• Information Assurance Engineer

    Job ID 2018-1254
    Job Locations US-DC
  • Overview

    TISTA Science and Technology Corporation, a CMMI Maturity Level 3 company, focuses on delivering information technology and professional services to Federal and State agencies. TISTA is an Inc. 500 company, a recipient of the 2010 Top 100 Service-Disabled Veteran-Owned Businesses from Diversity Business, recognized in Washington Technology's FAST 50 list of the fastest growing small businesses in government contracting in 2012 & 2013, recognized as the Top 25 Fastest Growing Small Technology companies by the Washington Business Journal in 2014 & 2015, and selected as the Veteran Owned Company of the Year in 2014 by the Montgomery County MD Dept. of Economic Development.



    The IA Engineer (IAE)/Security Tester is responsible for conducting vulnerability, security control, application, and code assessments. The IAE/Security Tester will also be responsible for the review of scan results, vulnerabilities and risks and providing mitigations and recommendations. Required to continuously update technologies and tools used and recommend new tools if applicable. The IAE/Security Tester will also be responsible for the research of vulnerabilities and new threats in order to keep the client updated with the latest threats. The updating of documentation such as configuration guides, and SOP’s is required. The IAE/Security Tester will also be required to perform other duties as assigned and related to this task area.

    • Conduct vulnerability testing within the client’s environment as captured in the client’s Technical Reference Model or according to best practices
    • Vulnerability Assessments to include:
    • Software code analysis
    • Database security testing
    • Automated vulnerability scanning
    • Security control testing utilizing NIST SP 800-53a
    • Independent Verification and Validation
    • Assist with the research, and planning of new IT Security technologies through the SDLC.
    • Experience with a depth and breadth of IT Security tools and technologies, examples of technologies used are as follows:
    • Qualys / Fortify / CoreInsight / CoreImpact / RSA Archer / Tenable Security Center / Netronome / Application Security AppDetective
    • Update and develop appropriate documentation


    • 3-5 years’ experience in working experience in IT Security, preferably with conducting vulnerability, security control and application security testing (source code review and application testing).
    • Experience with vulnerability scanning tools and technologies.
    • Working knowledge of Security principles, techniques, technologies and procedures.
    • Good understanding of network protocols, design and operations.
    • Strong analytical skills and efficient problem solving.
    • Working technical knowledge of network and host-based intrusion detection and prevention systems.
    • A strong understanding of the vulnerabilities associated with network and application protocols and vulnerabilities effecting the Microsoft Windows operating system.
    • Displays technical experience with conducting research and providing review recommendations on software and technologies for vulnerabilities.
    • Experience with NIST Special Publications and guidance.
    • Self-motivated, and able to work and communicate in a team environment.
    • Excellent communication (written and verbal) skills



    • Bachelor’s degree or higher in Computer Science, Information Technology, Information Security, or similar fields.



    A minimum of at least one (1) certification must be active relating to information security such as:

    • Certified Information Systems Security Professional (CISSP);
    • GIAC security certification (e.g. GCIH, GWAPT, GPEN, GSLC, etc.)
    • CompTIA Security +
    • CEH


    • Public Trust



    • Washington, DC



    Here at TISTA Science and Technology we value our Veterans and encourage all to apply!


    TISTA is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.



    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed