Secret ISSE
Insight Global
This position requires at least a Secret level U.S. Security Clearance and is willing to pay $130,000-$140,000 depending on experience and qualifications.
This position is fully on-site in Washington D.C.
Support the organization's Information System Security Manager (ISSM) and Chief Information Officer (CIO) with Risk Management Framework (RMF) package development as the technical Information Systems Security Engineer (ISSE), in accordance with internal RMF guidance, to achieve Authorization to Operate (ATO).
Assemble all required documentation as outlined by the ISSM and organizational cybersecurity policies for RMF packages.
Assess and implement security controls, Security Technical Implementation Guides (STIGs), and Assured Compliance Assessment Solution (ACAS) scans in compliance with governing policies for servers, networking equipment, workstations, and other IT assets.
Assist system administrators with the implementation and application of all applicable STIGs, industry best practices for security and design, and Information Assurance Vulnerability Alert (IAVA) requirements.
Maintain compliance by verifying completion of Nessus scans, STIG checklists, and SCAP files; report any open findings or vulnerabilities; propose and implement mitigations; and construct Plans of Action and Milestones (POA&Ms) when necessary.
Ensure ongoing compliance using vulnerability remediation and asset management tools, and maintain accurate records in relevant IT portfolio and application management systems.
Demonstrate a strong understanding of NIST standards, national security system guidelines, communications task orders, and vulnerability management protocols.
Create system authorization boundary diagrams and data flow diagrams, ensuring traceability to hardware, firmware, software, ports, protocols, and services (PPS) lists and ACAS results, in compliance with internal cybersecurity standards.
Review system PPS lists and ensure compliance with applicable cybersecurity instructions and frameworks.
Collaborate regularly with internal teams and external stakeholders at various organizational levels.
Participate in recurring status and requirements meetings to facilitate the RMF process and ensure alignment with project timelines and security objectives.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form. The EEOC "Know Your Rights" Poster is available here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .
This position is fully on-site in Washington D.C.
Support the organization's Information System Security Manager (ISSM) and Chief Information Officer (CIO) with Risk Management Framework (RMF) package development as the technical Information Systems Security Engineer (ISSE), in accordance with internal RMF guidance, to achieve Authorization to Operate (ATO).
Assemble all required documentation as outlined by the ISSM and organizational cybersecurity policies for RMF packages.
Assess and implement security controls, Security Technical Implementation Guides (STIGs), and Assured Compliance Assessment Solution (ACAS) scans in compliance with governing policies for servers, networking equipment, workstations, and other IT assets.
Assist system administrators with the implementation and application of all applicable STIGs, industry best practices for security and design, and Information Assurance Vulnerability Alert (IAVA) requirements.
Maintain compliance by verifying completion of Nessus scans, STIG checklists, and SCAP files; report any open findings or vulnerabilities; propose and implement mitigations; and construct Plans of Action and Milestones (POA&Ms) when necessary.
Ensure ongoing compliance using vulnerability remediation and asset management tools, and maintain accurate records in relevant IT portfolio and application management systems.
Demonstrate a strong understanding of NIST standards, national security system guidelines, communications task orders, and vulnerability management protocols.
Create system authorization boundary diagrams and data flow diagrams, ensuring traceability to hardware, firmware, software, ports, protocols, and services (PPS) lists and ACAS results, in compliance with internal cybersecurity standards.
Review system PPS lists and ensure compliance with applicable cybersecurity instructions and frameworks.
Collaborate regularly with internal teams and external stakeholders at various organizational levels.
Participate in recurring status and requirements meetings to facilitate the RMF process and ensure alignment with project timelines and security objectives.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form. The EEOC "Know Your Rights" Poster is available here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .
Por favor confirme su dirección de correo electrónico: Send Email