Job Requirements
Pearl Harbor, HI
Secret Polygraph not specified
Mid Level Career (5+ yrs experience)
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
BreakPoint Labs is seeking a Tier 3 DCO Watch Analyst responsible for leading complex incident response, conducting proactive threat hunting, and enhancing detection capabilities within a Cybersecurity Service Provider (CSSP) environment. The analyst oversees incident analysis, coordinates with internal and external stakeholders, leads purple team exercises, and rives improvements to detection and response capabilities. This position requires advanced expertise, operational leadership, and strict compliance with CJCSM 6510.01B standards.
Responsibilities include:
-Lead incident response efforts, including analysis, mitigation, and reporting of significant incidents per JCSM 6510.01B.
- Manage incident response campaigns by developing strategies, coordinating multi-team efforts, and ensuring comprehensive resolution and reporting.
- Conduct proactive threat hunting to identify advanced threats and network vulnerabilities.
- Lead purple team exercises in collaboration with red and blue teams to evaluate and enhance detection and response capabilities.
- Evaluate and refine detection mechanisms, including IDS/IPS signatures and log correlation rules, to improve accuracy and reduce false positives.
- Perform advanced network and host-based digital forensics on Windows and other operating systems to support investigations.
- Coordinate with reporting agencies and subscriber sites for comprehensive incident analysis and reporting.
- Develop and maintain internal SOP documentation, ensuring alignment with CJCSM 6510.01B and applicable directives.
- Work with a team to provide 24/7 support for incident response, including non-core hours, and mentor junior analysts.
- Participate in program reviews, product evaluations, and onsite certification assessments.
- Work four 10-hour shifts (Sunday-Wednesday or Wednesday- Saturday); shift placement at management's discretion.
- Surge support may be required to support incident response actions.
- Up to 10% travel may be required, to include OCONUS locations.
Required Experience:
- 5 years experience supporting CSSP or similar SOC technical role.
- Comprehensive knowledge of CJCSM 6510.01B and incident response procedures.
- In depth expertise with IDS/IPS solutions, including signature development and optimization.
- Extensive experience performing digital forensics across multiple operating systems.
- Advanced proficiency with host-based tools and operating system logging.
- Expert-level skills with log aggregation and correlation tools (e.g., Splunk, Elastic, Sentinel).
- Exceptional logical reasoning, analytical skills, and independent problem-solving ability.
- Superior written and verbal communication skills.
- Demonstrated ability to mentor and guide junior analysts.
Certifications Required: DoD 8570 IAT Level II certification and CSSP certification. Certifications IAT Level II & CSSP/CND Certification.
DOW Clearance Required: Security Clearance Secret.
Education Required: Bachelor's Degree in Area(s) of technical or managerial related discipline. OR, in lieu of Bachelor's Degree, 7+ years in addition to a High School Diploma/GED.
Responsibilities include:
-Lead incident response efforts, including analysis, mitigation, and reporting of significant incidents per JCSM 6510.01B.
- Manage incident response campaigns by developing strategies, coordinating multi-team efforts, and ensuring comprehensive resolution and reporting.
- Conduct proactive threat hunting to identify advanced threats and network vulnerabilities.
- Lead purple team exercises in collaboration with red and blue teams to evaluate and enhance detection and response capabilities.
- Evaluate and refine detection mechanisms, including IDS/IPS signatures and log correlation rules, to improve accuracy and reduce false positives.
- Perform advanced network and host-based digital forensics on Windows and other operating systems to support investigations.
- Coordinate with reporting agencies and subscriber sites for comprehensive incident analysis and reporting.
- Develop and maintain internal SOP documentation, ensuring alignment with CJCSM 6510.01B and applicable directives.
- Work with a team to provide 24/7 support for incident response, including non-core hours, and mentor junior analysts.
- Participate in program reviews, product evaluations, and onsite certification assessments.
- Work four 10-hour shifts (Sunday-Wednesday or Wednesday- Saturday); shift placement at management's discretion.
- Surge support may be required to support incident response actions.
- Up to 10% travel may be required, to include OCONUS locations.
Required Experience:
- 5 years experience supporting CSSP or similar SOC technical role.
- Comprehensive knowledge of CJCSM 6510.01B and incident response procedures.
- In depth expertise with IDS/IPS solutions, including signature development and optimization.
- Extensive experience performing digital forensics across multiple operating systems.
- Advanced proficiency with host-based tools and operating system logging.
- Expert-level skills with log aggregation and correlation tools (e.g., Splunk, Elastic, Sentinel).
- Exceptional logical reasoning, analytical skills, and independent problem-solving ability.
- Superior written and verbal communication skills.
- Demonstrated ability to mentor and guide junior analysts.
Certifications Required: DoD 8570 IAT Level II certification and CSSP certification. Certifications IAT Level II & CSSP/CND Certification.
DOW Clearance Required: Security Clearance Secret.
Education Required: Bachelor's Degree in Area(s) of technical or managerial related discipline. OR, in lieu of Bachelor's Degree, 7+ years in addition to a High School Diploma/GED.
group id: 90987816