Insight Global is seeking a Secret Cleared ISSM to support a federal client in Des Moines, IA. The responsibilities of this position include, but are not limited to:
- Provide status updates for the Cybersecurity / RMF deliverables and timelines. Updates should include tasks completed, project timelines, milestones achieved/missed, deviations and recommended coarse of actions.
- Prepare and deliver presentations to peers, subordinates, and user representatives.
- Responsible for the planning, tracking, assigning and the completion of all ISSM and ISSO primary duties and responsibilities.
- Responsible for training new ISSMs and all ISSOs IAW PWS and Job requirements.
- Maintain accurate and up-to-date records of RMF documentation, Policies, Baselines, Security Assessment Reports, Plans of Actions and Milestones (POA&Ms), and other relevant documents and uploaded into eMASS IAW DTOC, HAF OTI and/or DOD frequency requirements.
- Ensure Security Controls Revalidations for all authorizations are completed within a 2-year period.
- Responsible for ensuring Audit requirements are, tracked, completed, and uploaded into eMASS IAW DTOC AU policy, OTTI, NIST and/or DOD requirements.
- Assess and audit security systems, including firewalls, intrusion detection systems, and access control systems.
- Responsible for ensuring the proper Cybersecurity Authorization documents (Examples: Interconnection Security Agreements (ISA), and Cyber Impact Estimates (CIE)) are authored and submitted to the appropriate officials.
- Plans of Action and Milestones (POAMs), Audits, and any other matrices as requested.
- Develop and deliver security awareness and training programs for all employees, contractors, and other stakeholders about cybersecurity, foster a culture of security within the organization, and reduce the risk of security incidents.
- Monitor and analyze security logs and alerts to detect and respond to security incidents in a timely manner.
Compensation:
$45/hr to $52/hr.
Exact compensation may vary based on several factors, including skills, experience, and education.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
HR@insightglobal.com.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
- 2 years relevant experience with Bachelors in related field; 0 years experience with Masters in related field; or High School Diploma or equivalent and 6 years relevant experience.
IT and/or cybersecurity management experience including security practices, risk management, and compliance.
- Strong understanding of cybersecurity principles, practices, and standards, including NIST Special Publication 800-53 and other relevant federal security guidelines.
- Knowledge of security tools and technologies used for monitoring and protecting information systems.
- Proficient in developing and managing various DoD Risk Management Framework business policies and programs, including but not limited to Incident Response, Access Control, Audits, and Configuration Management.
- Experience with the DoD RMF Assessment and Authorization process, including the development, documentation and approval of multiple systems or enclave Authority to Operate (ATO), Authority to Connect (ATC), and supplemental agreements, including Interconnection Security Agreements (ISA).
At a minimum, possession of DoD Directive 8570/8140 Information Assurance Manager Level II certification.
DISA ACAS Training/Certified
Active, in-scope US Government issued Secret clearance.
- Knowledge of the Risk Management Framework, the documentation, roles, and responsibilities, and how to work on a team pursuing cybersecurity practices compliant with policy, regulation, and best practices
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.