• Partner with leaders, product owners, and engineering teams to identify, assess, and prioritize information security risks, translating technical threats into business impact and actionable mitigation strategies. • Serve as the primary security point of contact, providing strategic guidance on security architecture, secure-by-design principles, threat modeling, and risk acceptance decisions for new products, features, and technology investments. • Lead security risk assessments for major business initiatives & projects, M&A activities, third-party integrations, and cloud migrations, leading certifications (SOC 2, PCI-DSS), regulatory & client requirements and internal security policies. • Drive the implementation and continuous improvement of security controls, governance frameworks, and KPIs/KRIs, reporting on the security posture of business units to executive leadership and relevant risk committees. • Champion security awareness and culture across business units by leading training initiatives, tabletop exercises, and incident response simulations, while also supporting real incident response coordination between business stakeholders and the central security teams.

Role Description The Personnel Security Coordinator is responsible for managing the end-to-end Common Access Card (CAC) credentialing lifecycle for C5MI’s government contractor workforce and maintaining accurate records of Government Furnished Equipment (GFE) assignments. This role owns the full CAC and GFE process across multiple DoD agencies, requiring strong organizational skills and meticulous attention to detail. Essential Functions & Responsibilities - Manages the full CAC credentialing lifecycle for new contractor resources, ensuring each onboard is initiated within 2 business days of notification. - Initiates and coordinates contractor sponsorship in the Trusted Associate Sponsorship System (TASS) and completes DEERS enrollment for all new CAC applicants. - Guides contractor resources through the SF86/eQIP process, including form completion instructions and error correction. - Coordinates FBI fingerprint scheduling and tracks submission status for all new resources pending Public Trust adjudication. - Tracks background investigation status for resources across all DoD agency sponsors and provides bi-weekly status updates. - Coordinates interim eligibility determinations and supports resources in understanding their status throughout the adjudication process. - Schedules RAPIDS site appointments and coordinates all logistics for CAC card issuance. - Proactively manages CAC renewals, initiating the renewal process no later than 60 days before expiration. - Maintains the GFE assignment tracker for approximately 190 resources with government-issued computers. - Delivers a monthly CAC and GFE status report to the Program Manager by the 3rd business day of each month. - Responds to resource inquiries regarding CAC status, GFE assignments, and credentialing processes within 4 business hours. - Stays current on DCSA Public Trust policy updates and agency-specific credentialing procedures. - Adheres to all certified processes to maintain high standards of quality and information security. - Performs other related tasks as assigned by direct supervisor. Qualifications - 2+ years of experience in government contractor personnel security or a related administrative role. - Working knowledge of the CAC credentialing process including TASS, DEERS, eQIP/SF86, and RAPIDS. - Familiarity with Public Trust / Tier 3 background investigation processes. - Demonstrated ability to manage a high-volume, multi-stage pipeline of personnel actions. - Strong organizational and recordkeeping skills; proficiency in Microsoft Excel or equivalent tools. - Excellent written and verbal communication skills. - S. citizenship required. - Ability to obtain and maintain TASS Trusted Agent designation. - High school diploma or equivalent required; associate’s or bachelor’s degree preferred. Nice to Have (Not Required) - Prior experience supporting DLA-sponsored programs. - Experience managing GFE or government property records. - Current or prior TASS Trusted Agent designation. - Experience supporting a large, distributed contractor workforce. - CDSE Security Fundamentals Professional Certification (SFPC) or equivalent training. - Proficiency with SharePoint, Teams, or similar platforms. Compensation In accordance with pay transparency law, the expected salary range for this position is $24.92 - $31.15 hourly. The actual compensation offered will be determined based on factors such as the candidate’s experience, qualifications, skills, and location. Benefits - Medical, dental, vision, life, and long-term disability coverage. - 401(k) plan. - Bonus opportunities. - Paid holidays and paid time off. How to Apply To apply for this position, use the application link provided in this job posting and complete the application and submit a resume. If you have accommodation needs, please call us toll free at 1 (904) 431-7922 or send us an email. Equal Opportunity Employer C5MI is an Equal Opportunity Employer that does not discriminate on the basis of any characteristic protected by applicable federal, state, or local laws and ordinances.

