-
Summary
BreakPoint Labs is seeking a Tier 3 DCO Watch Analyst responsible for leading complex incident response, conducting proactive threat hunting, and enhancing detection capabilities within a Cybersecurity Service Provider (CSSP) environment. The analyst oversees incident analysis, coordinates with internal and external stakeholders, leads purple team exercises, and drives improvements to detection and response capabilities. This position requires advanced expertise, operational leadership, and strict compliance with CJCSM 6510.01B standards. Required Responsibilities: - Lead incident response efforts, including analysis, mitigation, and reporting of significant incidents per CJCSM 6510.01B.
- Manage incident response campaigns by developing strategies, coordinating multi-team efforts, and ensuring comprehensive resolution and reporting.
- Conduct proactive threat hunting to identify advanced threats and network vulnerabilities.
- Lead purple team exercises in collaboration with red and blue teams to evaluate and enhance detection and response capabilities.
- Evaluate and refine detection mechanisms, including IDS/IPS signatures and log correlation rules, to improve accuracy and reduce false positives.
- Perform advanced network and host-based digital forensics on Windows and other operating systems to support investigations.
- Coordinate with reporting agencies and subscriber sites for comprehensive incident analysis and reporting.
- Develop and maintain internal SOP documentation, ensuring alignment with CJCSM 6510.01B and applicable directives.
- Work with a team to provide 24/7 support for incident response, including non-core hours, and mentor junior analysts.
- Participate in program reviews, product evaluations, and onsite certification assessments.
- Work four 10-hour shifts (Sunday-Wednesday or Wednesday Saturday); shift placement at management's discretion.
- Surge support may be required to support incident response actions.
- Up to 10% travel may be required, to include OCONUS locations. Required Experience: - 5 year's experience supporting CSSP or similar SOC technical role.
- Comprehensive knowledge of CJCSM 6510.01B and incident response procedures.
- In-depth expertise with IDS/IPS solutions, including signature development and optimization.
- Extensive experience performing digital forensics across multiple operating systems. Certifications Required: DoD 8570 IAT Level II certification and CSSP/CND certification
required. Security Clearance Required: DoD Secret Education Level Required: Bachelor's Degree in Cybersecurity, Computer, Electrical, or Electronics Engineering, OR Mathematics with a concentration in computer science or equivalent -
Job Description
BreakPoint Labs is seeking a Tier 3 DCO Watch Analyst responsible for leading complex incident response, conducting proactive threat hunting, and enhancing detection capabilities within a Cybersecurity Service Provider (CSSP) environment. The analyst oversees incident analysis, coordinates with internal and external stakeholders, leads purple team exercises, and drives improvements to detection and response capabilities. This position requires advanced expertise, operational leadership, and strict compliance with CJCSM 6510.01B standards. Required Responsibilities: - Lead incident response efforts, including analysis, mitigation, and reporting of significant incidents per CJCSM 6510.01B.
- Manage incident response campaigns by developing strategies, coordinating multi-team efforts, and ensuring comprehensive resolution and reporting.
- Conduct proactive threat hunting to identify advanced threats and network vulnerabilities.
- Lead purple team exercises in collaboration with red and blue teams to evaluate and enhance detection and response capabilities.
- Evaluate and refine detection mechanisms, including IDS/IPS signatures and log correlation rules, to improve accuracy and reduce false positives.
- Perform advanced network and host-based digital forensics on Windows and other operating systems to support investigations.
- Coordinate with reporting agencies and subscriber sites for comprehensive incident analysis and reporting.
- Develop and maintain internal SOP documentation, ensuring alignment with CJCSM 6510.01B and applicable directives.
- Work with a team to provide 24/7 support for incident response, including non-core hours, and mentor junior analysts.
- Participate in program reviews, product evaluations, and onsite certification assessments.
- Work four 10-hour shifts (Sunday-Wednesday or Wednesday Saturday); shift placement at management's discretion.
- Surge support may be required to support incident response actions.
- Up to 10% travel may be required, to include OCONUS locations. Required Experience: - 5 year's experience supporting CSSP or similar SOC technical role.
- Comprehensive knowledge of CJCSM 6510.01B and incident response procedures.
- In-depth expertise with IDS/IPS solutions, including signature development and optimization.
- Extensive experience performing digital forensics across multiple operating systems. Certifications Required: DoD 8570 IAT Level II certification and CSSP/CND certification
required. Security Clearance Required: DoD Secret Education Level Required: Bachelor's Degree in Cybersecurity, Computer, Electrical, or Electronics Engineering, OR Mathematics with a concentration in computer science or equivalent -
ABOUT THE COMPANY
-
-
Government Careers
Show moreGovernment jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.
Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.
Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.
-