Security Analyst

You've stumbled upon the rare B Corp government contractor!

At TCG, we aim to prove that businesses can be good to their employees and responsible to their community while being profitable. We're an award-winning IT solutions provider to the Federal government seeking a Security Analyst to join our project team at a major Federal agency.

US Citizenship is required for this role. In addition, the selected applicant must submit to a government background investigation and be favorably adjudicated before their first day.

While primarily remote, this position may require occasional on-site meetings. The selected candidate must live within commuting distance of Washington, D.C.

The Security Analyst will collaborate with operational teams and the Chief Information Officer (CIO) to uphold the security posture and ensure the implementation and maintenance of security controls in compliance with security plans and regulations. This role offers the unique opportunity to develop both Information Security Officer and Systems Engineering skills, eventually transitioning into a mid-level engineering position with a focus on technical work.

RESPONSIBILITIES :

• Prepares vital documentation such as System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs), ensuring adherence to NIST standards.
• Implements and maintains security controls in line with NIST 800-53 Rev. 5, conducts regular security assessments, and performs vulnerability scans to identify and mitigate risks as per NIST guidelines.
• Monitors security logs and events, identifies potential security incidents, and reports them while utilizing NIST incident handling guidelines.
• Supports information assurance programs within the organization.
• Proposes, coordinates, implements, and enforces information systems security policies, standards, and methodologies in alignment with regulatory requirements.
• Tracks, reports on, and provides recommendations regarding the Plan of Action & Milestones (POA&M) to ensure compliance with security controls.
• Conducts security impact analyses (SIA) for planned changes and / or deployments, evaluating their implications on the existing security posture.
• Maintains Federal Information Security Modernization Act (FISMA) inventory records and ensures up-to-date status reporting.
• Develops and implements technical control statements in collaboration with engineering teams to support system architecture designs, configurations, and security integrations.
• Creates documentation for ongoing system management, ensuring traceability of controls back to their original requirements.

REQUIRED SKILLS & EXPERIENCE :

PREFERRED SKILLS & EXPERIENCE :

EDUCATION :

TCG does not discriminate based on race, sex, color, religion, national origin, age, disability, caste, or veteran status.

Our B Corp mission is reflected in our benefits, including offerings like health care, 401K, parental leave, adoption assistance, financial planning services, student loan repayment assistance, and training budget. There's more; see for yourself.

TCG is recognized for treating employees well. In fact, in 2025, The Washington Post named TCG as a "Top Workplace" for the eleventh straight year based on how our employees feel about the company, the benefits TCG offers, and the work / life balance that our staff achieves. In the Washington Post Top Workplace survey, our CEO was ranked best by TCG employees' votes among all midsize companies.

Try us ... we'll make you happy.

Internal title / grade : System Administrator, E2

Salary Range : $95,000 - $120,000