Position Title: Senior Cyber Vulnerability Analyst/Assessor – Space Systems and Mission Platforms
Marathon TS is seeking an experienced professional to perform full-spectrum cybersecurity assessments across complex aerospace and defense programs. This position focuses on identifying and validating weaknesses within mission-critical space platforms and their supporting infrastructures. The ideal candidate will combine deep technical expertise, creativity, and leadership to uncover high-impact vulnerabilities and help system owners mitigate risk effectively.
The individual we are looking for will be taking a deep dive in reverse engineering products provided by vendors and exploiting these products to expose the vulnerability. Heavy testing and a small amount of reporting.
Qualifications:
• Security Clearance: Top-Secret clearance.
• Education:
• Bachelor's degree in Computer Science, Cybersecurity, Computer or Electrical Engineering, or a related technical discipline..
• Experience:
• Minimum of seven years conducting offensive security engagements, vulnerability analysis, or reverse engineering.
• Prior exposure to DoD, intelligence, or aerospace programs strongly preferred.
Technical Expertise:
• Demonstrated skill in reverse-engineering and binary analysis, using tools such as Ghidra, IDA Pro, Binary Ninja, Radare2, WinDbg, or GDB.
• Proficiency in exploit development and offensive frameworks, including Metasploit, Burp Suite, and custom scripted tools (Python, Go, or Rust).
• Experience with firmware and embedded systems testing, including communication interfaces, real-time operating systems, and device-level hardware evaluation.
• Strong programming and scripting proficiency in Python, C/C++, assembly, and Bash or PowerShell. Ability to modify code or craft purpose-built proof-of-concept utilities.
• In-depth understanding of network, web, and cloud exploitation techniques and methodologies.
• Excellent written and verbal communication—capable of conveying complex findings clearly to both technical and executive audiences.
Preferred Background & Certifications:
• Recognized industry credentials such as OSCP, OSCE, GPEN, GXPN, CREST CRT, or CISSP.
• Previous involvement in red team operations or adversarial simulation within defense or intelligence contexts.
• Familiarity with RMF processes, DISA STIGs, NIST 800-series frameworks, and integration of test data into authorization and accreditation documentation (e.g., eMASS or similar systems).
• Experience performing secure design reviews, code audits, or supply chain risk analyses.
• Participation in audit or accreditation efforts as an assessor or evaluator.
Pay: $90.00 - $115.00 per hour
Benefits:
• 401(k)
• Dental insurance
• Health insurance
• Paid time off
• Vision insurance
Application Question(s):
• How many years of experience do you have in reverse-engineering and binary analysis, using tools such as Ghidra, IDA Pro, Binary Ninja, Radare2, WinDbg, or GDB?
• Do you have familiarity with RMF processes, DISA STIGs, NIST 800-series frameworks, and integration of test data into authorization and accreditation documentation (e.g., eMASS or similar systems)?
• How many years of experience with exploit development and offensive frameworks, including Metasploit, Burp Suite, and custom scripted tools (Python, Go, or Rust)?
• Do you have any of the following certifications: OSCP, OSCE, GPEN, GXPN, CREST, CISSP?
Education:
• Bachelor's (Required)
Security clearance:
• Top Secret (Required)
Willingness to travel:
• 25% (Preferred)
Work Location: Remote