Aretum is a mission-driven organization committed to delivering innovative, technology-enabled solutions to customers across defense, civilian, and homeland security sectors. The Mid-Level Security Engineer & Operations professional provides advanced cybersecurity, compliance, and security engineering support, focusing on Zero Trust implementation and incident response.
Responsibilities:
- Support planning, assessment, and implementation of Zero Trust principles across classified environments
- Evaluate identity, device, network, application, and data protection controls
- Assess Zero Trust maturity against DoD Zero Trust reference architectures
- Provide recommendations to reduce implicit trust and strengthen access control enforcement
- Oversee SIEM and SOAR operations for classified networks
- Analyze security logs, alerts, and correlated events to identify threats and anomalous behavior
- Perform traffic pattern analysis to detect lateral movement, unauthorized activity, and data exfiltration risks
- Support incident response investigations and forensic analysis
- Oversee vulnerability management and advanced vulnerability analysis efforts
- Assess mission risk across enterprise, tactical, and mission networks
- Ensure the security posture of complex, interconnected classified systems
- Configure and manage AWS Security toolsets (CloudTrail, GuardDuty, Inspector, Security Hub)
- Provide technical guidance to engineering, operations, and compliance teams
- Support cybersecurity strategy development and continuous process improvement
- Stay current with emerging threats, adversary TTPs, and evolving DoD cybersecurity guidance
Requirements:
- Active Top Secret Clearance Required
- Master's Degree + 5 years of relevant experience or Bachelor's Degree + 8 years of relevant experience
- 5+ years of experience in information assurance, cybersecurity, or security engineering
- IAT Level III Certification: Must possess one of the following: CASP+ CE, CCNP Security+, CISA, CISSP, GCED, GCIH, or CCSP
- Extensive experience supporting RMF in classified C5ISR and IIR environments
- Strong hands-on experience with ACAS, ESS, SIEM/SOAR, SCAP, DISA STIGs, and Burp Suite
- Demonstrated expertise in traffic pattern analysis and advanced vulnerability analysis
- Expert knowledge of NIST 800-series publications and DoD cybersecurity requirements
- Proven ability to lead complex cybersecurity and compliance efforts across multiple systems
- Extensive knowledge of AWS Security
- Experience supporting Department of War, DoD, or intelligence community mission systems
- Advanced certifications such as CISSP, CISM, CAP, or GSLC
- Experience implementing or assessing Zero Trust architectures
- Familiarity with cross-domain solutions and interconnected system authorization
- Hands-on experience with SIEM/SOAR tuning