• Job Description

  Req#: 26-00235
  Senior Cyber Security Analyst
  Huntsville, AL preferred (Hybrid with ability to be fully remote)
  We are seeking a highly capable Senior Cyber Security Analyst who will support the security operation center as part of a distributed enterprise IT team. This role requires a strong technical foundation across hybrid on-premises and cloud infrastructure, a high degree of responsibility, IT security disciplines, and the ability to operate in a fast-paced, compliance-driven environment. Lead and execute advanced security monitoring, incident response, threat hunting, and risk-reduction activities to protect company assets, systems, and information data. Coordinate with cross-functional teams to improve security posture across enterprise.
  Key Responsibilities:
  • Security monitoring & detection: Design, tuning, maintain IDS/IPS, SIEM, EDR, and log collection pipelines to detect advanced threats.
  • Incident Response: Establish and implement an operational incident-handling capability for organizational systems, encompassing preparation, detection, forensic collection, analysis, containment, eradication, recovery, user response, and post-incident root-cause analysis. Track and document incidents, produce reports and recommendations, notify relevant authorities, and conduct tests of the organization's incident response capability.
  • Threat hunting & intelligence: Proactively hunt for threats across networks, endpoints, cloud, and applications using threat intelligence, YARA rules, KQL queries, and custom tooling.
  • Vulnerability management: Coordinate regular vulnerability scanning, assess risk, prioritize remediation, and validate fixes.
  • Risk assessment & remediation: Conduct risk assessments, threat modeling, and security reviews for systems, applications, and projects; propose mitigations and track remediation.
  • Security architecture & controls: Advise on secure design and configuration for onpremises infrastructure and cloud (Azure/AWS), network, identity, and application layers; implement security controls and hardening.
  • Automation & tooling: Develop automation (playbooks, SOAR, scripts) to streamline detection, response, and reporting.
  • Compliance & governance: Support audits and regulatory compliance programs (e.g., CMMC, NIST 800-171, DFARS 7012) by providing evidence, mapping controls, and remediation tracking.
  • Metrics & reporting: Define and report key security metrics (MTTD, MTTR, incident counts, vulnerability trends); brief technical and executive stakeholders.
  • Collaboration: Work with Enterprise IT, DevOps, HR, legal, and business units to integrate security into product/programs, change management, and release processes.
  Competencies and Traits:
  • Strong problem-solving and investigative mindset.
  • Calm under pressure with decisive incident leadership.
  • Ability to translate technical findings into business risk terms.
  • Proactive, continuous learner who keeps up with threat landscape.
  What we are expecting from you (i.e. the qualifications you must have):
  • 12+ years of hands-on experience in security operations, incident response, threat hunting, or related roles.
  • Strong knowledge of SIEM or logging platform (e.g., Splunk, Elastic, Sentinel), EDR (e.g., CrowdStrike, Microsoft Defender), and network security tooling.
  • Experience with hybrid on-premises/cloud security environments using AWS/Azure and securing physical systems, virtual machines, and containers.
  • Proficiency with one or more scripting languages (Bash, Python, PowerShell, or Perl) and building detection queries.
  • Solid understanding of TCP/IP, DNS, HTTP, SSL/TLS, authentication protocols (OAuth, SAML), and common attack vectors.
  • Solid understanding of MITRE Telecommunication&CK framework/Cyber Kill Chain.
  • Familiar with vulnerability scanning tools (Tenable/Nessus, Qualys), and remediation reporting workflows.
  • Familiarity with FedRAMP controls and cloud security frameworks (AWS, Azure, or hybrid on-premises/multi-cloud environments).
  • Incident response and digital forensics experience.
  • Excellent analytical, communication, and stakeholder management skills.
  • Bachelor's degree in Computer Science, Information Security, Cybersecurity, or 7 years equivalent relevant experience (or relevant certifications).
  • Knowledge of DISA STIGS, CIS benchmarks, STIG Viewer, and SCAP Compliance Checker.
  Preferred Qualifications:
  • Certifications: Security+, CySA+, CEH, CASP+/SecurityX, CISSP, or equivalent.
  • Experience with SOAR platforms (Palo Alto Networks, Splunk, Elastic).
  • Familiarity with compliance frameworks (CMMC, NIST 800-171, NIST 800-53, DFARS).
  • Prior experience in a SOC, MSSP, or large enterprise environment.
  Clearance:
  None
  Expected Travel:
  5-10%
  
  Marathon TS is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Marathon TS will be based on merit, qualifications, and abilities. Marathon TS does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age or any other characteristic protected by law (referred to as "protected status").

• About the company

  The best remote jobs for you

Notice