Role Description M9 Solutions is seeking a Vulnerability Management Cyber Managed Services Contractor to work remotely in support of a government contract for a client located in Boston, MA. - Develop rapport with others by demonstrating an understanding of their concerns, needs, and issues, and focusing on developing an internal network of relationships that can provide advice and support. - Monitor progress, manage risk, and ensure key stakeholders are kept informed about progress and expected outcomes. - Stay abreast of current business and industry trends relevant to the client's business and cybersecurity. - Assist engagement teams in evaluating client vulnerability management programs across people, process, and technology. - Work with engagement teams to own distinct portions of vulnerability management solutions tailored to client environments. - Perform and control vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls. Qualifications - Bachelor's degree in a related field. - 5 years of related work experience. - Experience with Tenable One. - Demonstrated experience in vulnerability management, including hands-on use of vulnerability management tools. - Prior experience in providing Vulnerability Management services to clients from various industries, demonstrating versatility and adaptability in addressing diverse Vulnerability Management challenges. - Strong written and verbal communication skills with demonstrated ability to interact with senior management, technical SMEs, business partners, and influence decisions. - Must be able to effectively communicate with business partners in non-technical terms. - A willingness to travel to meet client needs. - Familiarity with security and risk standards including ISO 27001-2, CIS, PCI DSS, NIST, ITIL, COBIT. - Knowledge of Windows, Linux, UNIX, and any other major on-prem and cloud-based operating systems. - Hands-on operational experience with vulnerability management tools, including Tenable One modules, including the ability to deploy, configure, and run these tools. - Ability to evaluate vulnerability management tools and assist with vendor selection. - Ability to conduct root cause analysis against vulnerabilities and determine feasible technical solutions. - Knowledge of general cybersecurity concepts and methods including, but not limited to, vulnerability management, privacy, incident response, governance, risk and compliance, enterprise security strategies and architecture. - Ability to help manage cybersecurity projects including development of project charters, plans and status updates. - Experience with scripting/programming skills (e.g., Python, PowerShell). - Experience with utilizing Microsoft Excel and/or PowerBi to develop vulnerability management program metrics. - Familiarity with latest security vulnerabilities and exploits, understanding of web-based application vulnerabilities (OWASP Top 10), cloud security and architecture. - Experience with using factors such as EPSS, CVSS, CISA KEV, and threat intelligence sources to identify and prioritize vulnerabilities. - Proficient knowledge of CVE (Common Vulnerabilities and Exposures) and CWE (Common Weakness Enumeration) frameworks. - Experience in developing and curating meaningful metrics for both executive and operational audiences, translating technical details into actionable insights. Preferred Skills and Qualifications - Strong interpersonal and communication skills to collaborate with clients and present solutions. - Ability to analyze issues both strategically and technically. - Proven ability to influence decisions and work across multiple simultaneous initiatives. - A cybersecurity certification such as the CISSP, CEH, or GSEC. Benefits - Salary Range: $60,000 — $180,000 USD - Competitive compensation package. - Valued diverse perspectives in driving the vision of the company.

Role Description The Information System Security Officer (ISSO) will be responsible for ensuring the security and compliance of the HHS ACL EITS systems. The ISSO will work closely with the program team to manage and maintain the security posture of information systems, ensuring compliance with federal guidelines such as FISMA, NIST, and other regulatory frameworks. The ISSO will be instrumental in identifying security risks, implementing mitigation strategies, and performing continuous monitoring to maintain a secure operational environment. Responsibilities - Ensure that all HHS ACL EITS systems are in compliance with federal security standards, including FISMA, NIST 800-53, and other relevant federal regulations. - Manage the development, review, and approval of security authorization packages in accordance with the Risk Management Framework (RMF). - Conduct regular security risk assessments and develop risk mitigation strategies. - Oversee and document the development and implementation of security measures across systems. - Track and manage system vulnerabilities and security risks using tools such as vulnerability scanners and other monitoring tools. - Develop, update, and maintain System Security Plans (SSPs). - Lead efforts in continuous monitoring of information systems, ensuring that security controls are operating effectively and adjusting as necessary based on findings from audits or assessments. - Lead the incident response efforts for any security breaches or incidents within the program. - Report security incidents in a timely manner to stakeholders and provide recommendations for resolving the issues. - Work closely with Authorizing Officials (AOs) to ensure that all systems within the program are properly accredited and authorized to operate. - Ensure the security authorization process follows NIST RMF requirements, including developing security documentation, performing security testing, and ensuring corrective actions are implemented. - Develop and deliver security training and awareness programs for staff to ensure compliance with security protocols and federal guidelines. - Work with the program's stakeholders to communicate security requirements and foster a security-conscious culture. - Other duties as assigned. Qualifications - Bachelor’s degree in information technology, Cybersecurity, or additional experience in lieu of a degree. - 5+ years of experience in cybersecurity, information assurance, or a related field, preferably within a federal environment. - Certified Information Systems Security Professional (CISSP), or equivalent experience and knowledge commiserate with certification requirements. - US Citizenship and ability to successfully pass Public Trust Background Investigation is required. Preferred Qualifications - 5+ years of experience in security architecture, security assessment, or a related cybersecurity role within a federal or government environment. - Successfully pass background and drug screening. Knowledge, Skills, and Abilities - Certified Information Security Manager (CISM) preferred. - Certified Information Systems Auditor (CISA) preferred. - Proven experience with FISMA, NIST RMF, and FedRAMP controls. - Strong understanding of security frameworks (NIST, FISMA, etc.). - Proficient with security tools, such as vulnerability scanners, security incident event management (SIEM) systems, and intrusion detection systems (IDS). Benefits - Broad range of benefits offered to team members. - Opportunities for professional development and skill sharpening. - Supportive culture that encourages team members to do their best work. - Well-being programs to maintain a healthy work-life balance. - Focus on corporate citizenship and positive social impact in communities. Teleworking Details - 100% remote. Estimated Salary/Wage - Up to USD $140,000.00/Yr.