Defensive Cyberspace Operation (DCO) Analyst
Job Locations
US-CO-Colorado Springs
Job ID
2024-4755
of Openings
1
Clearance Requirement
TS/SCI CI
Education Requirement
High School Diploma/GED
Certifications
CEH, CySA+, GCIH, GCIA, CFR, CCNA Cyber Ops, CCNA-Security,
GICSP, Cloud+, SCYBER, PenTest+, CHFI or GCFA
Experience Level
Mid-level
Overview
The Defensive Cyber Operations Analyst (DCO) provides planning,
execution, and follow-on support for the United States Space Force
(USSF) via the Space Operations Command (SpOC) Intelligence and
Cyber-defense Enterprise Services (SPICES) contract. This role will align
with the government's 12-hour shift structure with day shift being 7am to
7pm and night shift being 7pm to 7am. The DCO operators work 4, 12 hour
shifts with 3 subsequent days off.
As a dynamic systems integrator, SMS offers proven solutions in
engineering, operations, cybersecurity, and digital transformation. With
expertise in modernizing and optimizing legacy infrastructure and systems,
ensuring operational efficiency, and designing, implementing, and
managing secure environments, SMS supports business and mission goals with
proficiency, quality, and integrity.
SMS has been serving the advanced information technology needs of the federal
government since 1976, delivering talented teams and innovative,
cost-effective solutions and services to support our customers' missions for
more than 40 years. SMS is headquartered in McLean, Virginia, with offices
and on-site operations at customer locations throughout the United States. For
additional information on SMS, visit www.sms.com.
Submit your resume today!
Responsibilities
Conducting intrusion analysis and correlation of unauthorized activities;
provide recommendations to improve customer mitigation processes.
Perform threat insight processes to provide analysis to support mitigation and
remediation activities.
Conduct incident handling in accordance with CJCSM 6510.01B; utilize AFSPC
9-Line Report format to relay incident details. Support SpOC ACCC Operational
Planning Team activities as required.
Analyze cyber incidents, correlate incident details and formulate response
actions.
Provide recommendations on tuning and maximizing capability of existing
tools, while providing recommendations for other tools to increase capability.
Monitor government provided DCO tools and systems.
Conduct after action processes to capture efforts taken to mitigate
unauthorized actions.
Participate in development of DCO Tactics, Techniques and Procedures (TTPs).
Participate in development of DCO concept of operations, processes and
procedures.
Identify security discrepancies and report security incidents.
Provide expert research and analysis in support of expanding programs and area
of responsibility
Provide leadership, mentoring, and quality assurance for team members.
Ability to communicate effectively, both orally and in writing; negotiate
complex issues; write comprehensive studies; and maintain good working
relationships.
Strong analytical and product management skills required, including a
thorough understanding.
Prepare briefings, reports, informational analyses in support of USSF and
SpOC.
Invest time and effort to understand the mission systems, their
architecture, functions and dependencies, assist with Functional Mission
Analysis to increase the resilience of the system/s.
Perform records management of sustainment related deliverables and
documentation.
Participate in customer exercises, after duty hours may be required.
Ensure adherence to Government policies, master plans and schedules, and
develop solutions to program problems.
Comply with USCYBERCOM directions and task orders provided via AFCYBER, and
SpOC AFFOR Communications Control Center (ACCC).
Vulnerability Management actions to include providing recommendations and
responding INFOCON and CPCON changes.
Qualifications
Active DoD TS/SCI security clearance
Three or more years Cyber Security Services Provider activity and experience.
This includes continuous Cybersecurity Monitoring, Intrusion Detection
and/or Cyber Incident Response is required.
Minimum of one active DoD 8570.07-M Cyber Security Services Provider
(CSSP) Analyst Certification AND/OR Incident Responder Certification
(CEH, CySA+, GCIH, GCIA, CFR, CCNA Cyber Ops, CCNA-Security,
GICSP, Cloud+, SCYBER, PenTest+, CHFI or GCFA)