By Light Professional IT Services

Cyberspace Watch Officer

Job Locations US-MD-Fort Meade
Posted Date 4 months ago(11/19/2019 10:09 AM)
# of Openings
Information Technology


By Light is hiring a Cyber Watch Officer to join our team supporting a Government customer. This position will perform Computer Network Defense (CND) incident handling, vulnerability management/reporting, risk analysis and readiness, and strategic analysis to enable the customer to identify active exploits and threats to the network. This position is a shift work position and could require you to work day shift, afternoons, or overnight, as well as weekends and holidays.


  • Maintain awareness and conduct analysis of directives, orders, alerts, and messages to respond to official CND community Requests for Information (RFIs) with the appropriate data and analysis.
  • Extract and prepare information and reporting from internal and external cyber elements into daily situational awareness and operational update briefings to leadership.
  • Monitor network traffic for security events and perform analysis to identify security incidents.
  • Perform and participate in the incident handling process, e.g. incident discovery, analysis and verification, incident tracking, containment and recovery, incident response coordination, escalation and notification.
  • Coordinate and ensure DoD incident handling procedures adhere to DoD guidance, regulations, and directives.

Required Experience/Qualifications

  • Bachelor's degree in a relevant technical discipline and 6+ years of overall related experience (An additional 4+ years of information technology and/or cyber experience may be substituted in lieu of a degree)
  • SIEM Tool experience (ArcSight, Splunk, Wireshark, McAfee Network Security Manager, etc).
  • Experience with various Microsoft technologies such as MS Office 2013 and SharePoint.
  • Knowledge of the DoD orders process.

  • Knowledge of Cyber Incident Handling/Triage.

  • Knowledge of Cyber vulnerability management cycle.

  • Knowledge of Windows and/or Unix operating systems.

  • Knowledge of LAN/WAN design and general internetworking technologies.

  • Knowledge of security principles, approaches, and technologies (Defense-in-Depth).

  • Knowledge of IT security architecture and design (firewalls, IDS/IPS, VPN, Endpoint protection).

  • Good oral and written communication skills.

Preferred Experience/Qualifications

  • Currently possess DoD 8750 certification at IAT level II, Security+ce.
  • Knowledge of the DoD Information Assurance Vulnerability Management (IAVM) process. 

  • Knowledge of DOD Cyberspace Operations (JP 3-12).

  • Knowledge of DOD's Cyber Incident Handling Program (CJCSM 6510.01B).

  • Knowledge of DODIN Transport (DODI 8010.01).

  • Knowledge of Cybersecurity Activities Support to DODIN Operations (DODI 8530.01).

  • Knowledge of the Cyber Mission Force (CMF) Construct.

  • Familiarity with Joint Reporting Structure guidance (CJCSM 3150.05D, CJCSM 3150.07E).

  • Familiarity with conducting risk assessments (NIST SP 800-30 Rev 1, Guide for Conducting Risk Assessments; DODIN Risk Assessment Methodology).

  • Familiarity with enhancing trust in email (NIST SP 800-177, Trustworthy Email guidance).
  • Working knowledge of DOD Security Technical Implementation Guide (STIG) Viewer.

  • Working knowledge of Packet Capture (PCAP) and analysis (Noesis, Wireshark).

  • Working knowledge of DOD Boundary and SIEM Tools (DISA Enterprise Collaborative Operational Sensor suite JRSS, etc.).

Special Requirements/Security Clearance

  • Active TS/SCI security clearance required.
  • This position is a shift work position and could require you to work day shift, afternoons, or overnight, as well as weekends and holidays.
  • Shift will be Friday - Sun, 0420 - 1740 [13-hr, 20-min shift]



Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed