ISSO- Top Secret- On Site
Insight Global • Oakton, VA • Posted June 10, 2026
About the Role
Job Description
Experience with DODI 8510.01, 8500.01, NIST SP 800-37, 800-137, 800-53 rev 4/5, 800-39, 800-171 and 800-171A for self-assessments; NIST 800-100, NIST 800-18.
Familiar with creating Assessment and Authorization (A&A) packages in eMASS and/or Xacta and applying security categorization per the NIST FIPS 199 and NIST SP 800-60.
Experience in performing and assessing Security and Privacy Controls per NIST 800-53 rev 4/5 and NIST 800-53a guidelines.
Experience with systems engineering design and development toward a baked-in security design using Information Assurance best practices.
Understanding of the FedRAMP process, coordinating with 3PAO's, and migrating on prem systems to an accredited cloud-based solution (e.g. AWS (GovCloud), Azure).
Understanding of vulnerability and scanning tools such as Assured Compliance Assessment Solution (ACAS) and well-versed in interpreting risk posture resulting from assessment reports.
Knowledge of vulnerability manag...
Experience with DODI 8510.01, 8500.01, NIST SP 800-37, 800-137, 800-53 rev 4/5, 800-39, 800-171 and 800-171A for self-assessments; NIST 800-100, NIST 800-18.
Familiar with creating Assessment and Authorization (A&A) packages in eMASS and/or Xacta and applying security categorization per the NIST FIPS 199 and NIST SP 800-60.
Experience in performing and assessing Security and Privacy Controls per NIST 800-53 rev 4/5 and NIST 800-53a guidelines.
Experience with systems engineering design and development toward a baked-in security design using Information Assurance best practices.
Understanding of the FedRAMP process, coordinating with 3PAO's, and migrating on prem systems to an accredited cloud-based solution (e.g. AWS (GovCloud), Azure).
Understanding of vulnerability and scanning tools such as Assured Compliance Assessment Solution (ACAS) and well-versed in interpreting risk posture resulting from assessment reports.
Knowledge of vulnerability manag...