Information Security Analyst

ABOUT THE TEPA COMPANIES

Established in 2005 and owned by the Paskenta Band of Nomlaki Indians, The Tepa Companies deliver comprehensive and sustainable solutions to federal, state, local, and private-sector clients throughout the United States. The tribally owned companies work independently and collaboratively to provide wide-ranging construction, engineering, environmental, industrial, staffing, and technology services.

When you join Tepa Companies, you have the opportunity to expand your entrepreneurial skill set while growing professionally alongside the best in the industry. You will have the opportunity to impact your team, the organization as a whole, and subsequently, our Tribe. 

We seek out top talent to provide the best services for our clients. We focus on being a responsible company for our employees and their families by creating a culture that reflects our core values and offering competitive pay and benefits package. Our benefits package includes comprehensive medical, dental, vision, generous paid time off and holidays, 401(k) plan with company match, life insurance, flexible spending and health savings account, mental health support and resources, short and long-term disability, and tuition reimbursement.

LOCATION: This is a hybrid position requiring regular in-office presence in Alexandria, VA.

ABOUT THE JOB

The Tepa Companies are seeking a Information Security Analyst to assist in protecting Tepa’s digital assets by monitoring systems, identifying potential threats, and ensuring security policies. 

Job Functions:

• Assists in Monitoring Tepa’s security systems and tools to detect and respond to threats, vulnerabilities, and incidents, under supervision of Senior Security Engineer.
• Conducts regular vulnerability assessments, support patch management and remediation efforts.
• Assists with investigations of security breaches and ensure proper incident response procedures are followed.
• Supports the development and enforcement of security policies, standards, and guidelines.
• Collaborates with Senior Security Engineer to ensure security best practices are followed across the organization.
• Assists with compliance efforts related to frameworks and regulations such as CMMC, NIST, ISO 27001, HIPAA, or PCI-DSS.
• Conducts physical security compliance checks at Tepa facilities.
• Documents findings, maintains logs, and prepares reports for IT leadership.

WHAT WE’RE LOOKING FOR

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or other technical focus 
• 3+ years of experience in information security, cybersecurity, or a related IT role
• Experience supporting accreditation efforts aligned with information assurance (IA) frameworks including CMMC, NIST 800-171, ISO 27001, and other common IA frameworks
• Experience with configuration security platforms including CIS Benchmarks, STIG’s, and other hardening guidance
• Familiarity with security tools such as SIEM, antivirus, firewalls, and vulnerability scanners.
• Strong oral and written communication skills with the ability to communicate effectively 
• Strong technical and problem-solving skills, including logical thinking, attention to detail, accuracy, and completeness, as well as a commitment to producing high-quality deliverables 
• Strong interpersonal skills 
• Ability to prioritize tasks to meet multiple schedule deadlines 

Preferred Experience (not required):

• Experience with cloud environments (AWS, Azure, or GCP) and securing SaaS platforms.
• Experience with CMMC compliance

Equal Opportunity Employer/Veterans