Threat Hunting Lead (Subject Matter Expert II)
Us:
At Aretec, Inc., we are catalysts for change within the federal government landscape. Specializing in advanced analytics, machine learning, data analysis, cybersecurity, and business optimization, we empower federal agencies to achieve their most critical missions. As a premier partner and prime vendor, we deliver innovative, high-impact solutions that address complex challenges and drive national progress. Our commitment to excellence and innovation positions us at the forefront of transforming governmental operations, enhancing efficiency, and making a lasting difference in the lives of citizens.
You:
You are a strategic and highly skilled cybersecurity professional with a passion for uncovering sophisticated threats that evade traditional defenses. You thrive in complex environments where active threat hunting, deep packet analysis, and adversary emulation drive proactive cyber defense. You lead teams with precision and purpose-collaborating, analyzing, and innovating to stay ahead of advanced persistent threats (APTs). You are motivated by mission-critical work, guiding others to detect, analyze, and mitigate risks that could impact national systems and operations.
What We're Looking For:
We are seeking a Threat Hunting Lead (Subject Matter Expert II) who will play a pivotal role in enhancing our cybersecurity posture and advancing the missions of our federal partners. In this role, you will guide an active cyber defense team that proactively searches the enterprise to detect malicious, hard-to-detect activities that may bypass existing security tools. You will design strategies, lead investigations, and refine threat detection processes to ensure the confidentiality, integrity, and availability of USCIS systems and infrastructure.
Your responsibilities will include: • Leading Innovative Projects: Direct a team providing 12x5 support (with after-hours on-call) to detect, analyze, and mitigate targeted and sophisticated threats. • Advanced Analysis: Oversee advanced traffic analysis at the packet level to identify anomalies, patterns, and malicious activity within USCIS networks. • Threat Detection Strategy: Design and implement structured methodologies to assess and enhance anomaly detection capabilities across USCIS applications. • Policy Development: Identify and develop enhancement opportunities for cyber defense policies and procedures. • Collaborative Threat Response: Coordinate with the SOC to assess and monitor key risk areas continuously, ensuring a unified defensive posture. • Reporting and Communication: Provide actionable recommendations and produce comprehensive reports detailing findings, mitigation strategies, and lessons learned. • Data-Driven Defense: Develop and implement plans to assess existing SIEM (e.g., Splunk) data for anomalies and potential indicators of compromise.
By stepping into this role, you will directly contribute to the success of our federal partners' missions-driving meaningful, proactive defense against evolving cyber threats and ensuring the security of critical national systems.
The Skills We're Looking For:
Technical Expertise: Advanced experience in threat hunting, network traffic analysis, and tools such as Splunk, Wireshark, or similar platforms. • Analytical Mindset: Exceptional ability to dissect complex attack vectors and identify hidden threats within vast datasets. • Leadership Abilities: Proven experience leading cybersecurity teams, guiding investigations, and managing 24x7 or extended-hour support environments. • Effective Communication: Skilled at preparing clear, detailed reports and presenting threat findings and recommendations to executive and technical audiences. • Commitment to Mission: Deep understanding of federal cybersecurity operations and a strong commitment to advancing national security initiatives.Required Qualifications: • Location/Telework: Staffed in the SOC at Stennis Space Center or able to meet the requirements for Telework. • Education/Experience:
Bachelor's degree (BA/BS) or a minimum of three (3) years of experience in forensics and incident response.Minimum of two (2) years of experience with Splunk, Wireshark, or comparable tools. • Certifications: Must have and maintain at least two active certifications, such as:Certified Digital Forensics Examiner (CDFE)Digital Media CollectorSANS GCIHISC² CISSP (or other comparable certification approved in advance by the Security Operations Branch PM) • Security Clearance:Must be able to attain up to a Final TOP SECRET SCI Clearance.Must meet SCI eligibility (ICD 704) with no waivers or conditions.The Expectations of the Job:
Day One: • Orientation and Onboarding: Immerse yourself in Aretec's cybersecurity culture and mission. Begin engaging with the SOC team and familiarize yourself with current detection frameworks and defense tools.
Day Thirty: • Active Contribution: Participate in ongoing threat hunting and analysis activities. Identify initial areas for detection improvement and begin contributing to team operations.
Day Sixty: • Project Leadership: Lead structured hunts, assess anomaly detection capabilities, and refine workflows for faster threat identification. • Strategic Planning: Contribute to strategy development for long-term detection and mitigation initiatives.
Day Ninety: • Full Ownership: Take full command of threat hunting operations, directing hunts and refining detection logic across platforms. • Innovation and Improvement: Identify and implement new hunting techniques, automate detection processes, and enhance data correlation. • Mentorship Role: Coach junior analysts, fostering an environment of collaboration and continuous improvement.
Additional Notes:
Benefits At Aretec, we believe that our employees are our greatest asset. We offer a comprehensive benefits package designed to support your health, well-being, and professional development:
Health, Dental, and Vision Insurance: Comprehensive coverage to keep you and your family healthy. • 401(k) Plan with Employer Match: Invest in your future with our competitive retirement savings plan. • Certification Stipends: Support for obtaining professional certifications that enhance your skills and career trajectory. • Professional Development Opportunities: Access to training, workshops, and conferences to stay at the forefront of cybersecurity advancements. • Flexible Work Arrangements: Options that promote a healthy work-life balance, including remote work opportunities and flexible scheduling. • Paid Time Off and Holidays: Generous PTO policy to relax, recharge, and spend time with loved ones.Citizenship Requirement Please note that due to the nature of our federal contracts and the secure environments in which we operate, only applicants who are sole U.S. Citizens can be considered for this position. This requirement is in compliance with federal regulations and is essential for the roles we fulfill within government agencies.
