CSIRT Lead (Data Analyst IV)

Aretec IncJohn C. Stennis Space Center, MS, USA

1 day ago

Job type

Full-time

Quick Apply

Job description

CSIRT Lead (Data Analyst IV)

Us :

At Aretec, Inc., we are catalysts for change within the federal government landscape. Specializing in advanced analytics, machine learning, data analysis, cybersecurity, and business optimization, we empower federal agencies to achieve their most critical missions. As a premier partner and prime vendor, we deliver innovative, high-impact solutions that address complex challenges and drive national progress. Our commitment to excellence and innovation positions us at the forefront of transforming governmental operations, enhancing efficiency, and making a lasting difference in the lives of citizens.

You :

You are a decisive and experienced cybersecurity professional who thrives in high-stakes environments. You excel at leading incident response operations, coordinating response teams, and guiding investigations that protect mission-critical systems. You have a strong understanding of security operations center (SOC) workflows, event analysis, and cyber defense coordination. With a calm and analytical mindset, you drive clarity and control during security incidents, ensuring the confidentiality, integrity, and availability of federal systems.

What We're Looking For :

We are seeking a CSIRT Lead (Data Analyst IV) who will play a pivotal role in enhancing our organization's capabilities and advancing the missions of our federal partners. In this role, you will lead the Cyber Security Incident Response Team (CSIRT), which serves as the heart of the Security Operations Center (SOC). You will be responsible for overseeing 24x7x365 monitoring, incident recording, and reporting of cybersecurity events, guiding the team in minimizing and controlling damage from incidents, coordinating recovery, and preventing future occurrences.

Your responsibilities will include :

Leading Innovative Projects : Lead a team providing 24x7x365 on-site coverage for monitoring and responding to security alerts, ensuring rapid response to incidents and alignment with USCIS SOC operations.
Collaborative Solution Development : Oversee the tracking of all security incidents through platforms such as Swimlane , ServiceNow , and DHS Enterprise Case Management , ensuring complete visibility and accountability.
Strategic Impact : Coordinate and advise on incident response actions, providing clear and effective guidance to ensure containment and remediation.
Stakeholder Engagement : Work in partnership with the SOC Government Watch Officer (GWO) and Program Manager (PM) to manage incident workflows, reporting, and communications.
Process and Policy Development : Develop and maintain formal Standard Operating Procedures (SOPs) and ensure compliance with the USCIS SOC Concept of Operations (CONOPS) and automated playbooks.
Operational Excellence : Oversee investigations of anomalous events detected by security tools and ensure high-quality documentation and recommendations.
Continuous Improvement : Provide comprehensive reports, remedial recommendations, and process enhancements that strengthen incident response capabilities and operational efficiency.

By stepping into this role, you will directly contribute to the success of our federal partners' cybersecurity missions-driving mission assurance, minimizing risk, and ensuring resilient defense against evolving threats.

The Skills We're Looking For :

Technical Expertise : Proficient in security operations, incident response, event analysis, and the use of SOC tools such as Swimlane , ServiceNow , and SIEM platforms .

Analytical Mindset : Skilled in assessing security incidents, identifying root causes, and implementing preventive measures.

Leadership Abilities : Proven ability to lead high-performing teams in 24x7 operational environments, maintaining calm under pressure while ensuring mission continuity.

Effective Communication : Exceptional ability to provide clear, actionable guidance to both technical teams and non-technical stakeholders.

Commitment to Mission : A strong understanding of federal cybersecurity objectives and a passion for supporting initiatives that safeguard national systems.

Required Qualifications :

Education / Experience :

Bachelor's degree (BA / BS) or a minimum of one (1) year of experience in operations or incident response.

Certifications :

Must have and maintain at least one active certification : Security+ or ISC² CISSP (or other comparable certification approved in advance by the SOC PM).

Must have and maintain a GCIH certification (or other comparable certification approved in advance by the SOC PM).

Security Clearance :

Must be able to attain up to a Final TOP SECRET SCI Clearance .

Must meet SCI eligibility (ICD 704) with no waivers or conditions .

The Expectations of the Job :

Day One :

Orientation and Onboarding : Immerse yourself in Aretec's culture, values, and mission. Begin building relationships with SOC team members and familiarize yourself with ongoing incident response operations.

Day Thirty :

Active Contribution : Begin leading monitoring and incident response activities. Work with analysts to assess alert handling efficiency and process compliance.

Skill Application : Apply your technical and leadership expertise to strengthen reporting workflows and refine incident tracking in Swimlane and ServiceNow.

Day Sixty :

Project Leadership : Take ownership of incident coordination processes and ensure that the CSIRT's operations are fully aligned with USCIS CONOPS and SOPs.

Strategic Planning : Lead efforts to develop enhanced playbooks, refine escalation paths, and improve operational readiness.

Stakeholder Interaction : Collaborate closely with the GWO and PM to ensure real-time visibility into SOC operations and incident handling metrics.

Day Ninety :

Full Ownership : Assume full command of CSIRT operations, ensuring 24x7x365 coverage meets mission requirements.

Innovation and Improvement : Identify and implement new efficiencies in response coordination, reporting, and documentation.

Mentorship Role : Train and mentor junior analysts, fostering a collaborative and proactive SOC culture.

Additional Notes :

Benefits At Aretec, we believe that our employees are our greatest asset. We offer a comprehensive benefits package designed to support your health, well-being, and professional development :

Health, Dental, and Vision Insurance : Comprehensive coverage to keep you and your family healthy.

401(k) Plan with Employer Match : Invest in your future with our competitive retirement savings plan.

Certification Stipends : Support for obtaining professional certifications that enhance your skills and career trajectory.

Professional Development Opportunities : Access to training, workshops, and conferences to stay at the forefront of industry advancements.

Flexible Work Arrangements : Options that promote a healthy work-life balance, including remote work opportunities and flexible scheduling.

Paid Time Off and Holidays : Generous PTO policy to relax, recharge, and spend time with loved ones.

Citizenship Requirement Please note that due to the nature of our federal contracts and the secure environments in which we operate, only applicants who are sole U.S. Citizens can be considered for this position. This requirement is in compliance with federal regulations and is essential for the roles we fulfill within government agencies.

Equal Opportunity Employer Aretec, Inc. is proud to be an Equal Opportunity Employer. We are committed to creating an inclusive environment for all employees and applicants. All qualified individuals will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other legally protected characteristics.

Create a job alert for this search

Lead Data Analyst • John C. Stennis Space Center, MS, USA