Today
Top Secret
Unspecified
Unspecified
wv, WV (On-Site/Office)
Marathon TS is seeking a skilled and detail-oriented Information Systems Security Analyst to support and enhance the cybersecurity posture of enterprise systems. This role is responsible for planning, implementing, monitoring, and improving security controls for computer networks and information systems. The candidate will evaluate and mitigate security risks and ensure compliance with federal cybersecurity standards across the entire system development lifecycle.
Key Responsibilities:
Marathon TS is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Marathon TS will be based on merit, qualifications, and abilities. Marathon TS does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age or any other characteristic protected by law (referred to as "protected status").
#CJJOBS
Key Responsibilities:
- Plan, implement, upgrade, and monitor security controls for information systems.
- Conduct comprehensive assessments of management, operational, personnel, and technical controls to determine control effectiveness and overall system security posture.
- Identify and evaluate technical and operational security risks, threats, vulnerabilities, and weaknesses associated with information systems.
- Ensure information system compliance with federal and industry standards, including:
- NIST (National Institute of Standards and Technology)
- OWASP
- Common Criteria
- DISA
- SANS Institute
- NIST (National Institute of Standards and Technology)
- Support continuous monitoring efforts and conduct control enhancements as required.
- Respond to and investigate computer security incidents, breaches, and malware events.
- Work collaboratively in Agile development environments to ensure secure system design and implementation.
- Review and analyze audit logs using Splunk and create system alerts for anomalous or suspicious activity.
- Provide technical insight based on prior experience in networking, system administration, and software development.
- Demonstrated experience conducting independent security assessments of IT systems.
- In-depth understanding of federal cybersecurity compliance frameworks (e.g., NIST RMF, FISMA).
- Strong technical background in network security, system administration, and/or software development.
- Hands-on experience with Splunk or similar SIEM tools for log analysis and alerting.
- Familiarity with Agile/Scrum development methodologies.
- Strong communication and documentation skills, with the ability to convey technical issues to both technical and non-technical stakeholders.
- Relevant certifications such as Security+, CISSP, CISA, or CISM.
- Experience supporting federal or state government agencies.
- Familiarity with automated security testing tools and continuous monitoring frameworks.
Marathon TS is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Marathon TS will be based on merit, qualifications, and abilities. Marathon TS does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age or any other characteristic protected by law (referred to as "protected status").
#CJJOBS
group id: 10362312
