Tier 3 DCO Watch Analyst

Job Description

Job Description

BreakPoint Labs is seeking a Tier 3 DCO Watch Analyst responsible for leading complex incident response, conducting proactive threat hunting, and enhancing detection capabilities within a Cybersecurity Service Provider (CSSP) environment. The analyst oversees incident analysis, coordinates with internal and external stakeholders, leads purple team exercises, and drives improvements to detection and response capabilities. This position requires advanced expertise, operational leadership, and strict compliance with CJCSM 6510.01B standards.

Required Responsibilities:

• Lead incident response efforts, including analysis, mitigation, and reporting of significant incidents per CJCSM 6510.01B.
• Manage incident response campaigns by developing strategies, coordinating multi-team efforts, and ensuring comprehensive resolution and reporting.
• Conduct proactive threat hunting to identify advanced threats and network vulnerabilities.
• Lead purple team exercises in collaboration with red and blue teams to evaluate and enhance detection and response capabilities.
• Evaluate and refine detection mechanisms, including IDS/IPS signatures and log correlation rules, to improve accuracy and reduce false positives.
• Perform advanced network and host-based digital forensics on Windows and other operating systems to support investigations.
• Coordinate with reporting agencies and subscriber sites for comprehensive incident analysis and reporting.
• Develop and maintain internal SOP documentation, ensuring alignment with CJCSM 6510.01B and applicable directives.
• Work with a team to provide 24/7 support for incident response, including non-core hours, and mentor junior analysts.
• Participate in program reviews, product evaluations, and onsite certification assessments.
• Work four 10-hour shifts (Sunday-Wednesday or Wednesday Saturday); shift placement at management’s discretion.
• Surge support may be required to support incident response actions.
• Up to 10% travel may be required, to include OCONUS locations.

Required Experience:

• 5 years experience supporting CSSP or similar SOC technical role.
• Comprehensive knowledge of CJCSM 6510.01B and incident response procedures.
• In depth expertise with IDS/IPS solutions, including signature development and optimization.
• Extensive experience performing digital forensics across multiple operating systems.

Certifications Required: DoD 8570 IAT Level II certification and CSSP/CND certification
required.

Security Clearance Required: DoD Secret

Education Level Required: Bachelor’s Degree in a technical or managerial related discipline,
or 7+ years if High School Diploma/GED.

Company DescriptionBreakPoint Labs, a small business cybersecurity services firm, is dedicated to providing the methods and means for sustainable, measurable, and effective cybersecurity operations. Powered by highly motivated, experienced cybersecurity professionals with technical and scientific proficiency, BreakPoint Labs is developing and leveraging technology to enable a more secure cyberspace. With well-formed service delivery models in cybersecurity assessments, defensive cyber operations, research and development, and cybersecurity training, BreakPoint Labs supports a diverse customer base in addressing its most challenging problems in cyberspace.

BreakPoint Labs is constantly seeking enthusiastic cybersecurity professionals, either to exchange technical ideas and lessons learned or to potentially join the BreakPoint Labs Team. Through an established corporate culture, BreakPoint Labs embraces a highly technical, [geeky] workforce passionate about developing and leveraging technology to secure cyberspace.

Company Description

BreakPoint Labs, a small business cybersecurity services firm, is dedicated to providing the methods and means for sustainable, measurable, and effective cybersecurity operations. Powered by highly motivated, experienced cybersecurity professionals with technical and scientific proficiency, BreakPoint Labs is developing and leveraging technology to enable a more secure cyberspace. With well-formed service delivery models in cybersecurity assessments, defensive cyber operations, research and development, and cybersecurity training, BreakPoint Labs supports a diverse customer base in addressing its most challenging problems in cyberspace.\r\n\r\nBreakPoint Labs is constantly seeking enthusiastic cybersecurity professionals, either to exchange technical ideas and lessons learned or to potentially join the BreakPoint Labs Team. Through an established corporate culture, BreakPoint Labs embraces a highly technical, [geeky] workforce passionate about developing and leveraging technology to secure cyberspace.