Threat Hunting Lead (Subject Matter Expert II)

Aretec•Kiln, MS

65d•Onsite

About The Position

At Aretec, Inc., we are catalysts for change within the federal government landscape. Specializing in advanced analytics, machine learning, data analysis, cybersecurity, and business optimization, we empower federal agencies to achieve their most critical missions. As a premier partner and prime vendor, we deliver innovative, high-impact solutions that address complex challenges and drive national progress. Our commitment to excellence and innovation positions us at the forefront of transforming governmental operations, enhancing efficiency, and making a lasting difference in the lives of citizens. You are a strategic and highly skilled cybersecurity professional with a passion for uncovering sophisticated threats that evade traditional defenses. You thrive in complex environments where active threat hunting, deep packet analysis, and adversary emulation drive proactive cyber defense. You lead teams with precision and purpose-collaborating, analyzing, and innovating to stay ahead of advanced persistent threats (APTs). You are motivated by mission-critical work, guiding others to detect, analyze, and mitigate risks that could impact national systems and operations. We are seeking a Threat Hunting Lead (Subject Matter Expert II) who will play a pivotal role in enhancing our cybersecurity posture and advancing the missions of our federal partners. In this role, you will guide an active cyber defense team that proactively searches the enterprise to detect malicious, hard-to-detect activities that may bypass existing security tools. You will design strategies, lead investigations, and refine threat detection processes to ensure the confidentiality, integrity, and availability of USCIS systems and infrastructure. By stepping into this role, you will directly contribute to the success of our federal partners' missions-driving meaningful, proactive defense against evolving cyber threats and ensuring the security of critical national systems.

Requirements

Technical Expertise: Advanced experience in threat hunting, network traffic analysis, and tools such as Splunk, Wireshark, or similar platforms.
Analytical Mindset: Exceptional ability to dissect complex attack vectors and identify hidden threats within vast datasets.
Leadership Abilities: Proven experience leading cybersecurity teams, guiding investigations, and managing 24x7 or extended-hour support environments.
Effective Communication: Skilled at preparing clear, detailed reports and presenting threat findings and recommendations to executive and technical audiences.
Commitment to Mission: Deep understanding of federal cybersecurity operations and a strong commitment to advancing national security initiatives.
Location/Telework: Staffed in the SOC at Stennis Space Center or able to meet the requirements for Telework.
Education/Experience: Bachelor's degree (BA/BS) or a minimum of three (3) years of experience in forensics and incident response.
Minimum of two (2) years of experience with Splunk, Wireshark, or comparable tools.
Certifications: Must have and maintain at least two active certifications, such as: Certified Digital Forensics Examiner (CDFE) Digital Media Collector SANS GCIH ISC² CISSP (or other comparable certification approved in advance by the Security Operations Branch PM)
Security Clearance: Must be able to attain up to a Final TOP SECRET SCI Clearance. Must meet SCI eligibility (ICD 704) with no waivers or conditions.
Citizenship Requirement Please note that due to the nature of our federal contracts and the secure environments in which we operate, only applicants who are sole U.S. Citizens can be considered for this position. This requirement is in compliance with federal regulations and is essential for the roles we fulfill within government agencies.

Responsibilities

Leading Innovative Projects: Direct a team providing 12x5 support (with after-hours on-call) to detect, analyze, and mitigate targeted and sophisticated threats.
Advanced Analysis: Oversee advanced traffic analysis at the packet level to identify anomalies, patterns, and malicious activity within USCIS networks.
Threat Detection Strategy: Design and implement structured methodologies to assess and enhance anomaly detection capabilities across USCIS applications.
Policy Development: Identify and develop enhancement opportunities for cyber defense policies and procedures.
Collaborative Threat Response: Coordinate with the SOC to assess and monitor key risk areas continuously, ensuring a unified defensive posture.
Reporting and Communication: Provide actionable recommendations and produce comprehensive reports detailing findings, mitigation strategies, and lessons learned.
Data-Driven Defense: Develop and implement plans to assess existing SIEM (e.g., Splunk) data for anomalies and potential indicators of compromise.

Benefits

Health, Dental, and Vision Insurance: Comprehensive coverage to keep you and your family healthy.
401(k) Plan with Employer Match: Invest in your future with our competitive retirement savings plan.
Certification Stipends: Support for obtaining professional certifications that enhance your skills and career trajectory.
Professional Development Opportunities: Access to training, workshops, and conferences to stay at the forefront of cybersecurity advancements.
Flexible Work Arrangements: Options that promote a healthy work-life balance, including remote work opportunities and flexible scheduling.
Paid Time Off and Holidays: Generous PTO policy to relax, recharge, and spend time with loved ones.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume