ManTech International Corporation

Receive alerts when this company posts new jobs.

Cyber Security Watch Officer

at ManTech International Corporation

Posted: 6/8/2018
Job Status: Full Time
Job Reference #: 1436309
Keywords: response

Job Description

Req ID

Business Title
Cyber Security Watch Officer



Clearance Level Needed


Job Duties and Responsibilities

Cyber Security Watch Officer

The DISA Command Center (DCC) Network Assurance (NA) mission is charged with directing the operation and defense of the Global Information Grid (GIG)/DoDIN. DCC NA is chartered to provide 24x7x365 operational Information Assurance (IA) support to the Department of Defense (DOD) community via response and coordination of computer security incidents and near real-time strategic computer network defense (CND) analysis. The DCC correlates and analyzes all-source intelligence, counter-intelligence (CI), network monitor/performance data, Intrusion Detection System (IDS) data, law enforcement, and operations information to provide the DISA Director an integrated picture of daily enterprise services status and emergent computer/network incident details. With correlated information and reporting from subordinate NetOps centers, the DCC NA assesses network and military operational impacts, identifies courses of action that mitigate, recover and restore network services, prepares plans to execute corrective measures, and coordinates implementation and follow-up of approved actions with appropriate DOD and non-DOD organizations. The DCC exercises tactical control over DISA’s CND elements integrated into subordinate DISA Net Ops Centers (DNC) and Enterprise Service Centers (ESC).

Position Responsibilities:

DCC Watch Standers and Dynamic Network Defense Operations Duty Officers (DNDO-DO) will cover 24 x 7 shift work for the DCC operations section in support of Network Defense Operations. The Watch Standers and DNDO-DO will perform a variety of command, control, coordination, communication, monitoring and analysis roles including:

- Incident Response and Operations Process
- Incident Logging and Notification
- Unknown Threat / Vulnerability Assessment / Process
- Analyze high bandwidth utilization events as alerted by the network monitoring tool
- Participate and coordinate DCO activities with CC/S/A/FA, intelligence, law enforcement, USG, industry and academy organizations
- As required brief DODIN defense through collaboration meetings with other DoD organizations
- Help develop OPORDS, FRAGORD, WARNORDs, TASKORDS and Ghost Orders in conjunction with the future cell planners
- Receive, release and track execution of OPORDS, FRAGORDs, WARNORDs, TASKORDs, and Ghost Orders related to DCC
- Provide battle update briefings at each shift change (3 per day). Provide situational awareness and operational update briefings to DISA leadership
- Monitor, process and utilize DoD classified and unclassified networks
- Respond to official questions through RFI response tools
- Review open source reporting, blogs and coordination with other cyber elements for early identification of new vulnerability and threat trends. Provide reports on new developments in briefings, presentations and other formats to DISA leadership and subordinate organizations
- Participate in command exercises including real world COOP/COP that may require staff to move to alternate sites. Support also includes providing after action review feedback to DISA
- Produce statistics based status updates outlining Arbor Tool migrations and its effectiveness and brief said updates at recurring intervals
- Participate, advise and contribute to FLM/DDOS and Boundary Tools Working Groups


- Education: Requires Bachelor’s degree or equivalent, and seven to nine years of related experience
- Desired Experience/Certifications: SMEs in the field of DoD computer network defense with an understanding of the lifecycle of the network threats, attack vectors, and network vulnerability exploitation. Global IA Certification (GIAC System’s and Network Auditor (GSNA), GIAC Certified Incident Handler (GCIH) or Certified Ethical Hacker (CEH); knowledgeable in SNORT and IDS/IPS

- DOD 8570.01M IAT-II or Level III - mandatory (CompTIA Security+ CE - minimum to start).
- Certified Ethical Hacker (CEH) will be required within 4 months of start date
(Certifications not required for JFHQ-DODIN Ft. Meade positions)

Clearance: Top Secret with SCI eligibility (TS/SCI) - Mandatory

Location: Ft. Meade, MD

Duty: This is a shift position. Must be willing to work various shifts that may include nights, weekends, and holidays.

POC: Please apply on-line and contact our recruiter, Mark Aschenbach,, (703) 488-2073

Requires Bachelor¿s degree or equivalent and seven to nine years of related experience. Minimum of three years experience in technology/tools specific to the target platforms.

See Qualifications

Years of Experience
See Qualifications

Position Type


ManTech International Corporation is comprised of approximately 7,300 talented employees who use advanced technology to help government and industry meet some of their greatest challenges around the world. We adhere to the simple, no-nonsense values on which ManTech was founded more than four decades ago, aligning squarely with the mission objectives of our customers. As our customer base continues to expand and diversify, we continue to diversify our workforce and solutions. Nearly half our employees have a military background, and approximately 70 percent hold a government security clearance. As a leading provider of innovative technology services and solutions for the nation's defense, security, health, space, and intelligence communities; we hold nearly 1,100 active contracts with more than 50 different government agencies.