Job Description

Position Title:

Defensive Cyber Operations (DCO) Watch Officer

Location:

Stuttgart, Germany

Minimum Security Clearance:

Secret, with ability to obtain Top Secret/Sensitive Compartmented Information (TS/SCI)

eCRAFT:

SISS3

Education:

Bachelor’s preferred

Years of Experience

: 6

Citizenship

: U.S. Citizen required

Position Description

The Defensive Cyber Operations (DCO) Watch Officer is responsible for leading and mentoring Tier 1 analysts during assigned shifts within a 24/7/365 cyber operations environment. The Watch Officer ensures continuous and effective monitoring of supported networks, safeguarding them against unauthorized access, malicious activity, and other cyber threats. This role assigns tasks, monitors analyst performance, provides technical guidance, and coordinates cyber defense activities to ensure operational effectiveness. The Watch Officer plays a critical role in maintaining the overall security posture of mission systems and networks by leveraging strong knowledge of cyber defense principles, incident response processes, and analytical frameworks.

Duties and Responsibilities

Lead and guide incident response and investigation activities during campaigns, ensuring tasks are completed, properly documented, and vetted Coordinate with reporting agencies and supported sites to ensure timely and accurate incident reporting Analyze and respond to validated security incidents, determining severity and operational impact per Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01B Conduct log correlation and analysis to identify trends and patterns in network and system activity Perform network and host-based digital forensics on Windows and other operating systems as required Support intrusion detection system (IDS) and intrusion prevention system (IPS) signature development, refinement, and implementation Maintain an in-depth understanding of security concepts, protocols, architectures, processes, and tools Conduct ticket reviews and perform indicator and analysis quality control Ensure proper task and findings turnover during verbal shift handovers and campaign documentation updates Develop, compile, and maintain internal Standard Operating Procedures (SOPs) in compliance with CJCSM 6510.01B and applicable directives Provide mentorship and guidance to Tier 1 analysts to improve triage accuracy and effectiveness

Required Skills and Experience

Experience with log aggregation and analysis tools (e.g., Splunk, Elastic, Microsoft Sentinel) Experience with IDS/IPS, host-based security tools, and operating system logging solutions Experience conducting digital forensics on Windows and/or Linux operating systems Demonstrated experience performing threat hunting and/or incident response Familiarity with CJCSM 6510.01B Ability to mentor and guide Tier 1 analysts effectively

Desired Skills

Strong logical thinking, analytical, and problem-solving skills Excellent verbal and written communication skills

Experience, Education and Certification Requirements

Bachelor’s degree in a relevant technical discipline with at least 3 years of relevant experience, OR a minimum of 6 years of experience in a cyber operations, Security Operations Center (SOC), or similar environment Must meet DoD 8570 IAT Level II and applicable role-based certifications

Additional Information

Operations conducted 24/7/365 across three Regional Operations Centers (ROCs), each with four 10-hour shifts Shift placement determined by management Overtime may be required during surge or major incident response activities Up to 10% travel may be required

Benefits at 3 Reasons Consulting

At 3 Reasons Consulting, we are committed to supporting the well-being of our team with a comprehensive benefits package that includes both company-paid and shared-cost options. Our benefits are designed to enhance your health, financial security, and work-life balance to help you thrive personally and professionally as a valued member of our team.

Company-Paid Benefits

Short/Long Term Disability Basic Life Insurance Direct Payroll Deposit Leave Accrual Holidays 401(k) Match

Employee / Company Shared Benefits

Additional (Voluntary) Life Insurance 401(k) Medical Coverage Dental Coverage Vision Care Plan Flexible Spending Account Plan
3 Reasons Consulting is an Equal Opportunity Employer. We are committed to providing a workplace free from discrimination or harassment and hold all 3 Reasons employees accountable to protect this mission. We do not discriminate on the basis of race, color, gender, religion, national origin, sexual orientation, age, marital status, veteran status, military status, disability status, or any other characteristic protected by federal, state, or local law. All applicants will receive consideration for employment without regard to protected bases.