Job Description
Support Continuous Monitoring activities for FedRAMP and other compliance functions (NIST 800-53, ISO 27001, SOC audits)
• Update Continuous Monitoring documentation (POA&M, Deviation Requests, Monthly Executive Summary)
• Monitor and assess daily vulnerability reports for FedRAMP-authorized systems
• Identify, track, and report emerging threats and vulnerabilities
• Coordinate with internal teams for timely remediation
• Ensure timely submission of FedRAMP Continuous Monitoring documentation
• Liaise with internal/external auditors for FedRAMP audit support
• Monitor regulatory updates and integrate changes into monitoring processes
• Collaborate across teams to reduce risk and improve compliance
• Vulnerability Management
· Tools: Qualys, Tenable, or other (plus, procurement experience)
· Critical for FedRAMP
· Assess current state of vulnerabilities
• Compliance
· Operate compliant
· Collect evidence for audits (grant work)
· Continuous monitoring
• Collaboration
· Work with internal/external teams across company
· Federal VR sponsor involvement
• All other duties as assigned
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
Tools: Qualys, or Tenable, or other
• Experience in control assessment, third-party risk, and/or cybersecurity
• Foundational knowledge of security frameworks (FedRAMP, ISO27k, NIST, etc.)
• Proven experience in vulnerability management (identification, assessment, tracking, remediation)
• Hands-on experience with vulnerability scanners and SIEM platforms
• Experience with security automation using scripting languages
• Excellent problem-solving skills
• Ability to work independently or collaboratively in a fast-paced environment
• Strong verbal and written communication skills
• Ability to monitor security systems for threats
• Installation/troubleshooting in web-based environments
• Self-motivated
• Can track technical issues
Nice to Have Skills & Experience
• Proficiency in Microsoft Power Automate (building, maintaining, troubleshooting workflows)
• Engineering background
• Ability to understand vulnerability management within the context of security frameworks
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.