About Traverge

We’ve sat on every side of the compliance table: as 3PAO assessors, as consultants preparing clients, and as engineers building the systems being assessed. That 360-degree perspective is what sets us apart.

Leadership

Jonathan Riddle, Founder & Principal

Jonathan Riddle

Founder & Principal

Jonathan Riddle is a U.S. Army veteran (82nd Airborne Division), cybersecurity executive, and the founder of Traverge, LLC. With over 15 years in federal cybersecurity, he has been on every side of the compliance table: building 3PAO assessment organizations, leading consulting teams through FedRAMP and DoD authorizations, and engineering the cloud infrastructure under review.

His career includes growing a FedRAMP 3PAO from zero market share to the largest by assessment volume, managing compliance programs for one of the world's largest cloud security and zero-trust platforms, and pioneering cloud compliance methodologies dating back to the very first FedRAMP ATO in 2011. He holds CISSP, CISA, CCSK, and FedRAMP Reviewer (FR) certifications and brings deep expertise in FedRAMP, CMMC, NIST RMF, and DoD Impact Levels.

Jonathan founded Traverge to bridge the gap between assessment rigor, strategic advisory, and hands-on security engineering, delivering the kind of compliance guidance that only comes from practitioners who have lived it.

Our Mission

To simplify the path to federal and commercial compliance through expert advisory, independent assessment, and intelligent automation.

The “360-Degree” Perspective

Our team has been the assessor writing the findings, the consultant closing the gaps, and the engineer building the infrastructure under review. This complete view means we anticipate problems before they surface, and solve them before they become findings.

Assessor-Grade Rigor

Every engagement is led by professionals who have conducted FedRAMP assessments, led 3PAO teams, and briefed JAB Technical Reviewers. We don’t guess what assessors will look for. We know, because we were the assessors.

Engineers Who Build

We don’t just write documentation. Our team builds secure infrastructure in Go, Python, Terraform, and Kubernetes across AWS, Azure, and GCP. Compliance guidance backed by hands-on engineering credibility.

What Makes Us Different

Deep, verified expertise that spans the full spectrum of federal cybersecurity.

Pioneering Cloud Heritage

Our team participated in the very first FedRAMP Authorization to Operate in 2011, the Microsoft BPOS-Federal milestone that helped define the future of federal cloud security. Fifteen years of institutional knowledge informs everything we do.

National Security Pedigree

Direct experience supporting USSOCOM, Air Force Global Strike Command, U.S. Space Force, DHS, the White House, and the Department of State. We understand the mission context behind the compliance requirements.

Offensive Security Expertise

GPEN-certified penetration testers who have tested APIs, web applications, cloud platforms, space systems, and 5G/6G networks at multiple DoD classification levels. We find vulnerabilities before adversaries do.

Zero Trust & DevSecOps Leadership

Pioneering Zero Trust architecture for space systems and 5G deployments. Participants in inaugural DoD DevSecOps working groups. Building Continuous ATO capabilities with Kubernetes, service mesh, and automated security pipelines.

Published Thought Leaders

Peer-reviewed authors, SANS Institute subject matter experts, and frequent speakers at industry conferences including ICSJWG, BSides, and AFPM. Our team contributes to the standards and practices that shape the industry.

Military Discipline

Founded and led by veterans of the U.S. Armed Forces who bring the discipline, mission focus, and commitment to excellence that defined their military service into every client engagement.

Our Story

Traverge didn’t start overnight. It was forged over more than a decade of work at the highest levels of federal cybersecurity.

2011

Members of our founding team were part of the effort that achieved the first-ever FedRAMP Interim Authority to Operate for Microsoft BPOS-Federal, a milestone that helped define the future of federal cloud security.

2012–2015

Our team built a FedRAMP Third Party Assessment Organization (3PAO) from the ground up, developing the assessment methodologies and technical rigor that would become industry benchmarks.

2016–2023

Through relentless execution, our leadership grew a 3PAO from zero market share to the largest by assessment volume, earning a reputation for quality, speed, and technical depth across the federal ecosystem.

2024–2025

The vision crystallized: a firm that could bridge the gap between assessment, advisory, and technology. A team was assembled, a platform was conceived, and the blueprint for Traverge was drawn.

2026

Traverge launches, uniting deep assessment expertise, strategic advisory services, and a next-generation compliance platform under one roof.

Collective Expertise

Our team brings deep, hands-on experience across federal compliance, cloud security, offensive testing, and software engineering.

Federal Compliance Authority

FedRAMP 3PAO Lead Assessor experience across 40+ systems. Deep expertise in NIST 800-53, NIST RMF, ISO 27001, SOC 2 Type II, CMMC 2.0, HIPAA, PCI DSS, and CJIS. Direct coordination with JAB TRs, the FedRAMP PMO, and Agency Authorizing Officials.

Cloud & Infrastructure Engineering

Production experience across AWS (Commercial & GovCloud), Azure Government, and Google Cloud Platform. Kubernetes orchestration, Terraform IaC, CI/CD pipeline security, and container hardening in classified and unclassified environments.

Offensive Security & Research

GPEN-certified penetration testing of APIs, web applications, cloud platforms, space systems, ICS/SCADA, and 5G/6G networks. Vulnerability assessments using Nessus, Burp Suite, Qualys, and custom tooling at multiple DoD classification levels.

Software Development

Full-stack engineering in Go (Golang), Python, SQL, and Bash. Building compliance automation, security tooling, and zero-trust authentication systems. M.S. Software Engineering credentials on the team.

What We Do

Three pillars that cover the full compliance lifecycle.

Advisory Services

Strategic compliance consulting across FedRAMP, CMMC, DoD CC SRG, NIST RMF, and commercial frameworks. From readiness through authorization and continuous monitoring. Direct engagement or white-label under your brand.

Explore Consulting →

Independent Assessment

Rigorous, independent security assessments as a FedRAMP 3PAO and CMMC C3PAO. Our assessors bring the perspective of practitioners who understand what it takes to build and maintain compliant systems.

Explore Assessment →

CIPHER Platform

A next-generation compliance platform that reimagines how organizations achieve and maintain authorization. AI-powered automation, continuous evidence collection, and multi-framework intelligence in a single pane of glass.

Learn More →
50+ Years Combined Experience
40+ FedRAMP Systems Assessed
15 Years in FedRAMP
8+ Compliance Frameworks

Team Certifications & Credentials

Industry-leading certifications that reflect deep, verified expertise across cybersecurity and compliance.

CISSP
CISA
GPEN
FedRAMP Reviewer (FR)
BCR
CCA
CCP
CCSK
AWS Certified
CSA STAR
FITSP-O

Service-Disabled Veteran-Owned Small Business

SDVOSB certification in progress.

Veterans Leading the Mission

Traverge is founded and led by veterans of the U.S. Armed Forces who bring decades of military, intelligence community, and federal cybersecurity leadership to every engagement. We understand the mission because we have lived it.

Federal Set-Aside Eligibility

As an SDVOSB, Traverge will be eligible for sole-source and set-aside contract opportunities across federal agencies, making it easier for government organizations to partner with a firm that understands their mission from the inside out.

Let’s Work Together

Whether you need strategic compliance consulting, an independent assessment, or want to learn more about what we’re building, we’d love to hear from you.

Get in Touch