Today
Top Secret
Unspecified
Unspecified
IT - Security
(On-Site/Office)
Marathon TS is looking for an Endpoint Security Analyst to:
• Review existing security events and lead in the research and development of refinements and mitigations as necessary.
• Serve as a trusted resource in providing technical responses and guidance on technical and procedural security features of a system.
Required Qualifications
*Note: Presence on-site is mandatory for two days per week, either in Washington, DC, or Manassas, VA.
• Subject Matter Expert (SME) on two (2) or more of the following: Mobile Security, Vulnerability Management, Patch Management, Windows GPOs.
• Ability to identify new data sources and analysis techniques for the determination of vulnerability events:
• Analyze raw data sources to extract, institutionalize, and document actionable events.
• Review existing vulnerability events and propose refinements, automation, and/or broaden handling capabilities as appropriate.
• Ability to communicate the current status of security posture:
• Identify and report on metrics related to the operations of the team.
• Identify and report on project status related to augmenting security posture.
• Identify and report on current vulnerability/risk state of overall architecture.
• Ability to develop detailed multi-month and resourced project plans providing timely updates.
• Ability to lead in the development of technical security standards to support policies including monitoring standards and incident investigation procedures.
• Interact with other stakeholders in the community for troubleshooting/content development/etc. This interaction could include other members of cybersecurity, the networking team, systems administrators, technology support partners, etc.
• Work with executive management to determine acceptable levels of risk for the enterprise.
• Assist in the development and performance of quality control checks for endpoint security operations.
• Assist in the development and performance of operational metrics for endpoint security operations.
• Ability to review event logs, develop standardized queries, collaborate with colleagues to develop handling instructions/standard operating procedures, perform cross-training, tune and perform continuous improvement, and maintain these queries throughout their lifecycle. Ability to handle quality assurance on events and escalations, including performing triage and root cause analysis on security events.
• Ability to communicate with and assist customers in developing and deploying secure configuration settings and practices - and developing automated mechanisms to change and enforce configuration settings.
• Ability to work with internal and external groups to identify, determine feasibility, prioritize, track, and resolve findings (configuration settings/software updates/etc.) to improve overall cybersecurity postures.
• Ability to contribute to cybersecurity project plans providing timely updates.
• Ability to communicate the status of endpoint security, to include developing, executing, documenting, and training repeatable organizational metrics.
Marathon TS is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Marathon TS will be based on merit, qualifications, and abilities. Marathon TS does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age or any other characteristic protected by law (referred to as "protected status").
#CJJOBS
• Review existing security events and lead in the research and development of refinements and mitigations as necessary.
• Serve as a trusted resource in providing technical responses and guidance on technical and procedural security features of a system.
Required Qualifications
*Note: Presence on-site is mandatory for two days per week, either in Washington, DC, or Manassas, VA.
• Subject Matter Expert (SME) on two (2) or more of the following: Mobile Security, Vulnerability Management, Patch Management, Windows GPOs.
• Ability to identify new data sources and analysis techniques for the determination of vulnerability events:
• Analyze raw data sources to extract, institutionalize, and document actionable events.
• Review existing vulnerability events and propose refinements, automation, and/or broaden handling capabilities as appropriate.
• Ability to communicate the current status of security posture:
• Identify and report on metrics related to the operations of the team.
• Identify and report on project status related to augmenting security posture.
• Identify and report on current vulnerability/risk state of overall architecture.
• Ability to develop detailed multi-month and resourced project plans providing timely updates.
• Ability to lead in the development of technical security standards to support policies including monitoring standards and incident investigation procedures.
• Interact with other stakeholders in the community for troubleshooting/content development/etc. This interaction could include other members of cybersecurity, the networking team, systems administrators, technology support partners, etc.
• Work with executive management to determine acceptable levels of risk for the enterprise.
• Assist in the development and performance of quality control checks for endpoint security operations.
• Assist in the development and performance of operational metrics for endpoint security operations.
• Ability to review event logs, develop standardized queries, collaborate with colleagues to develop handling instructions/standard operating procedures, perform cross-training, tune and perform continuous improvement, and maintain these queries throughout their lifecycle. Ability to handle quality assurance on events and escalations, including performing triage and root cause analysis on security events.
• Ability to communicate with and assist customers in developing and deploying secure configuration settings and practices - and developing automated mechanisms to change and enforce configuration settings.
• Ability to work with internal and external groups to identify, determine feasibility, prioritize, track, and resolve findings (configuration settings/software updates/etc.) to improve overall cybersecurity postures.
• Ability to contribute to cybersecurity project plans providing timely updates.
• Ability to communicate the status of endpoint security, to include developing, executing, documenting, and training repeatable organizational metrics.
Marathon TS is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Marathon TS will be based on merit, qualifications, and abilities. Marathon TS does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age or any other characteristic protected by law (referred to as "protected status").
#CJJOBS
group id: 10362312
