Job Requirements
Washington DC Post Office, DC
Top Secret Polygraph not specified
Career Level not specified
$72,000 - $183,000
Job Description
Location: Washington, DC
Pay Range: $35-88/hr based on experience level
Duration: Long-term contract with Insight Global
Insight Global is seeking multiple Information System Security Officers (ISSO) onsite in Washington, DC. In this role, you will support solution accreditation for U.S. Government agencies, working closely with Prime’s engineers to ensure compliance and security standards are met across diverse, modern environments. The ideally candidate will have the ability to defend ATO documentation and evidence in customer conversations and build trust. Day-to-Day Responsibilities include:
• Serve as the primary onsite point of contact for compliance requirements by leading the ATO documentation and monitoring process
• Collaborate with engineering and infrastructure teams to implement and defend security policies and settings.
• Build, maintain, and defend standardized security documentation and evidence of compliance, including ATOs.
• Organize artifacts and accreditation materials into a structured repository; be prepared to answer customer questions and defend documentation in client conversations.
• Operate across multiple environments (AWS, Azure, on-prem, classified networks) to ensure security posture and gather information as needed.
• Provide hands-on support and coordination for evolving security requirements, with a focus on continuous monitoring and supply chain security.
• Communicate confidently with both technical engineers, senior non-technical leaders and government customers
• Participate in multiple teams and projects, adapting to a highly collaborative, fast-paced culture.
REQUIRED SKILLS AND EXPERIENCE
• Active Top Secret security clearance with SCI eligibility (per contract requirements).
• Active DoD 8570 Certification (CISSP or Security+) or ability to obtain within 30 days of start.
• 5+ years of experience in applicable Information System Security.
• Strong Linux experience.
• Strong understanding of modern NIST SP 800-53 (especially access control, communication security, and supply chain security), CNSSI 1253, DISA STIGs, and frameworks like RMF or DIACAP.
• Experience with Authorization to Operate (ATO) packages for an information system within U.S. Government or DoD environments (including Assessment and Authorization (A&A), POA&M (Plan of Action and Milestones), etc.).
• Experience with eMASS or Xacta accreditation management tools.
• Ability to work onsite in Washington, DC and travel up to 25% as needed.
NICE TO HAVE SKILLS AND EXPERIENCE
• Understanding of SDLC and Software supply chain security
• Understanding of containers (fundamental knowledge of how they are built, updated, scanned, distributed, and verified; Kubernetes experience is a plus, but broad understanding is sufficient).
• Experience with AWS, Azure, and on-prem environments.
• Knowledge of configuration management tools (Puppet, Terraform, CloudFormation, Chef, Ansible); ability to describe how these tools are used in ATOs.
• Comfort with Git and vulnerability scanning tools (Nessus, OpenSCAP); ability to ensure scans are running properly and completed.
• Independently conduct Security Control Assessments (SCA): review technical and procedural controls, gather and evaluate evidence (audit logs, configs, vulnerability scans), document findings in Security Assessment Reports (SAR), defend assessment results and validate controls
Pay Range: $35-88/hr based on experience level
Duration: Long-term contract with Insight Global
Insight Global is seeking multiple Information System Security Officers (ISSO) onsite in Washington, DC. In this role, you will support solution accreditation for U.S. Government agencies, working closely with Prime’s engineers to ensure compliance and security standards are met across diverse, modern environments. The ideally candidate will have the ability to defend ATO documentation and evidence in customer conversations and build trust. Day-to-Day Responsibilities include:
• Serve as the primary onsite point of contact for compliance requirements by leading the ATO documentation and monitoring process
• Collaborate with engineering and infrastructure teams to implement and defend security policies and settings.
• Build, maintain, and defend standardized security documentation and evidence of compliance, including ATOs.
• Organize artifacts and accreditation materials into a structured repository; be prepared to answer customer questions and defend documentation in client conversations.
• Operate across multiple environments (AWS, Azure, on-prem, classified networks) to ensure security posture and gather information as needed.
• Provide hands-on support and coordination for evolving security requirements, with a focus on continuous monitoring and supply chain security.
• Communicate confidently with both technical engineers, senior non-technical leaders and government customers
• Participate in multiple teams and projects, adapting to a highly collaborative, fast-paced culture.
REQUIRED SKILLS AND EXPERIENCE
• Active Top Secret security clearance with SCI eligibility (per contract requirements).
• Active DoD 8570 Certification (CISSP or Security+) or ability to obtain within 30 days of start.
• 5+ years of experience in applicable Information System Security.
• Strong Linux experience.
• Strong understanding of modern NIST SP 800-53 (especially access control, communication security, and supply chain security), CNSSI 1253, DISA STIGs, and frameworks like RMF or DIACAP.
• Experience with Authorization to Operate (ATO) packages for an information system within U.S. Government or DoD environments (including Assessment and Authorization (A&A), POA&M (Plan of Action and Milestones), etc.).
• Experience with eMASS or Xacta accreditation management tools.
• Ability to work onsite in Washington, DC and travel up to 25% as needed.
NICE TO HAVE SKILLS AND EXPERIENCE
• Understanding of SDLC and Software supply chain security
• Understanding of containers (fundamental knowledge of how they are built, updated, scanned, distributed, and verified; Kubernetes experience is a plus, but broad understanding is sufficient).
• Experience with AWS, Azure, and on-prem environments.
• Knowledge of configuration management tools (Puppet, Terraform, CloudFormation, Chef, Ansible); ability to describe how these tools are used in ATOs.
• Comfort with Git and vulnerability scanning tools (Nessus, OpenSCAP); ability to ensure scans are running properly and completed.
• Independently conduct Security Control Assessments (SCA): review technical and procedural controls, gather and evaluate evidence (audit logs, configs, vulnerability scans), document findings in Security Assessment Reports (SAR), defend assessment results and validate controls
group id: 10112344
Defining Company Culture
