CND Watch Officer

Ft. Meade, MD

Industry: ALKU:Gov SysNet Job Number: 130709

CND Watch Officer

Candidate must have a TS/SCI security clearance.

Program Description:

The contract is responsible for protecting the defense information network.  The program supports multiple customers in supporting real-time threat detection and analysis.  The team is responsible for the 24 x 7 x 365 protection of the customer’ s network from maliciously intended viruses and attacks on their network.

Day to Day Responsibilities:

Coordinate Computer Network Defense (CND) operations with DoD Component Commands/Services/Agencies/Field Activities (CC/S/A/FA) and monitor and report effect of DCO-IDM operations on CC/S/A/FA missions.

Have knowledge of DoD Computer Network Defense with an understanding of the lifecycle of the network threats, attack vectors, and network vulnerability exploitation.

Day to day responsibilities may include:
  • Obtain and maintain a working knowledge of the current status of Orders issued by JFHQ-DODIN, and subordinate organizations compliance with issued orders
  • Provide near real time situational monitoring of an aligned AO to achieve, sustain, and present a near real time situational understanding of the AO’ s operational environment.
  • Tracking ongoing operations, the posture and disposition of friendly forces and adversary activity
  • Monitoring, consuming and analyzing operational, intelligence, and incident reporting
  • Monitoring and querying Security Information and Event Management (SIEM) tools (e.g., Splunk, ArcSight, McAfee Network Security Manager, etc.) for anomalous activity    
  • Collect, analyze and distribute Indicators of Compromise (IOC) in support of the development and implementation of DOD countermeasures
  • Develop metrics to measure the effectiveness of practices and controls to mitigate threats and vulnerabilities; and develop dashboards that illustrate the effectiveness of risk mitigation over time. 
  • Coordinate DODIN Operations and Defensive Cyber Operations with DOD cyber components; obtain situation reports, incident response efforts, and obtain information for briefings, presentations, or other situational awareness products used to inform senior leadership

Required Skills:
  • SIEM Tool Experience (ArcSight, Splunk, Wireshark, etc)
  • Knowledge of Windows and/or Unix operating systems
  • Knowledge of LAN/WAN design and general internetworking technologies
  • Knowledge of security principles, approaches, and technologies (Defense-in-Depth)
  • Knowledge of IT security architecture and design (firewalls, IDS/IPS, VPN, Endpoint protection)
  • Experience briefing Senior Leaders

Desired Skills:
  • Knowledge of DOD Cyberspace Operations (JP 3-12)
  • Knowledge of the DoD orders process
  • Knowledge of DOD’ s Cyber Incident Handling Program (CJCSM 6510.01B)
  • Knowledge of DODIN Transport (DODI 8010.01)
  • Knowledge of Cybersecurity Activities Support to DODIN Operations (DODI 8530.01)
  • Familiarity with Joint Reporting Structure guidance (CJCSM 3150.05D, CJCSM 3150.07E)
  • Familiarity with conducting risk assessments (NIST SP 800-30 Rev 1, Guide for Conducting Risk Assessments; DODIN Risk Assessment Methodology)
  • Familiarity with enhancing trust in email (NIST SP 800-177, Trustworthy Email guidance)
  • Working knowledge of DOD Security Technical Implementation Guide (STIG) Viewer
  • Working knowledge of Packet Capture (PCAP) and analysis (Noesis, Wireshark)
  • Working knowledge of DOD Boundary and SIEM Tools (DISA Enterprise Collaborative Operational Sensor suite JRSS, etc.)
  • DoD 8750 certification at IAT level II or higher; Security+ce.

Job Type: Full Time 

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.