DEU - ROC Lead

vor 10 Stunden

Stuttgart, Baden-Württemberg, Deutschland 3 Reasons Consulting Vollzeit

Position Title: Regional Operations Center (ROC) Lead – Defensive Cyber Operations (DCO) Watch

Location: Stuttgart, Germany

Minimum Security Clearance: Secret, with ability to obtain Top Secret / Sensitive Compartmented Information (TS/SCI)

eCRAFT: CSE3

Education: Bachelor's degree preferred

Years of Experience: 5+ years (or 8 years of equivalent experience)

Citizenship: United States citizenship required

Position Description

The Regional Operations Center (ROC) Lead – Defensive Cyber Operations (DCO) Watch is responsible for providing comprehensive cybersecurity defense within an assigned Regional Operations Center. This role ensures the protection of subscriber networks and data across multiple sources and geographic locations through effective monitoring, incident response, and operational leadership.

The ROC Lead oversees identification, validation, investigation, and mitigation of cybersecurity threats, determines incident severity, and ensures accurate and timely reporting in accordance with established directives. In addition to operational leadership, the ROC Lead serves as the Training Lead, responsible for developing and delivering training programs, conducting tabletop exercises, and maintaining personnel
proficiency in mission-essential tools, procedures, and processes.

This position requires strong leadership, analytical skills, and operational expertise in a 24/7/365 cybersecurity operations environment.

Duties and Responsibilities
  • Lead administrative and operational functions during incident response campaigns, ensuring tasks are completed, vetted, and properly documented
  • Coordinate with subscriber sites and reporting agencies to ensure timely and accurate incident reporting
  • Review validated security incidents for quality assurance and determine severity and impact in accordance with Chairman of the Joint Chiefs of Staff Manual (CJCSM B
  • Conduct ticket, alert, and indicator analysis reviews to ensure accuracy, consistency, and completeness
  • Maintain an in-depth understanding of cybersecurity concepts, protocols, architectures, and defensive cyber tools
  • Oversee shift turnovers to ensure continuity of operations and proper documentation within campaign and shift logs
  • Compile, review, and maintain internal Standard Operating Procedures (SOPs) in compliance with applicable policies and directives
  • Mentor, guide, and develop ROC analysts to improve triage effectiveness and analytical capabilities
  • Participate in program reviews, product evaluations, and onsite certification or assessment activities as required
  • Ensure operational readiness and coordination across three Regional Operations Centers supporting 24/7/365 mission requirements
  • Provide surge and overtime support during elevated threat conditions or significant cybersecurity incidents
Required Skills
  • Comprehensive knowledge of Chairman of the Joint Chiefs of Staff Manual (CJCSM B
  • Expertise coordinating incident response actions and validating cybersecurity events
  • Proficiency with Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), including signature development and tuning
  • Experience conducting digital forensics across multiple operating systems
  • Advanced proficiency with host-based security tools and operating system logging
  • Deep expertise with log aggregation and analysis platforms such as Splunk, Elastic, or Microsoft Sentinel
  • Exceptional logical reasoning and independent problem-solving abilities
  • Superior written and verbal communication skills
Desired Skills
  • Strong leadership and operational oversight experience in a cybersecurity operations environment
  • Expert knowledge of incident response processes and campaign management
  • Ability to assess incident severity and impact using established DoD guidance
  • Strong analytical and problem-solving skills
  • Ability to communicate clearly and effectively in both written and verbal formats
  • Proven ability to mentor and lead teams in high-tempo, operational environments

Experience, Education and Certification Requirements
  • Bachelor's degree with a minimum of five (5) years of specialized cybersecurity experience or
  • A minimum of eight (8) years of relevant cybersecurity operations experience in lieu of a degree
  • Required certifications per Performance Work Statement (PWS): None
Additional Information
  • Operations are conducted 24/7/365 across three Regional Operations Centers
  • Overtime or surge support may be required during active cybersecurity incidents
  • Position may require up to 10% travel as mission needs dictate

 
Benefits at 3 Reasons Consulting

At 3 Reasons Consulting, we are committed to supporting the well-being of our team with a comprehensive benefits package that includes both company-paid and shared-cost options. Our benefits are designed to enhance your health, financial security, and work-life balance to help you thrive personally and professionally as a valued member of our team.

