Overview
JaMaxwell builds and maintains security programs for federal systems across the full Risk Management Framework lifecycle. Our team produces ATO packages, conducts control assessments against NIST SP 800-53 Rev 5, implements continuous monitoring with SIEM and SOAR platforms, and manages Plan of Action and Milestones documentation. We support systems at FISMA Low, Moderate, and High impact levels.
CMMC 2.0 Requirements
CMMC 2.0 (Cybersecurity Maturity Model Certification) establishes cybersecurity requirements for the Defense Industrial Base. Level 1 requires 17 practices based on FAR 52.204-21. Level 2 requires 110 practices aligned with NIST SP 800-171 Rev 2, protecting Controlled Unclassified Information (CUI). Level 3 requires additional controls from NIST SP 800-172 for critical programs. JaMaxwell helps defense contractors assess their current maturity, remediate gaps, prepare documentation for C3PAO assessments, and maintain ongoing compliance.
Why JaMaxwell
- SBA-certified Woman-Owned Small Business (WOSB)
- Primary NAICS: 541512 (Computer Systems Design Services)
- Security-cleared staff with active federal engagements
- Headquartered in Fairfax, VA, 20 miles from the Pentagon
- Demonstrated CMMC 2.0 assessment and implementation capability