We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results
New

Senior Information Systems Security Officer

ANALYGENCE
United States, D.C., Washington
Jul 05, 2026
Tharros is seeking a Senior Information Systems Security Officer to support a DHS Intelligence and Analysis cybersecurity program in the National Capital Region.

This role will support ISSO operations across a complex Federal cybersecurity environment, including Assessment and Authorization, continuous monitoring, ATO package maintenance, POA&M management, security artifact quality, cloud and hybrid system support, and cybersecurity compliance. The ideal candidate is a hands-on ISSO who can maintain accurate authorization evidence, coordinate with technical teams, and help keep mission systems secure, compliant, and authorization-ready.
Responsibilities:
  • Perform ISSO duties for assigned Federal information systems.
  • Support RMF activities, including system categorization, control implementation support, assessment readiness, authorization package maintenance, and ongoing monitoring.
  • Develop, review, validate, and maintain security artifacts such as SSPs, POA&Ms, risk exceptions, contingency plans, privileged user documentation, and privacy-related artifacts.
  • Create, maintain, and monitor ATO packages in GRC tools.
  • Support POA&M development, validation, remediation tracking, exception documentation, closure, and reporting.
  • Collaborate with system owners, ISSOs, ISSMs, developers, engineers, assessors, and other stakeholders to address vulnerabilities, security findings, and remediation actions.
  • Review vulnerability scan results and support recurring continuous monitoring activities.
  • Support audit log review, alert response, and documentation of follow-up actions.
  • Ensure assigned systems remain aligned with applicable cybersecurity policies, procedures, and decommissioning requirements.
  • Support quarterly cybersecurity performance and compliance reporting.
  • Provide ISSO support across hybrid environments, including classified and unclassified on-premise systems, cloud-based systems, DevSecOps environments, and agile development teams.
  • Support security for operating systems and technologies including Linux, Windows, open-source operating systems, and cloud platforms.
  • Support Cross Domain Solution security governance, assessment, and authorization activities.
  • Help improve ISSO workflows, evidence management, POA&M tracking, continuous monitoring, and risk reporting through automation and repeatable processes.
  • Translate compliance status, vulnerability data, and remediation progress into clear updates for technical and leadership stakeholders.
  • Active TS/SCI
  • 10+ years of related cybersecurity experience.
  • At least 2 years of recent experience in A&A, FISMA compliance, IC cybersecurity policy and standards, continuous monitoring, CDS, and secure cloud and hybrid engineering.
  • Experience applying NIST 800 series, CNSSI 1253, security controls, and RMF principles.
  • Experience with emerging security risk management practices, including automation of A&A and continuous monitoring activities.
  • CISM, CAP, or GRC certification, or comparable demonstrable experience.
  • Experience developing, reviewing, or maintaining SSPs, POA&Ms, risk exceptions, contingency plans, privileged user documentation, ATO packages, and continuous monitoring evidence.
  • Experience working with GRC tools and coordinating with technical teams to remediate vulnerabilities and maintain authorization readiness.
  • Strong written and verbal communication skills.
  • Ability to work onsite at a Government-approved location as required.


Preferred Qualifications:


  • Prior DHS, Intelligence Community, DoD, CISO office, ISSM, AO, SCA, or national security ISSO experience.
  • Experience supporting large ISSO portfolios, classified systems, hybrid cloud environments, DevSecOps evidence collection, continuous monitoring, and audit readiness.
  • Experience with Archer, eMASS, Xacta, ACAS, Tenable.sc, Splunk, GitLab, Axonius, STIG/SCAP validation, or related Federal cybersecurity tools.
  • Experience with AWS, Microsoft Azure, Microsoft 365, or other cloud platforms.
  • Experience supporting TS/SCI, SCIF, cross-domain, or secure mission environments.
Applied = 0

(web-77cf7d65c7-4rhzf)