CyberSecurity Analyst II



TISTA Science and Technology Corporation, a CMMI Maturity Level 3 company, focuses on delivering information technology and professional services to Federal and State agencies. TISTA is an Inc. 500 company, a recipient of the 2010 Top 100 Service-Disabled Veteran-Owned Businesses from Diversity Business, recognized in Washington Technology's FAST 50 list of the fastest growing small businesses in government contracting in 2012 & 2013, recognized as the Top 25 Fastest Growing Small Technology companies by the Washington Business Journal in 2014 & 2015, and selected as the Veteran Owned Company of the Year in 2014 by the Montgomery County MD Dept. of Economic Development.





TISTA Science and Technology Corporation is searching for a Cybersecurity Analyst to support a government customer with the evaluation of multiple shared services, as well as providing advisory services on the recommended use of shared services to include Cloud initiatives.  The analyst will be responsible for identifying and evaluating shared services, working with system owners to obtain and maintain an Agency ATO for the identified shared services, and establishing and maintaining a continuous monitoring to ensure bi-directional communication of risks with the Agency stakeholders.


Other responsibilities include, but are not limited to:


  • Serve as the subject matter expert responsible for providing expert analysis of cloud cybersecurity architecture, compliance with Federal regulation and policy, and commercial best practices relating to cloud security.
  • Assist the Agency in formalizing knowledge sharing within the System Owners.
  • Review, analyze, discuss, and evaluate the implementation of security controls in multiple information system environments, including dynamic cloud services (IaaS, PaaS, and SaaS) or traditional and static Enterprise Resource Planning computing environment using Agency Authorization and Accreditation tool.
  • Evaluate the performance of ongoing security maintenance, for example, continuous monitoring or continuous diagnostics and mitigation (CDM). Assess the ability of the service provider to maintain an acceptable security posture/ risk threshold.
  • Collaborate with the Agency FedRAMP Program Management Office to access Cloud Service Provider security packages in order to perform continuous monitoring activities.




  • Experience performing one of the following: risk assessments of cloud-based systems, designing and/or implementing network, security, virtualization or cloud system solutions.
  • Must have knowledge of cloud solution principals and technologies.
  • 5 to 7 years of experience with Risk Management Framework (RMF)
  • Experience with security control implementation and evaluation, risk, and vulnerability assessments.
  • Experience with NIST Special Publications and guidance.
  • Strong problem solving and analysis skills, self-motivated, and able to work and communicate in a team environment.
  • Experienced writing security related policies and procedures
  • Ability to communicate with excellent verbal, presentation, and written communication skills at the highest level



  • Bachelor's degree or higher; or relevant work experience
  • A minimum of at least one (1) certification must be active relating to information security such as:
    • Certified Information Systems Security Professional (CISSP);
    • CompTIA Security+, Certified Authorization Professional (CAP)
    • Certified Cloud Security Professional (CCSP), CompTIA Cloud+
    • Certified Ethical Hacker (CEH),
    • Etc.



  • Active Top Secret Clearance required


Location: Washington, DC



Here at TISTA Science and Technology we value our Veterans and encourage all to apply!




Equal Opportunity Statement:

TISTA is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed