Today
Secret
Early Career (2+ yrs experience)
$125,000 - $150,000
Security
Washingtn, DC (Off-Site/Hybrid)
We are seeking a mid-level cybersecurity consultant (3–5 years experience) to support the Air Force’s Defensive Cyber Operations (DCO) mission by deploying and managing cybersecurity sensor platforms across operational technology (OT) environments. This role places a distinct emphasis on control systems, including industrial control systems (ICS) and building automation systems (BAS), supporting intrusion detection, incident response, and data visualization within critical federal infrastructure.
The ideal candidate will have hands-on experience with sensor technologies like IDCS and VOLTRN+, and a working knowledge of ICS/BAS protocols, OT-centric cyber tools (e.g., Nomi, Guardian, Tenable OT Security), and Air Force cyber operations frameworks. You will act as a technical liaison between AF cyber forces and sensor teams, ensuring OT telemetry is effectively integrated into DCO workflows.
Key Responsibilities
Sensor Operations & Deployment
Plan, configure, and oversee the deployment of IDCS, VOLTRN+, and equivalent OT intrusion detection systems.
Tune and manage detection rules to align with mission-specific control system configurations (e.g., SCADA, PLCs, BAS).
Investigate and refine alerts to reduce false positives while maintaining detection integrity.
OT-Centric Threat Monitoring & Analytics
Correlate sensor outputs with OT asset data to identify anomalous behaviors and potential cyber incidents.
Develop and maintain real-time dashboards (Splunk, ELK, or similar) to visualize threat telemetry, event patterns, and alert trends across control systems.
Apply machine learning or rule-based correlation techniques to improve anomaly detection and alerting thresholds.
Liaison to Defensive Cyber Operations (DCO)
Translate OT system health and sensor data into actionable reports for Mission Defense Teams (MDTs) and Cyber Protection Teams (CPTs).
Provide briefings to both technical operators and senior leadership on sensor performance, coverage, and mission impact.
Interface with DCO and CSSP stakeholders to ensure sensor outputs align with evolving AF cyber priorities.
Training & Certification Mapping
Assess current sensor-monitoring roles against DoD workforce certification frameworks (e.g., DoD IAM, CSSP).
Recommend training pathways to align AF personnel with evolving OT cybersecurity detection requirements.
Track and report on role-based compliance with certification and readiness benchmarks.
Qualifications
Required Skills
3–5 years of hands-on experience with intrusion detection systems and network monitoring
Familiarity with ICS/BAS technologies, including Rockwell Automation, Interstates, or Hirschman systems
Experience working with OT protocols and SCADA/BAS telemetry
Strong communication skills for both technical and executive audiences
Experience using Splunk, ELK, or other monitoring dashboards for alerting and visualization
Preferred Experience
Hands-on with IDCS, VOLTRN+, Nomi, Guardian, Claroty, or Tenable OT Security platforms
Understanding of AF cyber operations, including CPT, CVA-H toolkits, CSSP, or OCO/DCO pipelines
Knowledge of cloud-based monitoring environments, including AWS/Azure integrations for OT detection
Familiarity with digital twin frameworks, sensor fusion, and after-action reviews for playbook refinement
Professional certifications like GICSP, CCNA (industrial/OT focus), or other industrial cybersecurity credentials
Additional Role Details
Location: Hybrid – 2–3 days onsite at the Pentagon
Travel: Minimal expected (5–10%)
Security Clearance: TS/SCI required (Secret acceptable based on client)
Employment Type: Full-time
Salary Range: $120,000 – $160,000 (commensurate with experience)
The ideal candidate will have hands-on experience with sensor technologies like IDCS and VOLTRN+, and a working knowledge of ICS/BAS protocols, OT-centric cyber tools (e.g., Nomi, Guardian, Tenable OT Security), and Air Force cyber operations frameworks. You will act as a technical liaison between AF cyber forces and sensor teams, ensuring OT telemetry is effectively integrated into DCO workflows.
Key Responsibilities
Sensor Operations & Deployment
Plan, configure, and oversee the deployment of IDCS, VOLTRN+, and equivalent OT intrusion detection systems.
Tune and manage detection rules to align with mission-specific control system configurations (e.g., SCADA, PLCs, BAS).
Investigate and refine alerts to reduce false positives while maintaining detection integrity.
OT-Centric Threat Monitoring & Analytics
Correlate sensor outputs with OT asset data to identify anomalous behaviors and potential cyber incidents.
Develop and maintain real-time dashboards (Splunk, ELK, or similar) to visualize threat telemetry, event patterns, and alert trends across control systems.
Apply machine learning or rule-based correlation techniques to improve anomaly detection and alerting thresholds.
Liaison to Defensive Cyber Operations (DCO)
Translate OT system health and sensor data into actionable reports for Mission Defense Teams (MDTs) and Cyber Protection Teams (CPTs).
Provide briefings to both technical operators and senior leadership on sensor performance, coverage, and mission impact.
Interface with DCO and CSSP stakeholders to ensure sensor outputs align with evolving AF cyber priorities.
Training & Certification Mapping
Assess current sensor-monitoring roles against DoD workforce certification frameworks (e.g., DoD IAM, CSSP).
Recommend training pathways to align AF personnel with evolving OT cybersecurity detection requirements.
Track and report on role-based compliance with certification and readiness benchmarks.
Qualifications
Required Skills
3–5 years of hands-on experience with intrusion detection systems and network monitoring
Familiarity with ICS/BAS technologies, including Rockwell Automation, Interstates, or Hirschman systems
Experience working with OT protocols and SCADA/BAS telemetry
Strong communication skills for both technical and executive audiences
Experience using Splunk, ELK, or other monitoring dashboards for alerting and visualization
Preferred Experience
Hands-on with IDCS, VOLTRN+, Nomi, Guardian, Claroty, or Tenable OT Security platforms
Understanding of AF cyber operations, including CPT, CVA-H toolkits, CSSP, or OCO/DCO pipelines
Knowledge of cloud-based monitoring environments, including AWS/Azure integrations for OT detection
Familiarity with digital twin frameworks, sensor fusion, and after-action reviews for playbook refinement
Professional certifications like GICSP, CCNA (industrial/OT focus), or other industrial cybersecurity credentials
Additional Role Details
Location: Hybrid – 2–3 days onsite at the Pentagon
Travel: Minimal expected (5–10%)
Security Clearance: TS/SCI required (Secret acceptable based on client)
Employment Type: Full-time
Salary Range: $120,000 – $160,000 (commensurate with experience)
group id: 91123230
