user avatar

Senior Information Systems Security Officer

Tharros Defense, Inc.

Posted today

Job Requirements

Washington, DC
Dept of Homeland Security Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries

Job Description

Job Description
Tharros is seeking a Senior Information Systems Security Officer to support a DHS Intelligence and Analysis cybersecurity program in the National Capital Region.

This role will support ISSO operations across a complex Federal cybersecurity environment, including Assessment and Authorization, continuous monitoring, ATO package maintenance, POA&M management, security artifact quality, cloud and hybrid system support, and cybersecurity compliance. The ideal candidate is a hands-on ISSO who can maintain accurate authorization evidence, coordinate with technical teams, and help keep mission systems secure, compliant, and authorization-ready.

Responsibilities:

  • Perform ISSO duties for assigned Federal information systems.
  • Support RMF activities, including system categorization, control implementation support, assessment readiness, authorization package maintenance, and ongoing monitoring.
  • Develop, review, validate, and maintain security artifacts such as SSPs, POA&Ms, risk exceptions, contingency plans, privileged user documentation, and privacy-related artifacts.
  • Create, maintain, and monitor ATO packages in GRC tools.
  • Support POA&M development, validation, remediation tracking, exception documentation, closure, and reporting.
  • Collaborate with system owners, ISSOs, ISSMs, developers, engineers, assessors, and other stakeholders to address vulnerabilities, security findings, and remediation actions.
  • Review vulnerability scan results and support recurring continuous monitoring activities.
  • Support audit log review, alert response, and documentation of follow-up actions.
  • Ensure assigned systems remain aligned with applicable cybersecurity policies, procedures, and decommissioning requirements.
  • Support quarterly cybersecurity performance and compliance reporting.
  • Provide ISSO support across hybrid environments, including classified and unclassified on-premise systems, cloud-based systems, DevSecOps environments, and agile development teams.
  • Support security for operating systems and technologies including Linux, Windows, open-source operating systems, and cloud platforms.
  • Support Cross Domain Solution security governance, assessment, and authorization activities.
  • Help improve ISSO workflows, evidence management, POA&M tracking, continuous monitoring, and risk reporting through automation and repeatable processes.
  • Translate compliance status, vulnerability data, and remediation progress into clear updates for technical and leadership stakeholders.


Requirements
  • Active TS/SCI
  • 10+ years of related cybersecurity experience.
  • At least 2 years of recent experience in A&A, FISMA compliance, IC cybersecurity policy and standards, continuous monitoring, CDS, and secure cloud and hybrid engineering.
  • Experience applying NIST 800 series, CNSSI 1253, security controls, and RMF principles.
  • Experience with emerging security risk management practices, including automation of A&A and continuous monitoring activities.
  • CISM, CAP, or GRC certification, or comparable demonstrable experience.
  • Experience developing, reviewing, or maintaining SSPs, POA&Ms, risk exceptions, contingency plans, privileged user documentation, ATO packages, and continuous monitoring evidence.
  • Experience working with GRC tools and coordinating with technical teams to remediate vulnerabilities and maintain authorization readiness.
  • Strong written and verbal communication skills.
  • Ability to work onsite at a Government-approved location as required.


Preferred Qualifications:
  • Prior DHS, Intelligence Community, DoD, CISO office, ISSM, AO, SCA, or national security ISSO experience.
  • Experience supporting large ISSO portfolios, classified systems, hybrid cloud environments, DevSecOps evidence collection, continuous monitoring, and audit readiness.
  • Experience with Archer, eMASS, Xacta, ACAS, Tenable.sc, Splunk, GitLab, Axonius, STIG/SCAP validation, or related Federal cybersecurity tools.
  • Experience with AWS, Microsoft Azure, Microsoft 365, or other cloud platforms.
  • Experience supporting TS/SCI, SCIF, cross-domain, or secure mission environments.


Summary
Tharros combines extensive cyber defense knowledge with the world's preeminent vulnerability expertise to identify and defend against attacks before they become problems. Working at mission speed, we harden mission systems faster and secure them for longer, so agencies never lose the mission edge. Tharros lifts the veil of enterprise cybersecurity to detect zero days before they affect you, enabling mission maneuverability and the confidence to move missions forward.

In the ever-evolving realm of cyberspace, we are dedicated to becoming the paramount defender in the 5th warfighting domain. By pioneering innovative security solutions and fostering an environment of continuous learning and vigilance, we aim to protect the interests of our nation's security. Our commitment to excellence in cybersecurity will establish new benchmarks, transforming the digital landscape into a secure and thriving frontier for future generations.

Tharros. See Everything. Secure Anything.

Tharros is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer and make employment decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected status.
group id: 10518809
Find Tharros Defense, Inc. on Social Media
Network Employers
user avatar
About Us
Tharros boldly moves missions forward with advanced cyber security tools and deep vulnerability expertise that detect and eliminate threats before they emerge. Tharros combines extensive cyber defense knowledge with the world’s preeminent vulnerability expertise to identify and defend against attacks before they become problems. Working at mission speed, we harden mission systems faster and secure them for longer, so government agencies never lose the mission edge. Tharros lifts the veil of enterprise cyber security to detect zero days before they affect you, enabling mission maneuverability and the confidence to move missions forward. At Tharros, we defend so missions can advance.

Tharros Defense, Inc. Jobs


Job Category
IT - Security