Sr. Information Security Analyst

Overview:

TISTA Science and Technology is seeking a Senior Information Security Analyst to join our growing team. The ideal candidate will work collaboratively with a high-performing team of cybersecurity experts on a Federal project to support Assessment and Authorization, Audit, and Continuous Monitoring Support

TISTA associates enjoy above Industry Healthcare Benefits, Remote Working Options, Paid Time Off, Training/Certification opportunities, Healthcare Savings Account & Flexible Savings Account, Paid Life Insurance, Short-term & Long-term Disability, 401K Match, Tuition Reimbursement, Employee Assistance Program, Paid Holidays, Military Leave, and much more!

Stay Connected:

Follow us on LinkedIn for updates on this job and other exciting opportunities.

• Demonstrates proficiency developing, managing and executing Assessment & Authorization (A&A) and Authority to Operate (ATO) packages 
• Experience developing, managing and mitigating Plan of Action & Milestones (POA&M’s) 
• Experience with vulnerability management and have the ability to interpret network scans and provide recommendations for remediation 
• Experience in technical writing, specific to security-related documents, policies and procedures
• Experience with developing and maintaining System Security Plans (SSP), Contingency Plans (CP), Configuration Management Plans (CMP), Business Impact Analysis (BIA) Experience with developing and maintaining Privacy related documentation including Privacy Threshold Analysis (PIA) and Privacy Impact Assessment (PIA)
• Experience conducting research and providing review recommendations on software and technologies to address vulnerabilities 
• Demonstrate strong knowledge of migrating and securing IT systems in the cloud 
• Experience with High Value Assets (HVA) systems and their security controls 
• Experience with Privacy related policy and compliance 
• Experience with developing risk impact assessments and risk mitigation strategies 
• Possess experience conducting Contingency Plan testing 
• Strong project management skills and familiarity with standard project management methodologies such as Agile and Scrum 
• Comfortable leading meetings 
• Strong familiarity with NIST Special Publications and guidance, specifically 800-53 rev. 4/rev. 5 and the NIST Risk Management Framework 
• Strong problem solving and analysis skills, self-motivated, leader and able to work and communicate in a team environment 

• A minimum of 5-7 years of demonstrated experience in the Information Security (Cybersecurity or Information Assurance) field 
• Experience with leading and directing the work of others 
• Demonstrates proficiency with developing, maintaining and managing Authorizations and Assessments (A&A) and Authority to Operate (ATO) packages 
• Knowledge of standard concepts, practices, and procedures within program management 
• Strong background in vulnerability management 
• Demonstrates proficiency in IT systems cloud migrations and securing systems in the cloud 
• Experience with developing and managing Plans of Action & Milestones (POA&M’s) 
• A holistic understanding and knowledge of the Risk Management Framework (RMF) as defined by National Institute of Technology (NIST) Special Publication (SP) 800-53 (current revision), Recommended Security Controls for Federal Information Systems and NIST SP 800-53A Revision 4, Guide for Assessing the Security Controls in Federal Information Systems. 
• Strong problem-solving and analysis skills, self-motivated, and able to work and communicate in a team environment. 
• Excellent documentation skills – redacted samples may be requested. 
• Excellent oral and written communication skills. 

Preferred Professional Certifications:

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Auditor (CISA)
• Certified Information Security Manager (CISM)
• CompTIA Security+

Education: 

• Bachelor’s degree or higher in computer science, Information Technology, Information Security, or similar fields. 
• Recommended certifications: 
• Security+ Or Certified Authorization Professional (CAP) 
• Cloud Certification (Azure, AWS, CCSP, Cloud+, etc.) 
• Desired Certifications: 
• Certified Information Systems Security Professional (CISSP); 
• Project Management Professional (PMP)  

Clearance: 

• The ability to pass a Tier 2/Modest Background Investigation

Location:

• Prefer someone in MD, DC or VA Area

Pay Range:

• The pay for this position ranges from $88,730 to $101,500
• The actual salary offer will carefully consider a wide range of factors, including your skills, qualifications, experience, and location
• Also, certain positions are eligible for additional forms of compensation, such as bonuses
• TISTA associates are eligible to participate in our comprehensive benefits plan! More information can be found here: https://tistatech.com/working-at-tista/