This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

We are seeking Threat Hunting Analysts – Cyber Security Specialist II (T&M) who will play a pivotal role in strengthening our Security Operations Center (SOC) capabilities at Stennis Space Center or through approved telework. In this role, you'll use advanced detection, forensics, and incident response expertise to identify sophisticated threats and protect critical federal systems.

• Leading Innovative Cybersecurity Initiatives: Proactively hunt for anomalous behavior, adversary techniques, and emerging threats using advanced detection platforms and methodologies.
• Collaborative Security Operation Support: Work alongside SOC analysts, forensic specialists, incident responders, and federal stakeholders to improve detection, response, and cyber defense operations.
• Strategic Cyber Threat Analysis: Analyze threat actor behaviors, TTPs, and indicators of compromise to inform enterprise defensive strategy and security posture.
• Engagement & Communication: Communicate findings, risks, and recommended mitigations to technical and non-technical stakeholders. Provide actionable intelligence that enhances mission success.

Qualifications

• Each Threat Hunting Analyst must hold and maintain at least two active certifications, including but not limited to: Security+, GCIH, ISC2 CISSP, GSE, GREM, GAWN, GCIA, GPPA, GSEC, GCED, GSLC, GSNA, GCFA, or other comparable certifications approved in advance by the Security Operations Branch PM.
• BA/BS or minimum three years of experience in forensics and incident response.
• Minimum two years of experience with Splunk, Wireshark, or comparable tools (approval required by Security Operations Branch PM on a case-by-case basis).

Requirements

• Ability to attain a Final TOP SECRET/SCI Clearance.
• Must meet SCI eligibility (ICD 704) with no waivers or conditions.
• Must be a sole U.S. Citizen under federal contract requirements.

Core Competencies

• Advanced analytical skills to investigate complex attacks and anomalies.
• Technical expertise across threat hunting, malware analysis, packet analysis, and enterprise logging.
• Strong communication skills to clearly articulate findings.
• Leadership and collaboration skills to work in fast-paced cyber environments.
• Commitment to supporting critical federal missions and national security.

Expectation Timeline

• Day One: Orientation to Aretec, mission goals, and SOC operations; Begin access process for clearance and technical systems; Meet team members, leadership, and federal stakeholders.
• Day Thirty: Begin actively participating in threat hunts and investigations; Understand environment topology, logging sources, and detection use cases; Demonstrate familiarity with required tools (Splunk, Wireshark, etc.).
• Day Sixty: Take ownership of assigned hunts or analytic areas; Contribute to strategic threat detection enhancements; Support incident response through findings and forensics insights.
• Day Ninety: Lead complex threat hunts and investigations; Develop new detection logic, SOPs, and process improvements; Mentor junior analysts and contribute to continuous SOC maturity.