Apply on Employer Site

Aretum · 17 hours ago

Security Analyst - Junior

United States

Full-time

Remote

Entry Level

$130K/yr - $140K/yr

3+ years exp

Aretum is a mission-driven organization committed to delivering innovative, technology-enabled solutions across defense, civilian, and homeland security sectors. The Junior-Level Security Analyst provides cybersecurity and compliance support for Department of War information systems, focusing on vulnerability management, configuration compliance, and RMF support activities.

ConsultingInformation Technology

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Execute vulnerability management activities using ACAS, ESS, SCAP tools, and manual validation techniques to confirm findings and reduce false positives

Conduct application and web vulnerability assessments using tools such as Burp Suite and document results with clear remediation guidance

Support vulnerability triage and prioritization based on mission impact, exposure, exploitability, and operational constraints

Support the Vulnerability Disclosure Program (VDP) by managing intake, validation, tracking, and coordination with remediation stakeholders

Ensure vulnerability findings, evidence, and remediation status are accurately documented and traceable within RMF artifacts (e.g., assessment inputs and POA&M updates)

Support SCAP/STIG-related validation by correlating scan results to configuration baseline requirements and documenting compliance status

Demonstrate the ability to perform—or a strong willingness to learn—security assessment activities across ACAS, ESS, Burp Suite, VDP workflows, and SCAP/STIG compliance processes

Configure and manage AWS Security toolsets (CloudTrail, GuardDuty, Inspector, Security Hub)

Execute DISA STIG compliance activities across operating systems, applications, databases, and network devices

Validate security baselines using SCAP and manual assessment techniques

Identify deviations, document compensating controls, and support risk acceptance requests

Ensure configuration compliance aligns with mission requirements and operational constraints

Maintain and update RMF packages throughout the system lifecycle

Support ATO, IATT, and continuous monitoring activities

Track POA&Ms and remediation actions to completion

Coordinate with Government System Owners, ISSOs, ISSEs, and Authorizing Officials

Support cybersecurity assessments, inspections, and compliance reviews

Support SIEM monitoring and alert analysis

Assist with ESS deployment, configuration, and reporting

Support log analysis, threat detection, and incident response activities

Assist with continuous monitoring and cybersecurity metrics reporting

Qualification

Vulnerability ManagementRMF SupportAWS SecurityNIST 800-seriesSIEM MonitoringWillingness to LearnDoD 8140 / 8570 CertificationsTechnical DocumentationCommunication Skills

Required

Active Top Secret Clearance Required

Master's Degree or Bachelor's Degree + 3 years of relevant experience

3-6 years of experience in information assurance, cybersecurity, or compliance-focused roles

Experience maintaining RMF packages in classified or regulated environments

Working knowledge of NIST 800-series publications and DoD cybersecurity requirements

Experience developing and maintaining SOPs, policies, or technical documentation

Strong written and verbal communication skills

Demonstrated willingness to learn new tools/techniques and support cross-functional cybersecurity activities as mission needs evolve

Preferred

Extensive knowledge of AWS Security

Experience supporting DoD or intelligence community customers

Hands-on experience with eMASS or other GRC tools

Familiarity with SIEM platforms, ESS/Trellix, Burp, Checkmarx, or other vulnerability management solutions

DoD 8140 / 8570 certifications (e.g., Security+, CAP)

Experience working in classified (SCIF) environments

Benefits

Health Care Plan (Medical, Dental & Vision)

Retirement Plan (401k)

Life Insurance (Basic, Voluntary & AD&D)

Paid Time Off

Family Leave (Maternity, Paternity)

Short Term & Long-Term Disability

Training & Development

Company

Aretum

ARETUM is a government contracting company specializing in technology-enabled mission support services for the Department of Defense.

Founded in 2023

Bethesda, Maryland, USA

501-1000 employees

https://www.aretum.com

Funding

Current Stage

Late Stage

Leadership Team

Bobby Frazitta

Vice President of People

Tiffany Bailey

Executive Vice President

Recent News

Washington Technology

Aretum returns to M&A with Veterans Engineering purchase

2025-12-13

Venture Capital

Aretum Bolsters Federal Technology Offerings Through Acquisition of Veterans Engineering

2025-12-13

PE Hub

Renovus-backed Artetum picks up govtech firm Veterans Engineering

2025-12-11

Company data provided by crunchbase