Job Description
Insight Global is seeking multiple Information System Security Officers (ISSO) onsite in Washington, DC. In this role, you will support solution accreditation for U.S. Government agencies, working closely with Prime’s engineers to ensure compliance and security standards are met across diverse, modern environments. The ideally candidate will have the ability to defend ATO documentation and evidence in customer conversations and build trust.
• Serve as the primary onsite point of contact for compliance requirements by leading the ATO documentation and monitoring process
• Collaborate with engineering and infrastructure teams to implement and defend security policies and settings.
• Build, maintain, and defend standardized security documentation and evidence of compliance, including ATOs.
• Organize artifacts and accreditation materials into a structured repository; be prepared to answer customer questions and defend documentation in client conversations.
• Operate across multiple environments (AWS, Azure, on-prem, classified networks) to ensure security posture and gather information as needed.
• Provide hands-on support and coordination for evolving security requirements, with a focus on continuous monitoring and supply chain security.
• Communicate confidently with both technical engineers, senior non-technical leaders and government customers
• Participate in multiple teams and projects, adapting to a highly collaborative, fast-paced culture.
Pay will be hourly and varies by level of experience and location. Average Range: ~$35-88/hr. Exact compensation may vary based on several factors, including skills, experience, and education. Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
• Active Top Secret security clearance with SCI eligibility (per contract requirements).
• Active DoD 8570 Certification (CISSP or Security+) or ability to obtain within 30 days of start.
• 5+ years of experience in applicable Information System Security.
• Strong Linux experience.
• Strong understanding of modern NIST SP 800-53 (especially access control, communication security, and supply chain security), CNSSI 1253, DISA STIGs, and frameworks like RMF or DIACAP.
• Experience with Authorization to Operate (ATO) packages for an information system within U.S. Government or DoD environments (including Assessment and Authorization (A&A), POA&M (Plan of Action and Milestones), etc.).
• Experience with eMASS or Xacta accreditation management tools.
• Ability to work onsite in Washington, DC and travel up to 25% as needed.
Nice to Have Skills & Experience
• Understanding of SDLC and Software supply chain security
• Understanding of containers (fundamental knowledge of how they are built, updated, scanned, distributed, and verified; Kubernetes experience is a plus, but broad understanding is sufficient).
• Experience with AWS, Azure, and on-prem environments.
• Knowledge of configuration management tools (Puppet, Terraform, CloudFormation, Chef, Ansible); ability to describe how these tools are used in ATOs.
• Comfort with Git and vulnerability scanning tools (Nessus, OpenSCAP); ability to ensure scans are running properly and completed.
• Independently conduct Security Control Assessments (SCA): review technical and procedural controls, gather and evaluate evidence (audit logs, configs, vulnerability scans), document findings in Security Assessment Reports (SAR), defend assessment results and validate controls
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.