IT Security Operations Analyst
Federal Prison Industries (UNICOR) - Information Technology Services Contract Position Summary KeenLogic is seeking an IT Security Operations Analyst to support Federal Prison Industries (UNICOR), a government corporation within the U.S. Department of Justice. The IT Security Operations Analyst is responsible for supporting the security, compliance, and operational integrity of enterprise information systems by monitoring vulnerabilities, implementing security controls, supporting patch management activities, and assisting with cybersecurity initiatives across the organization.
The ideal candidate is a hands-on technical professional with experience identifying and remediating vulnerabilities, supporting endpoint security, maintaining compliance with security standards, and collaborating with infrastructure, network, and support teams to protect enterprise systems.
This position operates under a hybrid work model and may require occasional onsite support and travel to UNICOR or Bureau of Prisons facilities as needed. This opportunity supports a federal contract with a one-year base period and four option years, offering up to five years of continued work. KeenLogic offers Fortune 500-level benefits, including health, dental, and vision insurance, PTO, 401(k), and life insurance.
Work Location - Primarily Remote/Hybrid
- Potential support locations include:
- Washington, DC (UNICOR Central Office)
- Lexington, KY
- Butner, NC
- Allenwood, PA
- Victorville, CA
Schedule - Monday through Friday
- Full-time (40 hours per week)
- 8-hour shifts
- Start times between 6:30 AM and 8:30 AM
- End times between 3:30 PM and 5:30 PM
Requirements - 4+ years of patching and vulnerability management
- CompTIA Security+ certification
- Can be used to substitute for 1 years of network experience
Required Technical Experience - Vulnerability Management and Remediation
- Patch Management
- Security Operations Support
- Endpoint Security Technologies
- Microsoft Windows 11
- Microsoft Server Environments
- Active Directory
- Microsoft 365
- Security Compliance and Audit Support
- Security Incident Response Support
- Risk Assessment and Mitigation
- Security Monitoring and Reporting
- System Hardening and Security Best Practices
- Infrastructure Security Support
- Documentation and Technical Reporting
- Microsoft-based Enterprise Environments
Key Job Duties - Perform vulnerability assessments and remediation activities across enterprise servers, workstations, and infrastructure systems.
- Support patch management processes, including testing, deployment, validation, and reporting of security updates and operating system patches.
- Monitor security alerts, system logs, and security tools to identify, investigate, and respond to potential security threats and vulnerabilities.
- Assist with implementation and maintenance of security controls designed to protect enterprise systems, networks, and data.
- Support security compliance initiatives by ensuring systems remain aligned with organizational policies, security standards, and regulatory requirements.
- Conduct risk assessments and recommend corrective actions to address identified security weaknesses.
- Assist with security incident response activities, including investigation, documentation, containment, and recovery efforts.
- Collaborate with system administrators, network administrators, and service desk personnel to resolve security-related issues and improve overall system security.
- Support endpoint security technologies and assist with the deployment, configuration, and maintenance of security tools.
- Develop and maintain security documentation, procedures, reports, and technical guidance materials.
- Perform security reviews of systems and configurations to ensure adherence to established security baselines and best practices.
- Track and report vulnerability remediation efforts, patch compliance metrics, and security operational activities.
- Participate in technology modernization efforts and provide recommendations to improve cybersecurity posture and operational resilience.
- Provide technical guidance and security awareness support to users and stakeholders as needed.
