Jobs · Management · South Carolina

Tier 3 DCO (Defensive Cyber Operations) Watch Analyst

Valiant Solutions · Charleston County, SC · 1 mo ago
ManagementFull-time

About the role

The Tier 3 DCO Watch Analyst is responsible for leading complex incident response, conducting proactive threat hunting, and enhancing detection capabilities within a Cybersecurity Service Provider (CSSP) environment. This position requires advanced expertise, operational leadership, and strict compliance with CJCSM 6510.01B standards.

Responsibilities

  • Lead incident response efforts, including analysis, mitigation, and reporting of significant incidents per CJCSM 6510.01B.
  • Manage incident response campaigns by developing strategies, coordinating multi-team efforts, and ensuring comprehensive resolution and reporting.
  • Conduct proactive threat hunting to identify advanced threats and network vulnerabilities.
  • Lead purple team exercises in collaboration with red and blue teams to evaluate and enhance detection and response capabilities.
  • Evaluate and refine detection mechanisms, including IDS/IPS signatures and log correlation rules, to improve accuracy and reduce false positives.
  • Perform advanced network and host-based digital forensics on Windows and other operating systems to support investigations.
  • Coordinate with reporting agencies and subscriber sites for comprehensive incident analysis and reporting.
  • Develop and maintain internal SOP documentation, ensuring alignment with CJCSM 6510.01B and applicable directives.
  • Work with a team to provide 24/7 support for incident response, including non-core hours, and mentor junior analysts.
  • Participate in program reviews, product evaluations, and onsite certification assessments.
  • Work four 10-hour shifts (Sunday-Wednesday or Wednesday Saturday); shift placement at management’s discretion.
  • Surge support may be required to support incident response actions.
  • Up to 10% travel may be required, to include OCONUS locations.

Requirements

  • Advanced expertise, operational leadership, and strict compliance with CJCSM 6510.01B standards.
  • Comprehensive knowledge of CJCSM 6510.01B and incident response procedures.
  • In depth expertise with IDS/IPS solutions, including signature development and optimization.
  • Extensive experience performing digital forensics across multiple operating systems.

Similar jobs

Cyber Defense Analyst 3

The Swift Group, LLCAnnapolis Junction, MD· 2 wk ago
Information Technology$50k–$290k/yrapply on jobs.gem.com