Cyber Security Watch Officer/Duty Officer

ManTech (


  Full Time   Employee   Contractor

Fort Meade
United States

Cyber Security Watch Officer/Duty Officer

The DISA Command Center (DCC) Network Assurance (NA) mission is charged with directing the operation and defense of the Global Information Grid (GIG)/DoDIN. DCC NA is chartered to provide 24x7x365 operational Information Assurance (IA) support to the Department of Defense (DOD) community via response and coordination of computer security incidents and near real-time strategic computer network defense (CND) analysis. The DCC correlates and analyzes all-source intelligence, counter-intelligence (CI), network monitor/performance data, Intrusion Detection System (IDS) data, law enforcement, and operations information to provide the DISA Director an integrated picture of daily enterprise services status and emergent computer/network incident details. With correlated information and reporting from subordinate NetOps centers, the DCC NA assesses network and military operational impacts, identifies courses of action that mitigate, recover and restore network services, prepares plans to execute corrective measures, and coordinates implementation and follow-up of approved actions with appropriate DOD and non-DOD organizations. The DCC exercises tactical control over DISA’s CND elements integrated into subordinate DISA Net Ops Centers (DNC) and Enterprise Service Centers (ESC).

Position Responsibilities:

DCC Watch Standers and Dynamic Network Defense Operations Duty Officers (DNDO-DO) will cover 24 x 7 shift work for the DCC operations section in support of Network Defense Operations. The Watch Standers and DNDO-DO will perform a variety of command, control, coordination, communication, monitoring and analysis roles including:

• Incident Response and Operations Process

• Incident Logging and Notification

• Unknown Threat / Vulnerability Assessment / Process

• Analyze high bandwidth utilization events as alerted by the network monitoring tool

• Participate and coordinate DCO activities with CC/S/A/FA, intelligence, law enforcement, USG, industry and academy organizations

• As required brief DODIN defense through collaboration meetings with other DoD organizations

• Help develop OPORDS, FRAGORD, WARNORDs, TASKORDS and Ghost Orders in conjunction with the future cell planners

• Receive, release and track execution of OPORDS, FRAGORDs, WARNORDs, TASKORDs, and Ghost Orders related to DCC

• Provide battle update briefings at each shift change (3 per day). Provide situational awareness and operational update briefings to DISA leadership

• Monitor, process and utilize DoD classified and unclassified networks

• Respond to official questions through RFI response tools

• Review open source reporting, blogs and coordination with other cyber elements for early identification of new vulnerability and threat trends. Provide reports on new developments in briefings, presentations and other formats to DISA leadership and subordinate organizations

• Participate in command exercises including real world COOP/COP that may require staff to move to alternate sites. Support also includes providing after action review feedback to DISA

• Produce statistics based status updates outlining Arbor Tool migrations and its effectiveness and brief said updates at recurring intervals

• Participate, advise and contribute to FLM/DDOS and Boundary Tools Working Groups

Clearance: TS/SCI eligibility required

Location: Ft. Meade, MD

Duty: This is a shift position. Must be willing to work various shifts that may include nights, weekends, and holidays.


- Education: Requires Bachelor’s degree or equivalent, and seven to nine years of related experience

- Licenses/Certification: DOD 8570.01M IAT-II mandatory; CND Analyst or CND Incident Responder mandatory (Security+ CE - minimum to start). Certified Ethical Hacker (CEH) will be required within 4 months of start date

- Desired Experience/Certifications: SMEs in the field of DoD computer network defense with an understanding of the lifecycle of the network threats, attack vectors, and network vulnerability exploitation. Global IA Certification (GIAC System’s and Network Auditor (GSNA), GIAC Certified Incident Handler (GCIH) or Certified Ethical Hacker (CEH); knowledgeable in SNORT and IDS/IPS

- Candidate must have a current Top Secret clearance with SCI Eligibility

POC: Mark Aschenbach, [email protected], (703) 488-2073



To apply for this job, contact:
Human Resources

Save This Job

Email This Job to a Friend