Senior Information Systems Security Officer

Analygence

$120K — $150K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Active TS/SCI security clearance
  • 10+ years of cybersecurity experience
  • 2+ years in A&A, FISMA compliance, and hybrid cloud security
  • Proficient in NIST 800 series and RMF principles
  • CISM, CAP, or GRC certification preferred
  • Hands-on experience with security artifacts and ATO packages
  • Strong communication skills for technical and stakeholder interaction

Responsibilities

  • Perform ISSO duties for Federal information systems
  • Support Risk Management Framework (RMF) activities for authorizations
  • Develop and maintain essential security documentation
  • Create and monitor Authorization to Operate (ATO) packages
  • Collaborate with stakeholders on security vulnerabilities and remediation
  • Review vulnerabilities and conduct continuous monitoring
  • Support compliance reporting and cybersecurity performance metrics

Benefits

  • Opportunity to work on a complex Federal cybersecurity program
  • Engagement with cutting-edge cloud and hybrid technology
  • Direct involvement with high-stakes Federal information systems
  • Collaboration with a diverse team across government and technical sectors
  • Continuous professional development and skill enhancement opportunities
Full Job Description
Description

Tharros is seeking a Senior Information Systems Security Officer to support a DHS Intelligence and Analysis cybersecurity program in the National Capital Region.

This role will support ISSO operations across a complex Federal cybersecurity environment, including Assessment and Authorization, continuous monitoring, ATO package maintenance, POA&M management, security artifact quality, cloud and hybrid system support, and cybersecurity compliance. The ideal candidate is a hands-on ISSO who can maintain accurate authorization evidence, coordinate with technical teams, and help keep mission systems secure, compliant, and authorization-ready.

Responsibilities:

  • Perform ISSO duties for assigned Federal information systems.
  • Support RMF activities, including system categorization, control implementation support, assessment readiness, authorization package maintenance, and ongoing monitoring.
  • Develop, review, validate, and maintain security artifacts such as SSPs, POA&Ms, risk exceptions, contingency plans, privileged user documentation, and privacy-related artifacts.
  • Create, maintain, and monitor ATO packages in GRC tools.
  • Support POA&M development, validation, remediation tracking, exception documentation, closure, and reporting.
  • Collaborate with system owners, ISSOs, ISSMs, developers, engineers, assessors, and other stakeholders to address vulnerabilities, security findings, and remediation actions.
  • Review vulnerability scan results and support recurring continuous monitoring activities.
  • Support audit log review, alert response, and documentation of follow-up actions.
  • Ensure assigned systems remain aligned with applicable cybersecurity policies, procedures, and decommissioning requirements.
  • Support quarterly cybersecurity performance and compliance reporting.
  • Provide ISSO support across hybrid environments, including classified and unclassified on-premise systems, cloud-based systems, DevSecOps environments, and agile development teams.
  • Support security for operating systems and technologies including Linux, Windows, open-source operating systems, and cloud platforms.
  • Support Cross Domain Solution security governance, assessment, and authorization activities.
  • Help improve ISSO workflows, evidence management, POA&M tracking, continuous monitoring, and risk reporting through automation and repeatable processes.
  • Translate compliance status, vulnerability data, and remediation progress into clear updates for technical and leadership stakeholders.


Requirements

  • Active TS/SCI
  • 10+ years of related cybersecurity experience.
  • At least 2 years of recent experience in A&A, FISMA compliance, IC cybersecurity policy and standards, continuous monitoring, CDS, and secure cloud and hybrid engineering.
  • Experience applying NIST 800 series, CNSSI 1253, security controls, and RMF principles.
  • Experience with emerging security risk management practices, including automation of A&A and continuous monitoring activities.
  • CISM, CAP, or GRC certification, or comparable demonstrable experience.
  • Experience developing, reviewing, or maintaining SSPs, POA&Ms, risk exceptions, contingency plans, privileged user documentation, ATO packages, and continuous monitoring evidence.
  • Experience working with GRC tools and coordinating with technical teams to remediate vulnerabilities and maintain authorization readiness.
  • Strong written and verbal communication skills.
  • Ability to work onsite at a Government-approved location as required.


Preferred Qualifications:
  • Prior DHS, Intelligence Community, DoD, CISO office, ISSM, AO, SCA, or national security ISSO experience.
  • Experience supporting large ISSO portfolios, classified systems, hybrid cloud environments, DevSecOps evidence collection, continuous monitoring, and audit readiness.
  • Experience with Archer, eMASS, Xacta, ACAS, Tenable.sc, Splunk, GitLab, Axonius, STIG/SCAP validation, or related Federal cybersecurity tools.
  • Experience with AWS, Microsoft Azure, Microsoft 365, or other cloud platforms.
  • Experience supporting TS/SCI, SCIF, cross-domain, or secure mission environments.

Similar Jobs

More Jobs at Analygence

More Information Technology Jobs

Find similar Senior Information Systems Security Officer jobs: