Cybersecurity Analyst - Operations Watch Analyst (Tier 1-3)
Role details
Job location
Tech stack
Job description
The Operations Watch Analyst serves as a critical member of the Cybersecurity Operations team, responsible for identifying, investigating, reporting, and mitigating cyber incidents across diverse network environments.
This role ensures timely detection, analysis, and response to security events in accordance with Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01B and other applicable Department of Defense (DoD) directives. The analyst will assess the severity of incidents, document findings, and coordinate appropriate response actions with stakeholders across the DoD Information Network (DoDIN).
-
Maintain a thorough working knowledge of CJCSM 6510.01B and ensure compliance with related policies and procedures.
-
Develop, maintain, and continuously improve Standard Operating Procedures (SOPs) for operational watch functions.
-
Conduct proactive network intrusion detection, monitoring, correlation, and analysis to identify potential threats.
-
Validate and assess suspicious events to determine if they meet incident criteria, ensuring accurate and timely entry into designated reporting systems.
-
Coordinate with Joint Force Headquarters-DoDIN (JFHQ-DoDIN) and supported organizations to ensure appropriate analysis, reporting, and escalation of significant incidents.
-
Provide 24/7 incident response coverage, including after-hours and surge support as mission needs dictate.
-
Perform network and host-based digital forensics across Microsoft Windows and other operating systems to support incident analysis and remediation.
-
Analyze full packet captures (PCAP) using tools such as Wireshark and other network forensic utilities.
-
Correlate system and network activity using Splunk and other log aggregation tools to detect anomalies and potential intrusions.
-
Develop, tune, and implement Intrusion Detection/Prevention System (IDS/IPS) signatures to enhance detection accuracy and minimize false positives.
-
Participate in program reviews, product assessments, and on-site certification evaluations to strengthen cyber defense posture.
-
Support a rotating shift schedule (4x10-hour workdays), including at least one weekend day.
-
Work collaboratively in a high-tempo, mission-focused environment requiring flexibility and occasional overtime for surge operations.
Requirements
Do you have experience in Windows?, Do you have a Bachelor's degree?, * Bachelor's degree in Cybersecurity, Information Technology, or a related field; or a minimum of three years of directly relevant experience, preferably within a DoD or federal cybersecurity environment.
- Willingness to travel up to 15% globally, including short-notice (72-hour) deployments in support of incident response operations.
Certifications:
- Must hold an IAT Level II (Tier 1 and 2) or IAT Level III (Tier 3) certification (per DoD 8570.01-M) and PWS certification requirements in accordance with DoD cybersecurity workforce requirements.
Preferred:
- Five or more years of cybersecurity incident response experience.
- Strong knowledge of incident response procedures, packet analysis, IDS/IPS technologies, and host-based security tools.
- Proficiency in log correlation and analysis using tools such as Splunk, Elastic, or equivalent platforms.
- Familiarity with digital forensics tools and methodologies.
- Demonstrated ability to analyze complex issues, think critically, and operate independently under pressure.
- Excellent written and verbal communication skills to support operational reporting and coordination.
- In-depth understanding of CJCSM 6510.01B reporting requirements.
- Prior experience in DoD environments.
- Experience conducting digital forensics and malware analysis.
Benefits & conditions
Our unique ownership model attracts top talent, giving employees the freedom to take initiative and drive meaningful improvements. In addition to cultivating a thriving and inclusive work environment, Sentar offers an extensive benefits package designed to support the well-being of employees and their families. Employee ownership is the foundation of our culture, promoting participation, teamwork, and accountability while ensuring long-term financial security and a commitment to excellence.
- Voluntary Medical, Dental, Vision, with Health Savings or Flexible Spending Plan options
- Voluntary Life, Critical Illness, Accident, and Long Term Care insurance options
- Group Term Life, Short-Term and Long-Term Disability is provided by Sentar to all qualifying employees
- Generous 401(k) match
- Competitive PTO plan that graduates quickly with years of service
- Other leave programs; holiday schedule along with bereavement, maternity, jury and military duty
- Mental health awareness programs
- Tuition reimbursement
- Professional development reimbursement
- Recognition and Awards programs