Equal Opportunity Employer Aretec, Inc. is proud to be an Equal Opportunity Employer. We are committed to creating an inclusive environment for all employees and applicants. All qualified individuals will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other legally protected characteristics.
Read LessFunctional Analyst (Business Analyst II)
Us:
At Aretec, Inc., we are catalysts for change within the federal government landscape. Specializing in advanced analytics, machine learning, data analysis, cybersecurity, and business optimization, we empower federal agencies to achieve their most critical missions. As a premier partner and prime vendor, we deliver innovative, high-impact solutions that address complex challenges and drive national progress. Our commitment to excellence and innovation positions us at the forefront of transforming governmental operations, enhancing efficiency, and making a lasting difference in the lives of citizens.
You:
You are a dynamic and analytical professional who thrives on interpreting complex requirements, improving processes, and driving automation to strengthen cybersecurity operations. With a passion for innovation and a strong understanding of federal cybersecurity initiatives, you excel at finding opportunities to enhance workflows and deliver measurable results. You enjoy working across technical and functional teams to turn strategic goals into actionable, efficient, and automated processes. You're motivated by the opportunity to advance national cybersecurity objectives while collaborating within a mission-focused team that values your insight and growth.
What We're Looking For:
We are seeking a Functional Analyst (Business Analyst II) who will play a pivotal role in enhancing the effectiveness of the USCIS Information Security Division (ISD). In this role, you will collaborate across ISD branches to interpret requirements, design new processes, and identify opportunities for automation-especially within the Security Orchestration, Automation, and Response (SOAR) platform. Your expertise will help improve workflows, drive efficiencies, and align with the USCIS Cyber Security Strategic goals.
Your responsibilities will include:
Leading Innovative Projects: Analyze and improve processes and workflows, identifying opportunities for automation into the SOAR solution to support the USCIS Enhanced Cyber Security Strategy.Collaborative Solution Development: Hold meetings, research processes, collect and analyze data, and design new, efficient workflows aligned with mission requirements.Strategic Impact: Develop executive dashboards providing near real-time visibility into USCIS Security Program performance.Stakeholder Engagement: Facilitate redesign workshops, document outcomes, and present new process designs to stakeholders to ensure alignment and adoption.Process Optimization: Monitor, measure, and provide feedback on process performance, ensuring continuous improvement.Implementation and Automation: Identify user needs and develop strategies and user stories for implementation and automation in Swimlane.By stepping into this role, you will directly contribute to the success of federal cybersecurity missions-improving the agility, visibility, and performance of essential security operations.
The Skills We're Looking For:
Technical Expertise: Experience with process design, workflow automation, and tools such as SOAR (e.g., Swimlane).Analytical Mindset: Ability to dissect complex workflows, identify inefficiencies, and recommend innovative, data-driven solutions.Leadership Abilities: Skilled in facilitating meetings, workshops, and process redesign efforts across diverse teams.Effective Communication: Exceptional ability to translate technical and process information for stakeholders at multiple levels.Commitment to Mission: Understanding of federal cybersecurity goals and motivation to advance national cyber defense initiatives.Required Qualifications:
Telework: Must meet the requirements for telework.Certifications: Must have and maintain at least one active certification-Security+, ISC² CISSP, or another comparable certification pre-approved by the Government PM.Experience:Minimum of two (2) years of client-facing federal consulting experience.Minimum of two (2) years of business analysis experience.Minimum of two (2) years of experience working with cybersecurity teams.The Expectations of the Job:
Day One:
Immerse yourself in Aretec's mission, values, and culture.Begin engaging with ISD teams to understand project scope, current workflows, and process challenges.Day Thirty:
Actively contribute to ongoing process analysis and documentation.Collaborate with technical and functional teams to identify initial automation or optimization opportunities.Day Sixty:
Take ownership of process design or redesign efforts.Begin developing and presenting process documentation, dashboards, and recommendations to stakeholders.Day Ninety:
Lead process improvement or automation initiatives end-to-end.Mentor junior analysts and contribute to organization-wide process improvement strategies.Deliver measurable outcomes that enhance USCIS cybersecurity operations and efficiency.Additional Notes:
Benefits: At Aretec, we believe our employees are our greatest asset. We offer a comprehensive benefits package designed to support your health, well-being, and professional development:
Health, Dental, and Vision Insurance401(k) Plan with Employer MatchCertification Stipends for professional developmentProfessional Development Opportunities including training and conferencesFlexible Work Arrangements including remote and hybrid optionsPaid Time Off and HolidaysCitizenship Requirement: Due to the nature of our federal contracts and the secure environments in which we operate, only applicants who are sole U.S. Citizens can be considered for this position.
Equal Opportunity Employer: Aretec, Inc. is proud to be an Equal Opportunity Employer. We are committed to creating an inclusive environment for all employees and applicants. All qualified individuals will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other legally protected characteristics.
Read Less