Job Requirements
Charleston, SC
Secret Polygraph not specified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Position Title: Attack Sensing & Warning (AS&W) Technical Lead
Location: Charleston, South Carolina
Minimum Security Clearance: Secret, with ability to obtain Top Secret / Sensitive Compartmented Information (TS/SCI)
eCRAFT: CSE2
Education: Bachelor’s degree in a relevant discipline preferred
Years of Experience: Five (5) years with degree or eight (8) years of equivalent experience
Position Description
The Attack Sensing & Warning (AS&W) Technical Lead serves as the technical authority for global AS&W operations, overseeing defensive cyber operations across multiple Regional Operations Centers (ROCs) and the DETECT team. This leadership role is responsible for directing incident response activities, ensuring technical excellence, enforcing quality control standards, and integrating operations across geographically dispersed teams.
As a subject matter expert in AS&W operations, the Technical Lead drives operational consistency, technical rigor, and continuous improvement across cybersecurity processes. This role requires strong leadership in high-pressure environments, the ability to manage complex technical initiatives, and a proactive approach to personnel development, conflict resolution, and team cohesion.
Duties and Responsibilities
Serve as the AS&W Subject Matter Expert (SME) during live incident response, providing near-real-time quality control and oversight
Ensure accurate documentation, campaign notes, and operational updates are maintained by Regional Operations Centers and analysts
Provide mentorship and professional development guidance to Defensive Cyber Operations (DCO) Watch and DETECT team members
Coordinate communications, policies, and processes across regional operations center analysts and incident responders
Lead continuous review and improvement of operational processes and procedural documentation governing ROC operations
Collaborate with training development teams to design, execute, and maintain role-based baseline and progressive training plans
Ensure quality control of DCO Watch products, including threat hunts, detection evaluations, and purple team reports
Identify, assess, and mitigate operational and programmatic risks
Lead cross-functional technical teams and manage task prioritization across service areas
Participate in meetings and conferences with internal and external stakeholders to ensure delivery of high-quality products within established schedules
Coordinate with customer organizations to improve operational processes, outcomes, and overall customer experience
Ensure organizational processes align with customer policies and external directives
Conduct periodic onsite evaluations of personnel and team performance at regional operations center facilities
Support short-notice global travel requirements as mission needs dictate
Delegate high-level training priorities to the Service Area Training Lead to execute enterprise training initiatives
Serve as the primary point of contact for coordinating and deconflicting surge support and operational interactions between DETECT and DCO Watch teams
Act as a Trusted Agent for all Red Team operations
Required Skills
Extensive knowledge of Attack Sensing & Warning operations, incident response, and defensive cyber workflows
Experience with quality control processes, ticket management, and analyst performance evaluation
Proficiency reviewing, refining, and enforcing operational documentation and procedures
Expert-level knowledge of Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01B
Strong critical thinking, analytical reasoning, and problem-solving abilities
Demonstrated ability to maintain composure and make effective decisions under stress
Desired Skills
Strong leadership, decision-making, and operational oversight capabilities
Ability to operate effectively in fast-paced, high-pressure cybersecurity environments
Excellent verbal and written communication skills
Proven ability to lead cross-functional and geographically distributed teams
Experience, Education and Certification Requirements
Bachelor’s degree in a relevant discipline with a minimum of five (5) years of experience, or
At least eight (8) years of experience working in a cybersecurity operations environment
Minimum of four (4) years of experience in a leadership role
Must meet Department of Defense (DoD) 8570 Information Assurance Technical (IAT) Level III and other applicable certification requirements
Additional Information
Position may require up to twenty percent (20%) travel based on mission requirements
May require extended hours beyond normal duty schedules to support operational needs
Benefits at 3 Reasons Consulting
At 3 Reasons Consulting, we are committed to supporting the well-being of our team with a comprehensive benefits package that includes both company-paid and shared-cost options. Our benefits are designed to enhance your health, financial security, and work-life balance to help you thrive personally and professionally as a valued member of our team.
Company-Paid Benefits
Short/Long Term Disability
Basic Life Insurance
Direct Payroll Deposit
Leave Accrual
Holidays
401(k) Match
Employee / Company Shared Benefits
Additional (Voluntary) Life Insurance
401(k)
Medical Coverage
Dental Coverage
Vision Care Plan
Flexible Spending Account Plan
3 Reasons Consulting is an Equal Opportunity Employer. We are committed to providing a workplace free from discrimination or harassment and hold all 3 Reasons employees accountable to protect this mission. We do not discriminate on the basis of race, color, gender, religion, national origin, sexual orientation, age, marital status, veteran status, military status, disability status, or any other characteristic protected by federal, state, or local law. All applicants will receive consideration for employment without regard to protected bases.
