Threat Hunting Analyst

Threat Hunting Analyst – Cyber Security Specialist II (T&M)

What We're Looking For

We are seeking Threat Hunting Analysts – Cyber Security Specialist II (T&M) who will play a pivotal role in strengthening our Security Operations Center (SOC) capabilities at Stennis Space Center or through approved telework. In this role, you'll use advanced detection, forensics, and incident response expertise to identify sophisticated threats and protect critical federal systems.

Your Responsibilities Will Include

• Leading Innovative Cybersecurity Initiatives

Proactively hunt for anomalous behavior, adversary techniques, and emerging threats using advanced detection platforms and methodologies.

• Collaborative Security Operation Support

Work alongside SOC analysts, forensic specialists, incident responders, and federal stakeholders to improve detection, response, and cyber defense operations.

• Strategic Cyber Threat Analysis

Analyze threat actor behaviors, TTPs, and indicators of compromise to inform enterprise defensive strategy and security posture.

• Engagement & Communication

Communicate findings, risks, and recommended mitigations to technical and non-technical stakeholders. Provide actionable intelligence that enhances mission success.

Required Certifications

The Skills We're Looking For:

Each Threat Hunting Analyst must hold and maintain at least two active certifications, including but not limited to: Security+, GCIH, ISC2 CISSP, GSE, GREM, GAWN, GCIA, GPPA, GSEC, GCED, GSLC, GSNA, GCFA, or other comparable certifications approved in advance by the Security Operations Branch PM.

Required Experience

• BA/BS or minimum three years of experience in forensics and incident response
• Minimum two years of experience with Splunk, Wireshark, or comparable tools (approval required by Security Operations Branch PM on a case‑by‑case basis)

Security Clearance Requirements

• Ability to attain a Final TOP SECRET/SCI Clearance
• Must meet SCI eligibility (ICD 704) with no waivers or conditions
• Must be a sole U.S. Citizen under federal contract requirements

Core Competencies

• Advanced analytical skills to investigate complex attacks and anomalies
• Technical expertise across threat hunting, malware analysis, packet analysis, and enterprise logging
• Strong communication skills to clearly articulate findings
• Leadership and collaboration skills to work in fast-paced cyber environments
• Commitment to supporting critical federal missions and national security

Expectation Timeline

Day One

• Orientation to Aretec, mission goals, and SOC operations
• Begin access process for clearance and technical systems
• Meet team members, leadership, and federal stakeholders

Day Thirty

• Begin actively participating in threat hunts and investigations
• Understand environment topology, logging sources, and detection use cases
• Demonstrate familiarity with required tools (Splunk, Wireshark, etc.)

Day Sixty

• Take ownership of assigned hunts or analytic areas
• Contribute to strategic threat detection enhancements
• Support incident response through findings and forensics insights

Day Ninety

• Lead complex threat hunts and investigations.
• Develop new detection logic, SOPs, and process improvements.
• Mentor junior analysts and contribute to continuous SOC maturity.