Job Description

Cybersecurity Analyst – Operations Watch Analyst

Location:

Stuttgart, Germany

Clearance Level:

Minimum Secret (TS/SCI eligibility required)

Summary:

3 Reasons Consulting is seeking a skilled

Cybersecurity Analyst – Operations Watch Analyst

to join our cybersecurity operations team in Stuttgart, Germany. This position is responsible for isolating, investigating, validating, and responding to suspicious cyber events and incidents. The Analyst will ensure compliance with

CJCSM 6510.01B reporting requirements

, provide incident response support, and perform forensic analysis to protect mission-critical systems. The role operates in a

24/7/365 watch environment

, requiring shift flexibility and the ability to respond rapidly to emerging cyber threats.

Services to be performed include, but are not limited to:

Monitor, detect, and analyze network intrusion activity to identify suspicious or malicious events. Validate suspicious events, determine incident severity, and enter information into the appropriate reporting system. Ensure compliance with

CJCSM 6510.01B

and other relevant directives. Provide incident response support for the Cybersecurity Service Provider (CSSP) and subscriber sites. Coordinate with JFHQ-DoDIN and supported entities to ensure timely reporting and analysis of significant incidents. Conduct network and host-based forensic analysis (Windows and other operating systems). Perform full packet capture (PCAP) analysis using Wireshark and related tools. Conduct log correlation and analysis with Splunk and supplemental platforms. Develop and implement IDS/IPS signatures and assist with signature tuning. Participate in program reviews, evaluations, and certification assessments. Provide 24/7 support with shift schedules of four (4) ten-hour days per week, including one weekend day.

Required Education and Experience:

U.S. Citizenship required Bachelor’s degree in a relevant discipline OR minimum 3 years of relevant experience (DoD preferred) Experience with incident validation, response, and reporting Knowledge of IDS/IPS, packet analysis, and log aggregation tools Ability to work rotating shifts in a 24/7 operational environment Up to 15% global travel; must be able to travel on short notice (72 hours)

Required Certification(s):

Must meet

DoD 8570 IAT II

certification requirements Must hold or be able to obtain

CSSP Analyst certification(s)

Preferred Qualifications:

5+ years of incident response experience Knowledge of

CJCSM 6510.01B

and DoD incident response processes Experience with digital forensics and host-based security tools Strong analytical skills and independent problem-solving ability Excellent verbal and written communication skills

Clearance Level:

Active

Secret Clearance

required Must be able to obtain and maintain

TS/SCI

Skills and Competencies:

Incident response and forensics Packet capture analysis (PCAP) Splunk and log correlation tools IDS/IPS development and monitoring Strong analytical and communication abilities

Benefits at 3 Reasons Consulting:

Company-Paid Benefits:

Short/Long Term Disability Basic Life Insurance Direct Payroll Deposit Leave Accrual Holidays 401(k) Match

Employee / Company Shared Benefits:

Additional (Voluntary) Life Insurance 401(k) Medical Coverage Dental Coverage Vision Care Plan Flexible Spending Account Plan

An Equal Opportunity Employer

3 Reasons Consulting is an Equal Opportunity Employer. We are committed to providing a workplace free from discrimination or harassment and hold all 3 Reasons employees accountable to protect this mission. We do not discriminate on the basis of race, color, gender, religion, national origin, sexual orientation, age, marital status, veteran status, military status, disability status, or any other characteristic protected by federal, state, or local law. All applicants will receive consideration for employment without regard to protected bases.