CSIRT Analyst

Aretec Inc

173d

About The Position

At Aretec, Inc., we are catalysts for change within the federal government landscape. Specializing in advanced analytics, machine learning, data analysis, cybersecurity, and business optimization, we empower federal agencies to achieve their most critical missions. As a premier partner and prime vendor, we deliver innovative, high-impact solutions that address complex challenges and drive national progress. Our commitment to excellence and innovation positions us at the forefront of transforming governmental operations, enhancing efficiency, and making a lasting difference in the lives of citizens. You: You are a proactive cybersecurity professional with a passion for defending organizations against cyber threats. With a strong ethical foundation and commitment to integrity, you thrive in fast-paced environments where quick analysis and decisive actions are critical. You bring a technical acumen, collaborative spirit, and a desire to continuously learn and innovate in the field of cybersecurity. Your focus is on minimizing and controlling the damage from cybersecurity events while working to prevent future incidents. What We're Looking For: We are seeking a CSIRT Analyst who will play a pivotal role in enhancing our cybersecurity capabilities and advancing the missions of our federal partners. In this role, you will be at the forefront of monitoring, recording, and reporting cybersecurity events and incidents. Your responsibilities will include: Leading Innovative Projects: Analyze traffic at the packet level, reconstruct network traffic, and recommend tools and hardware/software solutions to improve security monitoring capabilities. Collaborative Solution Development: Work closely with cross-functional teams, including incident handlers and malware analysts, to address and mitigate threats effectively. Strategic Impact: Develop Standard Operating Procedures (SOPs) and contribute to the strategic defense posture by providing in-depth incident analysis and response coordination. Stakeholder Engagement: Engage with various internal and external stakeholders including DHS components, ensuring timely incident tracking and compliance reporting. Mentorship and Leadership: Provide incident response guidance and maintain high standards of operational excellence within the Security Operations Center (SOC).

Requirements

Proficient in Microsoft Office Suite (Excel, Word, Outlook), Adobe Pro, Splunk, McAfee EPO, FireEye, and Security Orchestration and Automation Response (SOAR) tools.
Strong ability in traffic analysis, log analysis, behavior analysis, and pattern recognition.
Experience with tracking incidents through Swimlane, ServiceNow, and DHS systems.
Excellent verbal and written communication skills.
Strong desire to contribute to initiatives that have a national impact, especially through proactive cybersecurity measures.
Bachelor's degree in a related field OR at least 1+ year of experience in a related field.
Must have at least one: Network+, Security+, or CISSP.

Responsibilities

Analyze traffic at the packet level, reconstruct network traffic, and recommend tools and hardware/software solutions to improve security monitoring capabilities.
Work closely with cross-functional teams, including incident handlers and malware analysts, to address and mitigate threats effectively.
Develop Standard Operating Procedures (SOPs) and contribute to the strategic defense posture by providing in-depth incident analysis and response coordination.
Engage with various internal and external stakeholders including DHS components, ensuring timely incident tracking and compliance reporting.
Provide incident response guidance and maintain high standards of operational excellence within the Security Operations Center (SOC).