Cyber Defense Lead (DCO Lead)

Company Description

Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide.

Job Description

Defend the mission where it matters most!

SOSi is seeking a Cyber Defense Lead (DCO Lead) in Pearl Harbor, Hawaii to spearhead 24/7 defensive cyberspace operations in support of the Indo‑Pacific enterprise. This role calls for a hands‑on leader who thrives at the intersection of real‑time threat detection, rapid response, and operational resilience-someone who can unify cyber operations, engineering, and compliance into a single, mission‑focused defense posture. The DCO Lead will drive synchronized cyber defense execution, ensuring continuous visibility, decisive action, and unwavering mission assurance across a dynamic and contested digital battlespace.

Essential Job Duties:

• Lead the Defensive Cyberspace Operations (DCO) branch, providing daily oversight of cyber defense, incident response, vulnerability management, and compliance tracking.
• Supervise, mentor, and train analysts and engineers to ensure consistent performance and procedural adherence across shifts.
• Serve as the Incident Response Lead for escalated cyber events, coordinating containment, remediation, and communication with mission partners and CSSP stakeholders.
• Collaborating with the Deputy, Battle Captains, and Operations/Engineering leads to maintain unified situational awareness across network, system, and cyber domains.
• Direct proactive threat hunting and detection tuning using adversary TTPs and MITRE ATT&CK methodology.
• Oversee AI- and SOAR-assisted response workflows, ensuring automation pipelines align with NSOC standard operating procedures (SOPs).
• Track and report CTOs, ATOs, POA&Ms, and vulnerability remediation metrics to support accreditation and compliance.
• Conduct and document tabletop exercises, readiness drills, and after-action reviews to validate detection and response posture.
• Develop and deliver daily/weekly SITREPs, KPIs, and incident summaries for leadership.
• Ensure DCO processes comply with RMF, CSSP, and DoD 8140 standards, maintaining accreditation readiness.

Qualifications

Minimum Requirements:

• Active in-scope Secret clearance.
• Bachelor's degree in Cybersecurity, Computer Science, or related discipline (or equivalent work experience).
• 5+ years of experience in SOC/NSOC or Defensive Cyberspace Operations environments.
• IAT Level III (CASP+, CISSP) or CND (GCIH, GCIA, CEH, CFR).
• Demonstrated experience leading teams or shift operations within a cyber defense or SOC environment.
• Strong proficiency with SIEM, EDR, and SOAR platforms (e.g., Splunk, Elastic, Microsoft Defender, Trellix, Chronicle).
• Knowledge of adversary TTPs, malware analysis, and incident response methodologies.
• Excellent leadership, communication, and analytical problem-solving skills.

Preferred Qualifications:

• Top Secret/SCI clearance.
• Advanced certifications such as GCIA, GCIH, GDAT, CISSP, or GCTI.
• Prior experience in military or coalition cyber defense environments.
• Familiarity with AI-assisted detection, SOAR automation, and Zero Trust Architecture

Additional Information

Work Environment:

• Working conditions are normal for an office environment.
• Fast paced, deadline-oriented environment.
• May require periods of non-traditional working hours including consecutive nights or weekends.
• Target Salary Range: $110,642 to $149,366.

Working at SOSi:

All interested individuals will receive consideration and will not be discriminated against for any reason.