Threat Hunting Analyst
Aretec, Inc., Washington, District of Columbia, United States
Threat Hunting Analyst – Cyber Security Specialist II (T&M)
What We're Looking For
We are seeking Threat Hunting Analysts – Cyber Security Specialist II (T&M) who will play a pivotal role in strengthening our Security Operations Center (SOC) capabilities at Stennis Space Center or through approved telework. In this role, you'll use advanced detection, forensics, and incident response expertise to identify sophisticated threats and protect critical federal systems.
Your Responsibilities
Leading Innovative Cybersecurity Initiatives : Proactively hunt for anomalous behavior, adversary techniques, and emerging threats using advanced detection platforms and methodologies.
Collaborative Security Operation Support : Work alongside SOC analysts, forensic specialists, incident responders, and federal stakeholders to improve detection, response, and cyber defense operations.
Strategic Cyber Threat Analysis : Analyze threat actor behaviors, TTPs, and indicators of compromise to inform enterprise defensive strategy and security posture.
Engagement & Communication : Communicate findings, risks, and recommended mitigations to technical and non-technical stakeholders. Provide actionable intelligence that enhances mission success.
Required Certifications Each Threat Hunting Analyst must hold and maintain at least two active certifications, including but not limited to: Security+, GCIH, ISC2 CISSP, GSE, GREM, GAWN, GCIA, GPPA, GSEC, GCED, GSLC, GSNA, GCFA, or other comparable certifications approved in advance by the Security Operations Branch PM.
Required Experience
BA/BS or minimum three years of experience in forensics and incident response
Minimum two years of experience with Splunk, Wireshark, or comparable tools (approval required by Security Operations Branch PM on a case‑by‑case basis)
Security Clearance Requirements
Ability to attain a Final TOP SECRET/SCI Clearance
Must meet SCI eligibility (ICD 704) with no waivers or conditions
Must be a sole U.S. Citizen under federal contract requirements
Core Competencies
Advanced analytical skills to investigate complex attacks and anomalies
Technical expertise across threat hunting, malware analysis, packet analysis, and enterprise logging
Strong communication skills to clearly articulate findings
Leadership and collaboration skills to work in fast-paced cyber environments
Commitment to supporting critical federal missions and national security
Expectation Timeline Day One
Orientation to Aretec, mission goals, and SOC operations
Begin access process for clearance and technical systems
Meet team members, leadership, and federal stakeholders
Day Thirty
Begin actively participating in threat hunts and investigations
Understand environment topology, logging sources, and detection use cases
Demonstrate familiarity with required tools (Splunk, Wireshark, etc.)
Day Sixty
Take ownership of assigned hunts or analytic areas
Contribute to strategic threat detection enhancements
Support incident response through findings and forensics insights
Day Ninety
Lead complex threat hunts and investigations.
Develop new detection logic, SOPs, and process improvements.
Mentor junior analysts and contribute to continuous SOC maturity.
#J-18808-Ljbffr
Your Responsibilities
Leading Innovative Cybersecurity Initiatives : Proactively hunt for anomalous behavior, adversary techniques, and emerging threats using advanced detection platforms and methodologies.
Collaborative Security Operation Support : Work alongside SOC analysts, forensic specialists, incident responders, and federal stakeholders to improve detection, response, and cyber defense operations.
Strategic Cyber Threat Analysis : Analyze threat actor behaviors, TTPs, and indicators of compromise to inform enterprise defensive strategy and security posture.
Engagement & Communication : Communicate findings, risks, and recommended mitigations to technical and non-technical stakeholders. Provide actionable intelligence that enhances mission success.
Required Certifications Each Threat Hunting Analyst must hold and maintain at least two active certifications, including but not limited to: Security+, GCIH, ISC2 CISSP, GSE, GREM, GAWN, GCIA, GPPA, GSEC, GCED, GSLC, GSNA, GCFA, or other comparable certifications approved in advance by the Security Operations Branch PM.
Required Experience
BA/BS or minimum three years of experience in forensics and incident response
Minimum two years of experience with Splunk, Wireshark, or comparable tools (approval required by Security Operations Branch PM on a case‑by‑case basis)
Security Clearance Requirements
Ability to attain a Final TOP SECRET/SCI Clearance
Must meet SCI eligibility (ICD 704) with no waivers or conditions
Must be a sole U.S. Citizen under federal contract requirements
Core Competencies
Advanced analytical skills to investigate complex attacks and anomalies
Technical expertise across threat hunting, malware analysis, packet analysis, and enterprise logging
Strong communication skills to clearly articulate findings
Leadership and collaboration skills to work in fast-paced cyber environments
Commitment to supporting critical federal missions and national security
Expectation Timeline Day One
Orientation to Aretec, mission goals, and SOC operations
Begin access process for clearance and technical systems
Meet team members, leadership, and federal stakeholders
Day Thirty
Begin actively participating in threat hunts and investigations
Understand environment topology, logging sources, and detection use cases
Demonstrate familiarity with required tools (Splunk, Wireshark, etc.)
Day Sixty
Take ownership of assigned hunts or analytic areas
Contribute to strategic threat detection enhancements
Support incident response through findings and forensics insights
Day Ninety
Lead complex threat hunts and investigations.
Develop new detection logic, SOPs, and process improvements.
Mentor junior analysts and contribute to continuous SOC maturity.
#J-18808-Ljbffr