelor's degree and 4 years of product or project development experience, and 3 years of project development experience on an Agile Team or an equivalent combination of education and work experience. - At least one of the following Agile certifications: - Agile Scrum Master. - Agile Project Manager. - Agile Scrum Professional. Clearance Level - Public Trust. Work Location - Remote work authorized; travel may be required to client location in Alexandria, VA. Hours of Operation - Business Hours: 8:00 am EST - 4:30 pm EST. Reporting Structure - Reports to: USPTO Program Manager.

Role Description Zermount is seeking a HR Manager who serves as the senior and hands-on HR professional for a growing Service-Disabled Veteran-Owned Small Business (SDVOSB) providing cybersecurity, Enterprise IT, and Technical Management services to federal government and commercial clients. The Human Resources Manager leads the organization's human resources function and serves as the primary authority for HR operations, employee relations, compliance, workforce planning, and talent acquisition oversight. This role ensures HR programs support the organization's growth while maintaining compliance with federal contractor regulations and employment laws. The HR Manager partners closely with executive leadership, program managers, and recruiting staff to ensure the company attracts, develops, and retains the workforce required to support corporate growth and contract performance. The HR Manager ensures organizational alignment with federal labor regulations, contract-specific staffing requirements, and corporate governance standards. Qualifications - 7+ years of progressive leadership experience in a regulated environment (federal government, DoD, or federal contractor). - 3+ years of experience supporting federal government contracting. - Experience supporting cleared workforce. - Demonstrated experience advising executive leadership. - Demonstrated experience with federal regulatory compliance, audit readiness, or internal controls. - Experience managing personnel and advising senior leadership. - Working knowledge of federal appropriations, fiscal law, or DoD financial management principles. - Ability to interpret and implement regulatory requirements. - Strong documentation, reporting, and policy implementation skills. - Demonstrated ability to quickly develop subject matter expertise in employment law and HR compliance. - Familiarity with FAR/DFARS, federal labor compliance, or federal workforce regulations. - Exposure to personnel management, civilian workforce administration, or manpower planning. - Experience with personnel management and payroll systems (e.g., HRIS, HCMS, Cost Accounting Systems, etc.) and handling sensitive documents with high security. - Possesses strong analytical skills and has high integrity and discretion. Requirements - Strong communication and interpersonal skills, with the ability to interact with employees at all levels. - Experience in handling employee relations and conflict resolution. - Familiarity with federal and state employment laws and regulations. - Proficiency in HCMS or HRIS platforms (e.g., iSolved, SAGE, ADP, etc.), and MS Office Suite (Word, Excel, PowerPoint). - Ability to maintain confidentiality and handle sensitive information with discretion. - Strong problem-solving skills and the ability to work both independently and as part of a team. - Detail-oriented with excellent organizational and time management abilities. - Experience in the benefits of administration and payroll coordination is preferred. - Experience managing timesheets and timecards. - Ability to manage multiple tasks and projects with competing deadlines. Benefits - Manage employee health and welfare plans and ensure regulatory compliance. - Manage employee benefits programs including health, retirement, disability, ancillary benefits and retirement plans; as well as plan changes and claim resolution. - Maintain relationships with benefits brokers and external vendors. - Lead annual open enrollment and benefits communication initiatives. - Ensure competitive and compliant compensation practices and packages. - Ensure compliance with ACA reporting, COBRA administration, ERISA requirements, and applicable regulatory requirements and state laws. - Review and assist in the reconciliation of benefits broker invoices monthly and communicate necessary adjustments in a timely manner. Work Location The primary location is Zermount HQ (Arlington, VA). Remote may be authorized by a member of the Executive Team. Onsite visits to the Primary location may be required. Hours of Operation - Zermount's official corporate business hours are from 8:00 am ET to 7:00 pm ET.

ZERMOUNT POSITION DESCRIPTION (PD) SECURITY & RISK ENGINEER (SRE) POSITION OVERVIEW Zermount Inc. is seeking a System Risk Engineer (SRE) to support system risk analysis and ensure that federal information systems comply with Information Assurance and cybersecurity standards. The SRE exists to ensure organizational systems are secure, resilient, and defensible in real-world operating conditions, not simply compliant with security documentation. This role directly contributes to mission assurance by identifying, validating, and reducing cybersecurity risk through direct technical assessment, control validation, and risk-based decision support across enterprise environments. Operating at the intersection of security engineering, risk assessment, and compliance, the SRE transforms federal mandates (e.g., NIST RMF, FISMA, EO 14028, OMB directives) into measurable security outcomes by validating the effectiveness of security controls within live systems. The role requires continuous evaluation of system posture through hands-on analysis of architectures, configurations, logs, vulnerability data, and control implementations across cloud, network, operating system, application, and database layers. This position demands foundational technical expertise across multiple domains, enabling the SRE to assess complex enterprise environments, identify exploitable conditions, and determine whether implemented security controls effectively reduce risk. The SRE is expected to go beyond documentation review and verify findings through system-level evidence, testing, and analysis, ensuring the findings reflect actual operational risk. The SRE is a core enabler of Zermount's Modern GRC mindset, which emphasizes: - Continuous, real-time risk identification during compliance assessments - Risk prioritization based on exploitability, exposure, and mission impact - Direct integration with engineering and operations teams to drive remediation - Elimination of "check-the-box" compliance in favor of validated security outcomes You will be directly responsible for supporting system authorization and mission assurance by producing objective, defensible, and technically accurate findings that enable Authorizing Officials, ISSOs, and system owners to make informed risk decisions. This includes conducting security control assessments, validating Zero Trust implementation, analyzing architectural and configuration changes, and ensuring that remediation actions are both effective and sustainable to reduce risk. DUTIES & RESPONSIBILITIES General Duties - Execute Security Assessments (SA), Risk Assessments (RA), and Ongoing Authorization (OA) activities by validating security controls in live environments, not solely through documentation review - Conduct technical verification and validation of security controls across operating systems, applications, databases, cloud platforms, and network infrastructure - Identify real-world security risks, including exploitable vulnerabilities, misconfigurations, weak trust boundaries, and control failures - Perform continuous risk analysis using outputs from vulnerability scans, penetration testing, logging platforms, and configuration assessments - Develop risk-based findings and POA&M matrices, prioritizing remediation based on exploitability, exposure, and mission impact - Produce executive-quality artifacts (SARs, risk memos, ATO packages, executive briefings) with validated, evidence-backed findings - Conduct impact analysis for Requests for Change (RFCs), identifying security implications of architectural, configuration, or system modifications - Validate Zero Trust implementation and alignment across system architectures and capabilities - Perform technical assessments of system architecture, data flows, and trust boundaries to identify control gaps - Conduct compliance validation for TIC, FISMA, and federal cybersecurity mandates through technical inspection and testing - Ensure all deliverables meet accuracy standards with zero rework required and are aligned to program and client expectations - Provide weekly status reporting and briefings with clear articulation of risks, risk mitigation progress, and technical findings SUBJECT MATTER EXPERTISE (SME) SME Area #1 – Primary Expertise: Security Assessment & Technical Risk Validation Expert-level means: - Deep knowledge of: - NIST RMF (800-37, 800-53, etc.) - FISMA, EO 14028, OMB M-21-31 / M-22-09 - FIPS 199/200 - TIC, Zero Trust principles (CISA ZT MM, NIST 800-207, etc.) - Ability to independently conduct: - Security Control Assessments (SCA) - Risk Assessments (RA) - ATO/OA activities - Capability to validate controls using: - System configurations - Logs and telemetry - Vulnerability scanning outputs - Conducting system interviews and demos - Ability to identify real-world attack vectors and control failures, and develop actionable remediation actions that the system teams can use to successfully remediate findings Required Tools Experience: - Vulnerability scanning tools such as: Tenable, Qualys, CrowdStrike, etc. - Log analysis platforms such as: Splunk, Microsoft Sentinel, IBM QRadar, etc. - Configuration and system inspection tools such as: Ansible, Terraform, Puppet, etc. - GRC platforms such as: Archer, ServiceNow, etc. SME Area #2 – Secondary Expertise: Multi-Domain Technical Depth You must have deep knowledge of one or more of the following technical domains and must demonstrate the ability to leverage this experience to inform and complete compliance-related tasks. Technical Domains - Cloud: AWS/Azure (IAM, logging, network security, misconfigurations) - Network: Segmentation, firewalls, boundary protections, Zero Trust enforcement points - Systems: Windows/Linux hardening, identity systems (AD, MFA) - Databases/Data: Access control, encryption, auditing QUALIFICATIONS Minimum Requirements - 7+ years of cybersecurity experience supporting U.S. Government systems - 4+ years performing RMF, ISSO, Assessment, or GRC functions with direct technical validation responsibilities - Demonstrated hands-on experience in at least two technical domains (cloud, network, systems, or databases) - Proven ability to analyze: - System configurations, ATOs, and other supporting security documentation - Logs/telemetry - Architecture documentation and data flow diagrams - Proven ability to conduct technical assessments across multiple domains Preferred Qualifications - Experience with Zero Trust assessments and implementation validation - Experience with CDM, ISCM, and enterprise logging programs - Experience supporting DHS/FISMA environments - Familiarity with threat-informed defense and attack vector analysis Competency - Advanced technical risk analysis and prioritization - Independent problem-solving in ambiguous environments - Strong collaboration with system teams, federal leads - Ability to translate complex technical findings into actionable recommendations - Clear communication with both engineers and leadership Education & Certifications - Bachelor of Science (B.S.) in Computer Science, IT, Cybersecurity, or a related field, and a minimum of 7 years of IT cybersecurity experience, including direct support for the US Government and 4 years acting as an ISSO, Assessor, Compliance, RMF, or GRC with a technical validation role. - Without a B.S. in a relevant field - A minimum of 13 years of IT Cybersecurity experience, including direct support for the US Government, and 4 years acting as an ISSO, Assessor, Compliance, RMF, or GRC with a technical validation role. - At least one of the following security certifications is required: - Certified Authorization Professional (CAP) - Certified Information Security Auditor (CISA) - Certified Information Security Manager (CISM) - Certified Information Systems Security Professional (CISSP), or Certified Chief Information Security Officer (CCISO) - Governance Risk & Compliance Certification (CGRC) - Or alternatively approved certifications Clearance Level Minimum of active Secret Clearance and ability to obtain and maintain DHS suitability WORK LOCATION - The position is primarily remote – Continental U.S only - Primary location when on site: Arlington, VA, and Springfield, VA - Must be willing to travel - Not to exceed 10% of the time HOURS OF OPERATION - 8:00 am EST – 4:30 pm EST - Times may fluctuate based on client and business requirements REPORTING STRUCTURE - Reports To: Security Risk Engineering Team Lead - Direct Reports: N/A

CYBERSECURITY ARCHITECTMILITARY FRIENDLY AND PREFERRED - HOH SPONSOR We are seeking a hands-on Cybersecurity Architect to support a Government Agency operating in a complex hybrid environment across on-premises and cloud infrastructure. This role serves as the technical design authority for the contract, leading cybersecurity architecture, Zero Trust implementation, and Continuous Authorization to Operate (cATO) efforts aligned with EO 14028, NIST guidance, and the Federal Zero Trust Strategy. The Cybersecurity Architect will develop enterprise security architecture and roadmaps, design and implement Zero Trust capabilities, support cloud and network security modernization, and help automate security monitoring and compliance evidence collection. This role will also evaluate emerging technologies, lead proof-of-concept efforts, translate mission needs into technical solutions, and collaborate with government leadership, project teams, and stakeholders to deliver secure, compliant outcomes. Qualifications: - 10+ years of hands-on IT/cybersecurity experience - Experience in cybersecurity architecture, engineering, and compliance - Knowledge of LAN/WAN, WAF/CDN/DDoS, firewalls, IDS/IPS, and inline decryption - Experience with NIST RMF, FedRAMP, FISMA, and NIST SP 800-53 - Experience with SIEM platforms (Splunk preferred) - Knowledge of virtualization, container security, CI/CD, microservices, and serverless security - Cloud security experience required, including AWS and hybrid/multi-cloud; Azure or GCP is a plus Education:Bachelor's degree in Computer Science, Engineering, IT, Cybersecurity, or related field. Relevant experience may substitute. Certifications:Industry-recognized cybersecurity certifications aligned with DoD 8570/8140 IAM Level III or IAT Level III preferred. Preferred: CCSP, AWS Solutions Architect Associate, AWS Security Specialty. Clearance: Must be able to obtain and maintain a Public Trust.Location: Remote with occasional travel.Hours: Core Hours 8:00 AM – 4:00 PM EST.

SUMMARY: We are seeking a highly specialized Palo Alto Next Generation Firewall (NGFW) Engineer with expertise in complex environments to join Zermount's team. The Palo Alto NGFW Engineer will play a pivotal role in designing, implementing, and maintaining network security infrastructure tailored for one of our Federal client's complex environments. The Palo Alto NGFW Engineer will configure, implement, administer, & maintain the suite of Palo Alto NGFWs to include SSL decryption & inspection of all inbound & outbound web traffic with inline service chain & traffic forwarding, review & make recommendations on all exceptions to Palo Alto rule configurations & implement as appropriate. Integrate Wildfire analysis into decrypted SMTP traffic flow, and enhance threat detection capabilities by configuring & tuning the NGFW against known & unknown threats. This role demands an exceptional understanding of advanced network security practices and hands-on proficiency in Palo Alto NGFW configurations within intricate settings. DUTIES & RESPONSIBILITIES: - Architect, configure and oversee Palo Alto NGFWs, customizing security solutions for the unique requirements of the Federal client. - Configure, implement, administer, and maintain PA NGFW to include decryption and inspection of all inbound and outbound web traffic with inline service chain and traffic forwarding, - Craft, administer, and optimize intricate security policies, rules, and access controls specific to Palo Alto firewall settings, addressing the client's complex network architecture. - Review and make recommendations on all exceptions to Palo Alto NGFW rule configurations and implement them as appropriate. - Integrate Wildfire analysis into decrypted SMTP traffic flow. - Enhance threat detection capabilities by configuring and tuning the NGFW against known and unknown threats. - Expand PA coverage with full implementation for all client's environments. Ensure PA logging ties user-IDs to traffic, and logs are fed into the client's SIEM architecture as well as passive network inspection tools. - Conduct vigilant monitoring of network traffic and security alerts within the client's context, swiftly responding to and mitigating sophisticated security threats. - Collaborate closely with cross-functional teams, adapting network security strategies to suit client's multifaceted environment and unique challenges. - Provide expert technical support and rapid troubleshooting for Palo Alto NGFW-related issues tailored to client's specific setup. - Troubleshoot and resolve service requests and submit and implement change requests as required. QUALIFICATIONS: - 5 years of hands-on experience in network security engineering with 3 years of Palo Alto experience. EDUCATION: - A minimum of a bachelor's degree in computer science, Information Technology, or a related field. - Experience may be considered as a substitute for the degree requirement. CERTIFICATIONS: - A minimum of one (1) Palo Alto Technical (Engineering or Administrator) Certification is required, such as PCNSA. CLEARANCE: - Minimum Background Investigation (MBI). LOCATION: - Remote (Initial onboarding in Arlington, VA) - Minimal travel may be required if requested by the agency. HOURS: - 8:00 am ET - 4:30 am ET - Ability to pass a minimum background investigation.