Job Requirements
Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Marathon TS is seeking seeking an experienced, automation-obsessed Senior Cloud Linux Administrator to join our compliance-driven DevSecOps team. This is not a "keep the lights on" role. You will be responsible for designing, securing, and managing Linux systems running entirely in the cloud (AWS/Azure/GCP), while engineering automated processes to enforce FedRAMP and NIST 800-53 compliance.
You will act as a Subject Matter Expert (SME), collaborating with security analysts and mission system owners to resolve incidents, minimize service interruptions, and lower the total cost of ownership through aggressive automation.
Key Responsibilities:
Infrastructure & Operations
Security & Compliance
DevSecOps & Collaboration
Required Qualifications:
Preferred Qualifications:
Soft Skills:
Marathon TS is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Marathon TS will be based on merit, qualifications, and abilities. Marathon TS does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age or any other characteristic protected by law (referred to as "protected status ").
You will act as a Subject Matter Expert (SME), collaborating with security analysts and mission system owners to resolve incidents, minimize service interruptions, and lower the total cost of ownership through aggressive automation.
Key Responsibilities:
Infrastructure & Operations
- Cloud-Native Administration: Administer and maintain RHEL/Linux servers and services in cloud-only environments (AWS, Azure, GCP), ensuring high availability and performance.
- Infrastructure as Code (IaC): Utilize Terraform, Ansible, or CloudFormation to define, provision, and manage secure infrastructure. Move away from manual configuration to immutable infrastructure practices.
- Patching & Vulnerability Management: Simplify, automate, and optimize patch management. Track, remediate, and report IAVM vulnerabilities within strict SLAs.
- Monitoring & Logging: Administer enterprise continuous monitoring stacks (e.g., Splunk, Datadog, CloudWatch). Manage Indexers, Forwarders, and automated alerts to ensure proactive system health.
Security & Compliance
- Hardening & Baselines: Design, install, test, and maintain secure baseline machine images (AMIs) compliant with CIS Benchmarks and DISA STIGs.
- Compliance Automation: Implement automated compliance monitoring and remediation guardrails using tools like AWS Config, Security Hub, Cloud Custodian, or OpenSCAP.
- Framework Adherence: Ensure all systems align with FedRAMP, NIST 800-53, CMMC, and RMF requirements.
- Audit Support: Automate the collection of evidence for audits. You will write scripts to generate documentation that proves our security posture, reducing manual fatigue.
DevSecOps & Collaboration
- CI/CD Integration: Integrate security checks (SAST/DAST), container scanning, and compliance guardrails into CI/CD pipelines (GitLab CI, Jenkins, GitHub Actions).
- Scripting & Tooling: Write and maintain robust scripts (Bash, Python, Go) to automate auditing, monitoring, and reporting tasks.
- Mentorship: Provide technical guidance and mentorship to junior team members. Translate complex technical concepts for non-technical stakeholders.
Required Qualifications:
- Experience: 3+ years of experience administering Linux systems (RHEL, CentOS, Ubuntu) in enterprise environments.
- Cloud Mastery: Deep hands-on experience with AWS (primary), Azure, or GCP, including native automation tools (AWS CLI, Systems Manager, Lambda).
- Automation: Proven expertise in scripting (Python, Bash) and Configuration Management (Ansible, SaltStack, Puppet).
- IaC Proficiency: Strong experience with Terraform or CloudFormation.
- Compliance Knowledge: Working knowledge of NIST 800-53, FedRAMP, or DoD SRG/STIGs. You understand why we secure things, not just how.
- Containerization: Experience managing containerized workloads (Docker, Kubernetes/EKS) and securing container supply chains.
Preferred Qualifications:
- Certifications: AWS Certified SysOps/Security Specialty, RHCE (Red Hat Certified Engineer), CKA (Certified Kubernetes Administrator), or HashiCorp Terraform Associate.
- Advanced Tooling: Familiarity with compliance-as-code tools (Chef InSpec, Osquery, Prisma Cloud).
- Security Stack: Experience with vulnerability scanners (Nessus/Tenable, Rapid7) and SIEM management.
- Clearance: Active Secret or Top Secret clearance (or eligibility) is highly desired
Soft Skills:
- Detail-Oriented: A methodical, compliance-driven mindset that refuses to cut corners on security.
- Problem Solver: You don't just fix the error; you fix the process that caused the error.
- Communicator: Excellent documentation abilities. You can explain a root cause analysis to a CEO or an Auditor.
- Autonomy: You thrive in a remote environment and can manage your own time and priorities effectively.
Marathon TS is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Marathon TS will be based on merit, qualifications, and abilities. Marathon TS does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age or any other characteristic protected by law (referred to as "protected status ").
group id: 10362312