Location: Charleston, South Carolina
Minimum Security Clearance: Secret, with ability to obtain Top Secret / Sensitive Compartmented Information (TS/SCI)
eCRAFT: CSE2
Education: Bachelor’s degree in a relevant discipline preferred
Years of Experience: Five (5) years with degree or eight (8) years of equivalent experience
Position Description
The Attack Sensing & Warning (AS&W) Technical Lead serves as the technical authority for global AS&W operations, overseeing defensive cyber operations across multiple Regional Operations Centers (ROCs) and the DETECT team. This leadership role is responsible for directing incident response activities, ensuring technical excellence, enforcing quality control standards, and integrating operations across geographically dispersed teams.
As a subject matter expert in AS&W operations, the Technical Lead drives operational consistency, technical rigor, and continuous improvement across cybersecurity processes. This role requires strong leadership in high-pressure environments, the ability to manage complex technical initiatives, and a proactive approach to personnel development, conflict resolution, and team cohesion.
Duties and Responsibilities
Serve as the AS&W Subject Matter Expert (SME) during live incident response, providing near-real-time quality control and oversight
Ensure accurate documentation, campaign notes, and operational updates are maintained by Regional Operations Centers and analysts
Provide mentorship and professional development guidance to Defensive Cyber Operations (DCO) Watch and DETECT team members
Coordinate communications, policies, and processes across regional operations center analysts and incident responders
Lead continuous review and improvement of operational processes and procedural documentation governing ROC operations
Collaborate with training development teams to design, execute, and maintain role-based baseline and progressive training plans
Ensure quality control of DCO Watch products, including threat hunts, detection evaluations, and purple team reports
Identify, assess, and mitigate operational and programmatic risks
Lead cross-functional technical teams and manage task prioritization across service areas
Participate in meetings and conferences with internal and external stakeholders to ensure delivery of high-quality products within established schedules
Coordinate with customer organizations to improve operational processes, outcomes, and overall customer experience
Ensure organizational processes align with customer policies and external directives
Conduct periodic onsite evaluations of personnel and team performance at regional operations center facilities
Support short-notice global travel requirements as mission needs dictate
Delegate high-level training priorities to the Service Area Training Lead to execute enterprise training initiatives
Serve as the primary point of contact for coordinating and deconflicting surge support and operational interactions between DETECT and DCO Watch teams
Act as a Trusted Agent for all Red Team operations
Required Skills
Extensive knowledge of Attack Sensing & Warning operations, incident response, and defensive cyber workflows
Experience with quality control processes, ticket management, and analyst performance evaluation
Proficiency reviewing, refining, and enforcing operational documentation and procedures
Expert-level knowledge of Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01B
Strong critical thinking, analytical reasoning, and problem-solving abilities
Demonstrated ability to maintain composure and make effective decisions under stress
Desired Skills
Strong leadership, decision-making, and operational oversight capabilities
Ability to operate effectively in fast-paced, high-pressure cybersecurity environments
Excellent verbal and written communication skills
Proven ability to lead cross-functional and geographically distributed teams
Experience, Education and Certification Requirements
Bachelor’s degree in a relevant discipline with a minimum of five (5) years of experience, or
At least eight (8) years of experience working in a cybersecurity operations environment
Minimum of four (4) years of experience in a leadership role
Must meet Department of Defense (DoD) 8570 Information Assurance Technical (IAT) Level III and other applicable certification requirements
Additional Information
Position may require up to twenty percent (20%) travel based on mission requirements
May require extended hours beyond normal duty schedules to support operational needs
Benefits at 3 Reasons Consulting
At 3 Reasons Consulting, we are committed to supporting the well-being of our team with a comprehensive benefits package that includes both company-paid and shared-cost options. Our benefits are designed to enhance your health, financial security, and work-life balance to help you thrive personally and professionally as a valued member of our team.
Company-Paid Benefits
Short/Long Term Disability
Basic Life Insurance
Direct Payroll Deposit
Leave Accrual
Holidays
401(k) Match
Employee / Company Shared Benefits
Additional (Voluntary) Life Insurance
401(k)
Medical Coverage
Dental Coverage
Vision Care Plan
Flexible Spending Account Plan
3 Reasons Consulting is an Equal Opportunity Employer. We are committed to providing a workplace free from discrimination or harassment and hold all 3 Reasons employees accountable to protect this mission. We do not discriminate on the basis of race, color, gender, religion, national origin, sexual orientation, age, marital status, veteran status, military status, disability status, or any other characteristic protected by federal, state, or local law. All applicants will receive consideration for employment without regard to protected bases.
group id: 91091531