Cyber Defense Lead (DCO Lead)
About The Position
Defend the mission where it matters most! SOSi is seeking a Cyber Defense Lead (DCO Lead) in Pearl Harbor, Hawaii to spearhead 24/7 defensive cyberspace operations in support of the Indo‑Pacific enterprise. This role calls for a hands‑on leader who thrives at the intersection of real-time threat detection, rapid response, and operational resilience—someone who can unify cyber operations, engineering, and compliance into a single, mission‑focused defense posture. The DCO Lead will drive synchronized cyber defense execution, ensuring continuous visibility, decisive action, and unwavering mission assurance across a dynamic and contested digital battlespace.
Requirements
- Active in-scope Secret clearance.
- Bachelor’s degree in Cybersecurity, Computer Science, or related discipline (or equivalent work experience).
- 5+ years of experience in SOC/NSOC or Defensive Cyberspace Operations environments.
- IAT Level III (CASP+, CISSP) or CND (GCIH, GCIA, CEH, CFR).
- Demonstrated experience leading teams or shift operations within a cyber defense or SOC environment.
- Strong proficiency with SIEM, EDR, and SOAR platforms (e.g., Splunk, Elastic, Microsoft Defender, Trellix, Chronicle).
- Knowledge of adversary TTPs, malware analysis, and incident response methodologies.
- Excellent leadership, communication, and analytical problem-solving skills.
Nice To Haves
- Top Secret/SCI clearance.
- Advanced certifications such as GCIA, GCIH, GDAT, CISSP, or GCTI.
- Prior experience in military or coalition cyber defense environments.
- Familiarity with AI-assisted detection, SOAR automation, and Zero Trust Architecture
Responsibilities
- Lead the Defensive Cyberspace Operations (DCO) branch, providing daily oversight of cyber defense, incident response, vulnerability management, and compliance tracking.
- Supervise, mentor, and train analysts and engineers to ensure consistent performance and procedural adherence across shifts.
- Serve as the Incident Response Lead for escalated cyber events, coordinating containment, remediation, and communication with mission partners and CSSP stakeholders.
- Collaborating with the Deputy, Battle Captains, and Operations/Engineering leads to maintain unified situational awareness across network, system, and cyber domains.
- Direct proactive threat hunting and detection tuning using adversary TTPs and MITRE ATT&CK methodology.
- Oversee AI- and SOAR-assisted response workflows, ensuring automation pipelines align with NSOC standard operating procedures (SOPs).
- Track and report CTOs, ATOs, POA&Ms, and vulnerability remediation metrics to support accreditation and compliance.
- Conduct and document tabletop exercises, readiness drills, and after-action reviews to validate detection and response posture.
- Develop and deliver daily/weekly SITREPs, KPIs, and incident summaries for leadership.
- Ensure DCO processes comply with RMF, CSSP, and DoD 8140 standards, maintaining accreditation readiness.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
