Create a Job Alert.

Enter your email below to save this search and receive job recommendations for similar positions.
Thank you. We'll send jobs matching these to
You already suscribed to this job alert.
No Thanks
What job do you want?

Information Systems Security Officer (ISSO) / Information Security Engineer (ISE) job in Washington at Tista Science and Technology Corporation

Create Job Alert.

Get similar jobs sent to your email

Apply to this job.
Think you're the perfect candidate?
Apply Now

You’re being taken to an external site to apply.

Enter your email below to receive job recommendations for similar positions.
Information Systems Security Officer (ISSO) / Information Security Engineer (ISE) at Tista Science and Technology Corporation

Information Systems Security Officer (ISSO) / Information Security Engineer (ISE)

Tista Science and Technology Corporation Washington, DC, DC Full-Time
Apply Now

Create Job Alert.

Get similar jobs sent to your email

TISTA Science and Technology Corporation, a CMMI Maturity Level 3 company, focuses on delivering information technology and professional services to Federal and State agencies. TISTA is an Inc. 500 company, a recipient of the 2010 Top 100 Service-Disabled Veteran-Owned Businesses from Diversity Business, recognized in Washington Technology's FAST 50 list of the fastest growing small businesses in government contracting in 2012 & 2013, recognized as the Top 25 Fastest Growing Small Technology companies by the Washington Business Journal in 2014 & 2015, and selected as the Veteran Owned Company of the Year in 2014 by the Montgomery County MD Dept. of Economic Development.


TISTA is seeking an Information Systems Security Officer (ISSO) / Information Security Engineer (ISE) to join their team in Washington, DC.


The Information Systems Security Officer will provide Security Assessment and Authorization (SA&A) support to the client and their IT systems within the agency’s inventory. These systems are a combination of General Support Systems, Major Applications, Minor Applications and Subsystem at various impact levels. The ISSO/ISE will be responsible for developing and providing risk assessments, Security Control Assessments (SCA), SA&A documentations and multiple reports, based on NIST guidelines and client’s policies, procedures, and request. The ISSO/ISE will be responsible for providing security recommendations on any system changes or new technologies, analysis on vulnerability scans, conducting continuous monitoring activities, and offer mitigation recommendations to any risks or threats.  



  • Developing a detailed project schedule, including SA&A/SCA task and milestones, task dependencies, and personnel resources
  • Conduct SA&A activities and tasks and obtain Authorization to Operate (ATO) in line with NIST and client guidance and directives
  • Determining the baseline IT Security requirements for IT Systems, identifying system boundaries, determining information categories, assisting with FIPS-199
  • Ensure that IT Systems are operated, used, maintained, and disposed of in accordance with internal security policies and practices
  • Enforce security policies and safeguards on all personnel having access to the IT System for which the ISSO has responsibility
  • Ensure users and system support personnel have the required authorization and need-to-know; have been indoctrinated; and are familiar with internal security practices before access to the IT System
  • Review and generate SA&A and system documentation as needed
  • Selecting baseline controls for the IT System using RSA Archer and tailor security controls as appropriate
  • Implement security controls based on IT System FIPS categorization
  • Documenting security control implementation in the system’s Security Plan using the Library’s Information Assurance (IA) tool (RSA Archer)
  • Conduct SCA for IT systems, when required
  • Document system’s risk assessment per client directives and requirements
  • Develop and document all required artifacts for the SA&A package
  • Conduct Contingency Plan Test (CPT) for systems
  • Review and monitoring system security and audit logs
  • Develop and maintain Plan of Actions and Milestones (POA&Ms) for IT systems
  • Update SA&A documentation and artifacts on a regular basis (e.g. annually, after approved change)


  • A minimum of five (5) years of demonstrated experience in the Information Security (Cybersecurity or Information Assurance) field
  • Demonstrates a proficiency with developing, maintaining and managing SA&A packages
  • Experience with developing and managing POA&M’s
  • Displays technical experience with conducting research and providing review recommendations on software and technologies for vulnerabilities
  • Technical experience with reviewing vulnerability scans and providing mitigation techniques
  • Possess expertise in conducting SCA’s
  • Experienced writing security related policies and procedures
  • Possess experience conducting CPT’s
  • Experience with conducting audit log reviews
  • Experience with NIST Special Publications and guidance
  • Strong problem solving and analysis skills, self-motivated, and able to work and communicate in a team environment
  • Excellent communication (written and verbal) skills


  • Bachelor’s degree or higher in computer science, Information Technology, Information Security, or similar fields



  • A minimum of at least one (1) certification must be active relating to information security such as:
    • Certified Information Systems Security Professional (CISSP)
    • GIAC security certification (e.g. GCIH, GWAPT, GPEN, GSLC, etc.)
    • CompTIA Security +;
    • CEH


·       Library Suitability and Public Trust

Here at TISTA Science and Technology we value our Veterans and encourage all to apply!


TISTA is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.

Recommended Skills

Microsoft Antivirus
Information Security
Information Assurance
Risk Analysis
Continuous Monitoring
Certified Ethical Hacker
Apply to this job.
Think you're the perfect candidate?
Apply Now

Help us improve CareerBuilder by providing feedback about this job: Report this job

Report this Job

Once a job has been reported, we will investigate it further. If you require a response, submit your question or concern to our Trust and Site Security Team

CareerBuilder TIP

For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.