The FedRAMP Team
Program Management Office (PMO) Goals
- Grow the use of secure cloud technologies in use by government agencies
- Enhance the framework by which the government secures and authorizes cloud technologies
- Build and foster strong partnerships with FedRAMP stakeholders
John Hamilton
John Hamilton is Federal Risk and Authorization Management Program’s (FedRAMP) Program Manager of Security Operations. In this role, he works to ensure effective day-to-day operations of the FedRAMP Program Management Office (PMO)’s Readiness Assessment Review (RAR) process, public-facing website, customer mailbox, and secure repository. He also coordinates with FedRAMP’s Joint Authorization Board (JAB) and independent assessor accreditation body (A2LA) to ensure provisionally authorized Cloud Service Providers (CSPs) and Third Party Assessment Organizations (3PAOs) meet FedRAMP performance standards and guidelines.
John previously worked for Accenture Federal Services and Booz Allen Hamilton where he served as a trusted cybersecurity advisor for the federal government. He provided leadership, strategy, and information assurance expertise to multiple federal agencies to obtain, maintain, and enhance compliance with mandated IT policies. His extensive experience in working to improve program efficiencies and understanding of systems engineering design approaches facilitated the enterprise-wide implementation of the Department of Labor’s Public Key Infrastructure (PKI) and the Department of Defense’s secure mobility strategy.
Ryan Hoesing
Ryan Hoesing joined the team in December 2016 after serving in an executive administrative role for senior leadership at the General Services Administration (GSA). Ryan leads the team that helps manage customer engagement between agencies and Cloud Service Providers (CSPs). Ryan is in charge of making sure that authorization timelines are met through Federal Risk and Authorization Management Program’s (FedRAMP)’s ever-changing kanban boards. In doing so, Ryan helps the FedRAMP Agency Authorization team push the adoption of secure cloud technologies across the federal government.
In previous roles, Ryan has demonstrated proven leadership skills in strategy and business development that he now uses in his current role with the FedRAMP Program Management Office (PMO). Ryan joined GSA in 2014 after serving as a business economic development advisor in the U.S. Peace Corps from 2012-2014. Ryan has taken classes in front-end web development that have helped fuel his interest in Internet of Things and cloud security.
Ryan holds a B.A. in Business Administration from the University of Nebraska-Lincoln and is an avid Nebraska football fan. In 2019, Ryan completed his M.S. in Cybersecurity Management and Policy. Ryan also serves as a Contract Officer’s Representative (COR III) on all FedRAMP contracts.
Marcia Simms
Marcia sits on the Technology Transformation Services Outreach and Marketing team. She joined TTS in February 2024 as the FedRAMP Communications and Outreach Lead. Marcia creates, implements, and oversees strategic communications, outreach and marketing efforts. She promotes and positions FedRAMP externally to key stakeholders, including federal agency partners and private sector tech customers.
In 2022, Marcia joined GSA as a Client Communications Specialist in the Office of Strategic Communication. She completed a short detail assignment as an Outreach Lead for the White House Presidential Innovation Fellows program in 2023.
Marcia is a creative thinker and motivated by solutions-driven problem-solving. Prior to joining GSA, she worked at several different federal agencies doing marketing and communications. In addition to her time at the Department of Transportation’s Federal Transit Administration (FTA) and the National Highway Traffic Safety Administration (NHTSA), she spent several years working as a Senior Marketing Specialist at the Peace Corps and as a Brand Marketing Specialist at the U.S. Postal Service (USPS).
Some of Marcia’s favorite professional projects included assisting with the development of the new brand identification platform and logo for the Peace Corps in 2016; the design and implementation of Peace Corps’ first SaaS-hosted digital asset management system (Brand Central) in 2017; designing and managing commercial sales collateral and training materials for the USPS global business division and point-of-sale materials for over 33,000 USPS retail offices; and managing multi-million dollar paid media campaigns for the release of commemorative stamps like the Harry Potter and March on Washington stamp collections.
Ryan Palmer
Ryan Palmer joined the Federal Risk and Authorization Management Program (FedRAMP) team within the U.S. General Services Administration (GSA) in October 2023, bringing with him a wealth of technical knowledge, data, automation, and cybersecurity experience.
Ryan started in federal service with the U.S. Department of Agriculture (USDA) as a dynamic and eager student intern within their IT department. Demonstrating a natural affinity for technology, he rapidly transitioned to more intricate IT responsibilities. Ryan’s tenure at USDA was marked by a diverse array of roles, each enriching his skill set and contributing to his professional growth. From customer support to supervision, and from application development to operations and integration, his career path was characterized by continual growth and versatility.
In 2021, Ryan seized an opportunity to further specialize his expertise by joining the General Services Administration (GSA) as an Information Systems Security Manager (ISSM) and FedRAMP Joint Authorization Board Technical Reviewer (JAB-TR). This role represented his first venture into a dedicated security and compliance position where he applied his diverse background as subject matter expert in cloud computing and cybersecurity.
Ryan’s approach to work has consistently been data-driven and automation-supported. This methodology not only enhances efficiency but also ensures that the solutions are grounded in tangible evidence and innovative practices. Ryan is driven by a commitment to service and a passion for advancing the use of technology within the federal government
Ryan’s educational background underpins his skillset and approach to work and includes a B.S. in Computer Engineering and a B.S. In Electrical Engineering from North Carolina State University. These qualifications have been pivotal in shaping his technical capabilities and strategic approach to complex IT challenges within the federal government.
Zaree Singer
Zaree is FedRAMP’s Agency Engagement Lead. In this role, she helps agencies understand and navigate the FedRAMP process, and advocates for the adoption of secure cloud technologies. A communicator by trade who became immersed in cybersecurity in 2016, she has the ability to translate complex technical and process information to stakeholders with varying degrees of knowledge on the topic. Focused on FedRAMP adoption, Zaree wants to ensure that agencies have access to a robust portfolio of cloud services necessary to modernize their IT. Zaree co-leads FedRAMP’s Agency Liaison Program, a group of federal cloud security subject matter experts who serve as a crucial connection between the PMO and federal agencies that partner with cloud service providers seeking a FedRAMP Authorization.
Prior to joining FedRAMP, Zaree was an Innovation Adoption Lead with the General Services Administration IT Modernization Centers of Excellence. She was also the Change Management Lead for the Defense Counterintelligence and Security Agency. In all of her prior government roles, she led large-scale transformation efforts, and advised and supported program managers on change management and strategic communication strategies to enhance the success of their initiatives. Before joining the government, Zaree held various positions in industry, and is passionate about bringing the industry perspective to her government work.
A. Michelle White
A. Michelle White is the operations and contract lead for FedRAMP. She joined FedRAMP in 2023 after 20 years in federal acquisitions. Michelle provides operational support and acquisition guidance to FedRAMP and serves as the Designated Federal Official (DFO) for the Federal Secure Cloud Advisory Committee (FSCAC).
In previous roles, Michelle served as the business owner for the Contract Acquisition Life-cycle Management (CALM). CALM aims to modernize all of the internal acquisition processes and systems in GSA’s Federal Acquisition Service (FAS), seeking to improve, streamline, consolidate, simplify and standardize across the numerous programs that account for FAS’ $60B in annual revenue. She also supervised a division of contracting officers and specialists responsible for acquisition support for the largest Federal telecommunications program, Enterprise Infrastructure Solutions (EIS) and led a division of acquisition personnel who awarded and administered contracts supporting the USAccess, Federal PKI Bridge, Networx, and Complex Commercial SATCOM Solutions (CS3) programs. Michelle is passionate about infusing technology into the Federal acquisition process. She previously managed GSA’s distributed ledger technology pilot and advocated for and supported the End User License Agreement (EULA) machine learning/artificial intelligence government challenge.
Prior to government service, Michelle worked as an associate supporting economic publications. Michelle received her Master’s certificate from George Washington University, Master’s degree in History from Miami University and two undergraduate degrees in economics and history from North Carolina State University. She holds FAC-C Level III and FAC-COR Level III certifications.
David Waltermire
David Waltermire joined the Federal Risk and Authorization Management Program (FedRAMP) team in April 2023, bringing over two decades of technical knowledge and leadership experience to the forefront of GSA’s cybersecurity endeavors. His prior work at the National Institute of Standards and Technology (NIST) solidified his reputation as a trusted authority in data-centric approaches to security automation, cybersecurity research, standards development, and leadership. His technical and strategic abilities have positioned him as a trusted authority in the field.
At NIST, David has been instrumental in the development and advancement of various cybersecurity standards, frameworks, and initiatives, including the Security Content Automation Protocol, the Risk Management Framework (RMF), and the National Vulnerability Database. Notably, he has been a driving force behind the establishment and adoption of the Open Security Controls Assessment Language (OSCAL), a standardized format for expressing security controls, assessments, and related information. David’s contributions to OSCAL have played a significant role in enhancing the efficiency, interoperability, and automation of security assessment processes.
At GSA, David continues to be an advocate for innovation and collaboration in cybersecurity as the Lead for Data Strategy and Standards. He continues to be actively engaged with stakeholders from government, industry, academia, and international organizations to promote the adoption and integration of OSCAL into cybersecurity practices. David’s collaborative approach and diplomatic leadership style will continue to foster consensus-building and driven progress in addressing complex cybersecurity challenges, paving the way for enhanced security posture and resilience in organizations worldwide.
A cornerstone of David’s approach at GSA is the integration and promotion of OSCAL into FedRAMPs processes. His advocacy for OSCAL underscores his dedication to streamlining security assessment processes and fostering interoperability and automation in cybersecurity practices. Through strategic collaborations and partnerships, David is working to position GSA at the forefront of cybersecurity innovation and resilience, ensuring that it remains a leader in safeguarding federal cloud services and information.
Samuel Aydlette
Sam Aydlette joined the Federal Risk and Authorization Program (FedRAMP) within the General Services Administration (GSA) in July 2024. He currently serves as FedRAMP’s Vulnerability Management and Continuous Monitoring Lead. In this role, he oversees FedRAMP’s Continuous Monitoring Program. FedRAMP’s Continuous Monitoring program provides Federal Agencies with the insight they need to make ongoing risk based decisions around the continued use of FedRAMP authorized cloud offerings. Throughout Sam’s career, he has intentionally sought out the spaces where cybersecurity policy meets technical security implementation. Prior to joining the FedRAMP Program Management Office, Sam served in various technical security roles at leading companies in the IT industry. Sam is also an Army veteran, having previously served as a paratrooper in the 82nd Airborne.
Sam holds a B.S. in Information Technology with a specialization in Cybersecurity and Networking from Marymount University. He has also earned a CISSP, CEH, and many other industry certifications. He leverages this knowledge and experience to solve complex challenges and reduce cybersecurity risk on behalf of the American public
Pete Waterman
Pete brings decades of experience in the development and adoption of technology services in both the private and public sector. He joined federal service in 2019 with the US Digital Service where he became deeply familiar with the complex web of laws, regulations, policies and standards that make deploying technology in government entirely different from the private sector. Prior to public service, he led engineering teams that delivered internet based services at various size software companies.
Outside of work, Pete likes to explore and has traveled across much of the world by motorcycle or other vehicles - he once turned down a reality tv show because it would limit his ability to just go where the road takes him.