Small Business Status
JaMaxwell Global Solutions is an SBA-certified Woman-Owned Small Business (WOSB) headquartered in Fairfax, Virginia. We are eligible for WOSB and EDWOSB sole-source contracts up to $4.5 million and competitive set-asides at any contract value. The federal government's 5% WOSB spending goal applies to our contracts.
Under the updated FAR Part 19 rules (effective 2025), follow-on contracts from other socioeconomic programs can be set aside for WOSBs without additional SBA approval, expanding the procurement paths available to agencies working with us.
Our SBA size standard under NAICS 541512 is $34 million in average annual receipts. We operate well within this threshold.
Company Data
SBA-Certified WOSB
541512
$34M avg annual receipts
Fairfax, VA 22031
Pending
Pending
NAICS Codes
Our NAICS codes cover the full range of IT services we provide to federal and civilian organizations: systems design, custom programming, facilities management, and technical consulting.
Computer Systems Design Services
Cloud architecture, systems integration, infrastructure design, and IT modernization planning. This is our primary code and covers the majority of our federal work.
Custom Computer Programming Services
Custom application development, legacy system modernization, API development, and DevSecOps pipeline implementation.
Other Computer Related Services
Cybersecurity services, vulnerability assessment, continuous monitoring, incident response, and compliance assessment against NIST and FedRAMP baselines.
Computer Facilities Management Services
24/7 managed IT operations, server and network administration, patch management, backup and disaster recovery, and SLA-based infrastructure support.
Other Scientific and Technical Consulting
IT strategy consulting, technology maturity assessments, vendor evaluations, and business case development for agency modernization programs.
Contract Vehicles
JaMaxwell is actively pursuing GSA Schedule and other federal contract vehicles. We are also available for direct award under WOSB/EDWOSB set-aside authority and as a subcontractor on existing multi-award IDIQs and BPAs.
GSA Schedule: Application in Progress
We accept direct awards under FAR Part 13 (simplified acquisition), FAR Part 15 (negotiated procurement), and WOSB/EDWOSB sole-source authority. Contact us for current availability and teaming arrangements.
Compliance Framework Alignment
Every JaMaxwell engagement is governed by a compliance framework. We implement controls during system design, validate them through automated and manual testing, and maintain documentation that feeds directly into agency authorization packages and FISMA reporting.
NIST SP 800-53 Rev 5
The primary security and privacy control catalog for federal information systems. We implement and assess controls across all 20 families with particular depth in access control (AC), audit and accountability (AU), security assessment and authorization (CA), configuration management (CM), and system and communications protection (SC). Rev 5 added privacy controls and supply chain risk management, both of which we address in our implementation work.
FedRAMP
We build cloud deployments to FedRAMP Moderate and High baselines and produce the authorization packages agencies need for both the JAB and Agency authorization paths. This includes the System Security Plan (SSP), Security Assessment Report (SAR), and Plan of Action and Milestones (POAMs). We are tracking the FedRAMP 2.0 authorization process changes and the shift toward automation in continuous monitoring.
CMMC 2.0
The Cybersecurity Maturity Model Certification program took effect on November 10, 2025, beginning Phase 1. We support contractors preparing for Level 1 self-assessment (17 practices from FAR 52.204-21) and Level 2 third-party assessment against the 110 controls in NIST SP 800-171 Rev 2. We are also tracking the transition to NIST SP 800-171 Rev 3, which GSA has adopted as the required baseline for contractors handling CUI.
FISMA and RMF
We support the full NIST Risk Management Framework lifecycle across all six steps: categorization (FIPS 199), control selection (NIST 800-53B), implementation, assessment (NIST 800-53A), authorization, and continuous monitoring. Our documentation feeds directly into agency FISMA reporting metrics and IG audit preparation. We also support Ongoing Authorization (OA) programs that replace periodic re-authorization with continuous assessment.
Zero Trust (NIST SP 800-207)
Per Executive Order 14028, federal agencies are required to adopt zero trust architectures. We plan implementations using CISA's Zero Trust Maturity Model across the five pillars: identity, devices, networks, applications and workloads, and data. Our work addresses practical blockers including legacy applications that cannot support modern authentication, network segments without micro-segmentation capability, and identity provider integration gaps.
Team Certifications
The following certifications are held by current JaMaxwell staff. Certification requirements are verified during hiring and maintained through continuing education. We require relevant certifications for all positions where the work touches security controls, cloud architecture, or project management.
- CISSP - Certified Information Systems Security Professional (ISC2)
- PMP - Project Management Professional (PMI)
- AWS Solutions Architect Professional - Amazon Web Services
- Azure Administrator Associate - Microsoft
- CompTIA Security+ - CompTIA
Need our WOSB certification letter, capability statement, or past performance references for a proposal? We can provide them within 24 hours.