×
Register Here to Apply for Jobs or Post Jobs. X

SOC​/Threat Analyst

Job in Kingsport, Sullivan County, Tennessee, 37660, USA
Listing for: Marathon TS
Full Time position
Listed on 2026-07-01
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below

Local Defender (ISSO/SOC/Threat Analyst)

Marathon TS is hiring for a Local Defender (ISSO/SOC/Threat Analyst) in Kingsport, TN.

Principal Duties and Responsibilities:
  • Serve as the ISSO in support of the ISO for assigned systems, ensuring full compliance with RMF, DoDI 8510.01, and NIST SP 800-53 security control baselines.
  • Manage and maintain all RMF-related documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), Risk Assessment Reports (RARs), and Plan of Action and Milestones (POA&Ms).
  • Conduct security control assessments and facilitate ongoing authorization (ATO/ATC) activities.
  • Work directly with system owners, administrators, and the Government cybersecurity team to ensure all security controls are properly implemented and documented.
  • Coordinate and support all phases of the RMF lifecycle from categorization to continuous monitoring.
  • Lead vulnerability and compliance assessments using automated tools (e.g., ACAS, STIG Viewer) and ensure all findings are remediated or tracked via POA&Ms.
  • Participate in Configuration Control Boards (CCBs) and validate that system changes do not negatively impact security controls or the authorization boundary.
  • Track and report on system compliance metrics, ensuring timely updates to APMS and eMASS and supporting audit readiness activities.
  • Develop and deliver security awareness training, user role validation, and account recertification in accordance with policy.
  • Act as liaison with Authorizing Officials (AOs), Control Assessors (CAs), and NETCOM to facilitate ATO packages and compliance reviews.
  • Monitor and analyze security events from SIEM platforms, firewalls, IDS/IPS, and EDR tools to detect threats and abnormal activity.
  • Support incident response activities and coordinate with local defender to assess impact, containment, and recovery actions.
  • Document all security incidents in alignment with incident handling procedures and provide after-action reports for leadership.
  • Ensure that incident findings are mapped back to RMF controls, and that system documentation is updated accordingly.
  • Monitor Cyber Tasking Orders (CTOs), security bulletins, CVEs, and threat intelligence feeds for relevance to the operational environment.
  • Analyze potential threat vectors and adversary TTPs using frameworks such as MITRE Telecommunication&CK and translate findings into actionable security enhancements.
  • Collaborate with stakeholders to recommend technical and policy-based countermeasures aligned with organizational risk tolerance and mission impact.
  • Prepare detailed risk assessment reports, compliance dashboards, and security briefings for senior leadership and stakeholders.
  • Submit timely updates and artifacts to eMASS and participate in regular cybersecurity status meetings.
  • Provide clear, data-driven recommendations for improving system security postures and addressing identified risks.
  • Coordinate with mission owners and developers to implement security in system development life cycles (SDLC).
  • Maintain awareness and proper configuration of continuous monitoring tools including SIEMs, vulnerability scanners, and audit logging tools.
  • Ensure tools and scripts used for compliance monitoring (e.g., RMF assessments, ACAS scans) are operating effectively and producing accurate outputs.
  • Collaborate with system administrators to remediate security findings and improve hardening based on STIGs and best practices.
Required Experience:
  • Bachelor's degree in Cybersecurity, Computer Science, Information Assurance, or a related field (or equivalent experience). Minimum of 3 related certifications may be used in place of related academic field.
  • Minimum of 10 plus years of work related experience to include 2+ years of direct ISSO or cybersecurity compliance experience, preferably within a DoD or Federal environment.
  • CompTIA Security+, CISSP, or equivalent DoD 8570 IAT Level II/III certification.
  • Active DoD Secret Security Clearance with the ability to obtain Top Secret.
  • Strong working knowledge of RMF, NIST SP 800-53, DoDI 8510.01, DoDI 8500.01, CNSSI 1253, and associated security control families.
  • Familiarity with vulnerability management tools such as ACAS, STIG Viewer, and SCAP Compliance Checker.
  • Familiarity with DRAGOS, Corelight, Splunk, Snort
  • Experience managing cybersecurity artifacts within eMASS or other compliance platforms.
  • Understanding of NETCOM directives and cybersecurity service provider (CSSP) coordination.
Preferred Qualifications:
  • Experience supporting Authority to Operate (ATO) processes, both initial and continuous monitoring.
  • Strong analytical skills for evaluating control effectiveness, incident impact, and system vulnerabilities.
  • Proficiency in security documentation, audit preparation, and stakeholder communication.
  • Familiarity with scripting (e.g., Power Shell, Python) for automating compliance checks or log analysis.
  • Demonstrated ability to balance RMF compliance with operational mission support.
  • Previous experience with Dragos OT Sensor Equipment Preferred.
  • CAP (Certified…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary