Tista Science and Technology Corporation

  • Information Security Analyst (Forensics)

    Job ID 2019-1669
    Job Locations US-MD-Bethesda
  • Overview

    TISTA Science and Technology Corporation, a CMMI Maturity Level 3 company, focuses on delivering information technology and professional services to Federal and State agencies. TISTA is an Inc. 500 company, a recipient of the 2010 Top 100 Service-Disabled Veteran-Owned Businesses from Diversity Business, recognized in Washington Technology's FAST 50 list of the fastest growing small businesses in government contracting in 2012 & 2013, recognized as the Top 25 Fastest Growing Small Technology companies by the Washington Business Journal in 2014 & 2015, and selected as the Veteran Owned Company of the Year in 2014 by the Montgomery County MD Dept. of Economic Development.


    Here at TISTA Science and Technology we value our Veterans and encourage all to apply!


    TISTA Science and Technology is seeking an Information Security Analyst to join our growing team! Members of this team are highly motivated, self-driven, and are given great latitude to operate. Qualified candidates must have great initiative, a positive and healthy questioning attitude, and a drive to continuously help mature SOC Operations and Incident Response (IR).  This role affords the opportunity to work with a great team while serving a fulfilling mission. 


    • Apply strategic, operational, and tactical cyber intelligence to improve security operations
    • Lead and/or support efforts to prepare for, monitor, detect, analyze/confirm, contain, remediate, and recover from security incidents
    • Conduct deep analysis and hunting operations
    • Perform investigation of network traffic and hosts/endpoints for potential security incidents, to include
      • Sensor data and log analysis
      • Netflow data
      • Packet captures
      • Memory analysis
      • Disk forensics
    • Provide adequate metrics, documentation, executive summaries and briefings to leadership and other stakeholders


    • Five or more years of work experience with 3+ years of cyber security work experience
    • One or more certifications in information security (such as GCIA, GCIH, CEH, CISSP, SSCP, Sec+, etc)
    • IDS Admin experience
    • Splunk experience
    • Hunting / reverse engineering experience (this would be ideal, not mandatory)
    • Rule creation
    • High technical ability/aptitude, demonstrated through prior technical experience and accomplishment
    • Network investigation experience, to include netflow and packet/protocol capture and analysis
    • Endpoint/host forensics experience
    • SIEM experience
    • Strong critical thinking, problem solving, and organization skills
    • Strong teamwork and collaboration skills
    • Good written and verbal communication skills

    Sound cyber security knowledge foundation, to include understanding of:

    • Adversary TTPs
    • Network technology and common protocols
    • Network security
    • Host security
    • Malware
    • Security tools and sensors

    Preferred Qualifications:

    • Experience and effective participation in hunt, computer network defense, real-time analysis and incident response activities, to include ability to reconstruct events from network, endpoint, and log data
    • Experience and understanding of host-based/endpoint protection systems
    • Cyber intelligence experience
    • Intelligence community experience
    • Programming experience
    • Scripting experience
    • Server administration experience
    • Enterprise forensic tool(s) experience
    • Federal contract experience


    • BS/BA degree


    • Ability to obtain Public Trust


    • Bethesda, MD


    Here at TISTA Science and Technology we value our Veterans and encourage all to apply!


    TISTA is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.



    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed