• Detect, investigate, and respond to security threats across endpoint and server environments • Improve endpoint visibility and security posture using modern tools and automation • Lead and support incident response activities, including investigation and remediation • Automate repeatable tasks for alerting, reporting, and risk reduction • Partner with IT teams to enhance patching, vulnerability management, and system hardening • Identify, prioritize, and remediate vulnerabilities across a hybrid environment • Monitor systems and networks for suspicious activity or unauthorized access • Contribute to security standards, documentation, and continuous improvement initiatives

• Partner with leaders, product owners, and engineering teams to identify, assess, and prioritize information security risks, translating technical threats into business impact and actionable mitigation strategies. • Serve as the primary security point of contact, providing strategic guidance on security architecture, secure-by-design principles, threat modeling, and risk acceptance decisions for new products, features, and technology investments. • Lead security risk assessments for major business initiatives & projects, M&A activities, third-party integrations, and cloud migrations, leading certifications (SOC 2, PCI-DSS), regulatory & client requirements and internal security policies. • Drive the implementation and continuous improvement of security controls, governance frameworks, and KPIs/KRIs, reporting on the security posture of business units to executive leadership and relevant risk committees. • Champion security awareness and culture across business units by leading training initiatives, tabletop exercises, and incident response simulations, while also supporting real incident response coordination between business stakeholders and the central security teams.

Role Description The Personnel Security Coordinator is responsible for managing the end-to-end Common Access Card (CAC) credentialing lifecycle for C5MI’s government contractor workforce and maintaining accurate records of Government Furnished Equipment (GFE) assignments. This role owns the full CAC and GFE process across multiple DoD agencies, requiring strong organizational skills and meticulous attention to detail. Essential Functions & Responsibilities - Manages the full CAC credentialing lifecycle for new contractor resources, ensuring each onboard is initiated within 2 business days of notification. - Initiates and coordinates contractor sponsorship in the Trusted Associate Sponsorship System (TASS) and completes DEERS enrollment for all new CAC applicants. - Guides contractor resources through the SF86/eQIP process, including form completion instructions and error correction. - Coordinates FBI fingerprint scheduling and tracks submission status for all new resources pending Public Trust adjudication. - Tracks background investigation status for resources across all DoD agency sponsors and provides bi-weekly status updates. - Coordinates interim eligibility determinations and supports resources in understanding their status throughout the adjudication process. - Schedules RAPIDS site appointments and coordinates all logistics for CAC card issuance. - Proactively manages CAC renewals, initiating the renewal process no later than 60 days before expiration. - Maintains the GFE assignment tracker for approximately 190 resources with government-issued computers. - Delivers a monthly CAC and GFE status report to the Program Manager by the 3rd business day of each month. - Responds to resource inquiries regarding CAC status, GFE assignments, and credentialing processes within 4 business hours. - Stays current on DCSA Public Trust policy updates and agency-specific credentialing procedures. - Adheres to all certified processes to maintain high standards of quality and information security. - Performs other related tasks as assigned by direct supervisor. Qualifications - 2+ years of experience in government contractor personnel security or a related administrative role. - Working knowledge of the CAC credentialing process including TASS, DEERS, eQIP/SF86, and RAPIDS. - Familiarity with Public Trust / Tier 3 background investigation processes. - Demonstrated ability to manage a high-volume, multi-stage pipeline of personnel actions. - Strong organizational and recordkeeping skills; proficiency in Microsoft Excel or equivalent tools. - Excellent written and verbal communication skills. - S. citizenship required. - Ability to obtain and maintain TASS Trusted Agent designation. - High school diploma or equivalent required; associate’s or bachelor’s degree preferred. Nice to Have (Not Required) - Prior experience supporting DLA-sponsored programs. - Experience managing GFE or government property records. - Current or prior TASS Trusted Agent designation. - Experience supporting a large, distributed contractor workforce. - CDSE Security Fundamentals Professional Certification (SFPC) or equivalent training. - Proficiency with SharePoint, Teams, or similar platforms. Compensation In accordance with pay transparency law, the expected salary range for this position is $24.92 - $31.15 hourly. The actual compensation offered will be determined based on factors such as the candidate’s experience, qualifications, skills, and location. Benefits - Medical, dental, vision, life, and long-term disability coverage. - 401(k) plan. - Bonus opportunities. - Paid holidays and paid time off. How to Apply To apply for this position, use the application link provided in this job posting and complete the application and submit a resume. If you have accommodation needs, please call us toll free at 1 (904) 431-7922 or send us an email. Equal Opportunity Employer C5MI is an Equal Opportunity Employer that does not discriminate on the basis of any characteristic protected by applicable federal, state, or local laws and ordinances.

Role Description M9 Solutions is seeking a Vulnerability Management Cyber Managed Services Contractor to work remotely in support of a government contract for a client located in Boston, MA. - Develop rapport with others by demonstrating an understanding of their concerns, needs, and issues, and focusing on developing an internal network of relationships that can provide advice and support. - Monitor progress, manage risk, and ensure key stakeholders are kept informed about progress and expected outcomes. - Stay abreast of current business and industry trends relevant to the client's business and cybersecurity. - Assist engagement teams in evaluating client vulnerability management programs across people, process, and technology. - Work with engagement teams to own distinct portions of vulnerability management solutions tailored to client environments. - Perform and control vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls. Qualifications - Bachelor's degree in a related field. - 5 years of related work experience. - Experience with Tenable One. - Demonstrated experience in vulnerability management, including hands-on use of vulnerability management tools. - Prior experience in providing Vulnerability Management services to clients from various industries, demonstrating versatility and adaptability in addressing diverse Vulnerability Management challenges. - Strong written and verbal communication skills with demonstrated ability to interact with senior management, technical SMEs, business partners, and influence decisions. - Must be able to effectively communicate with business partners in non-technical terms. - A willingness to travel to meet client needs. - Familiarity with security and risk standards including ISO 27001-2, CIS, PCI DSS, NIST, ITIL, COBIT. - Knowledge of Windows, Linux, UNIX, and any other major on-prem and cloud-based operating systems. - Hands-on operational experience with vulnerability management tools, including Tenable One modules, including the ability to deploy, configure, and run these tools. - Ability to evaluate vulnerability management tools and assist with vendor selection. - Ability to conduct root cause analysis against vulnerabilities and determine feasible technical solutions. - Knowledge of general cybersecurity concepts and methods including, but not limited to, vulnerability management, privacy, incident response, governance, risk and compliance, enterprise security strategies and architecture. - Ability to help manage cybersecurity projects including development of project charters, plans and status updates. - Experience with scripting/programming skills (e.g., Python, PowerShell). - Experience with utilizing Microsoft Excel and/or PowerBi to develop vulnerability management program metrics. - Familiarity with latest security vulnerabilities and exploits, understanding of web-based application vulnerabilities (OWASP Top 10), cloud security and architecture. - Experience with using factors such as EPSS, CVSS, CISA KEV, and threat intelligence sources to identify and prioritize vulnerabilities. - Proficient knowledge of CVE (Common Vulnerabilities and Exposures) and CWE (Common Weakness Enumeration) frameworks. - Experience in developing and curating meaningful metrics for both executive and operational audiences, translating technical details into actionable insights. Preferred Skills and Qualifications - Strong interpersonal and communication skills to collaborate with clients and present solutions. - Ability to analyze issues both strategically and technically. - Proven ability to influence decisions and work across multiple simultaneous initiatives. - A cybersecurity certification such as the CISSP, CEH, or GSEC. Benefits - Salary Range: $60,000 — $180,000 USD - Competitive compensation package. - Valued diverse perspectives in driving the vision of the company.