Company-Paid Benefits
  • Short/Long Term Disability
  • Basic Life Insurance
  • Direct Payroll Deposit
  • Leave Accrual
  • Holidays
  • 401(k) Match


Employee / Company Shared Benefits
  • Additional (Voluntary) Life Insurance
  • 401(k)
  • Medical Coverage
  • Dental Coverage
  • Vision Care Plan
  • Flexible Spending Account Plan
3 Reasons Consulting is an Equal Opportunity Employer. We are committed to providing a workplace free from discrimination or harassment and hold all 3 Reasons employees accountable to protect this mission. We do not discriminate on the basis of race, color, gender, religion, national origin, sexual orientation, age, marital status, veteran status, military status, disability status, or any other characteristic protected by federal, state, or local law. All applicants will receive consideration for employment without regard to protected bases.

  • DEU - ROC Lead

    Vor 2 Tagen

    Stuttgart, Baden-Württemberg, Deutschland 3 Reasons Consulting, LLC Vollzeit

    Position Title: Regional Operations Center (ROC) Lead – Defensive Cyber Operations (DCO) WatchLocation: Stuttgart, GermanyMinimum Security Clearance: Secret, with ability to obtain Top Secret / Sensitive Compartmented Information (TS/SCI)eCRAFT: CSE3Education: Bachelor's degree preferredYears of Experience: 5+ years (or 8 years of equivalent...

  • DEU - DCO Watch Analyst (Tier 1, Tier 2, Tier 3)

    Vor 2 Tagen

    Stuttgart, Baden-Württemberg, Deutschland 3 Reasons Consulting, LLC Vollzeit

    Position Title: DCO Watch Analyst (Tier 1, Tier 2, Tier 3)Location: Stuttgart, GermanyMinimum Security Clearance: Secret, with ability to obtain Top Secret/Sensitive Compartmented Information (TS/SCI)eCRAFT: SISS2/SISS3Education: Bachelor's preferredYears of Experience: 3 or more (varies based on tier)Citizenship: U.S. Citizen requiredPosition OverviewWe are...

  • DEU - DCO Watch Analyst (Tier 1, Tier 2, Tier 3)

    vor 10 Stunden

    Stuttgart, Baden-Württemberg, Deutschland 3 Reasons Consulting Vollzeit

    Position Title: DCO Watch Analyst (Tier 1, Tier 2, Tier 3) Location: Stuttgart, GermanyMinimum Security Clearance: Secret, with ability to obtain Top Secret/Sensitive Compartmented Information (TS/SCI)eCRAFT: SISS2/SISS3Education: Bachelor's preferredYears of Experience: 3 or more (varies based on tier) Citizenship: U.S. Citizen requiredPosition...

  • DEU - DCO Watch Officer (WO)

    Vor 2 Tagen

    Stuttgart, Baden-Württemberg, Deutschland 3 Reasons Consulting, LLC Vollzeit

    Position Title: Defensive Cyber Operations (DCO) Watch OfficerLocation: Stuttgart, GermanyMinimum Security Clearance: Secret, with ability to obtain Top Secret/Sensitive Compartmented Information (TS/SCI)eCRAFT: SISS3Education: Bachelor's preferredYears of Experience: 6Citizenship: U.S. Citizen required Position DescriptionThe Defensive Cyber Operations...

  • DEU - Battle Watch Captain

    Vor 2 Tagen

    Stuttgart, Baden-Württemberg, Deutschland 3 Reasons Consulting, LLC Vollzeit

    Position Title: Battle Watch CaptainLocation: Stuttgart, GermanyMinimum Security Clearance: Secret, with ability to obtain Top Secret/Sensitive Compartmented Information (TS/SCI)eCRAFT: CSE3Education: Bachelor's preferredYears of Experience: 8 (or 5 with a degree)Citizenship: U.S. Citizenship required Position DescriptionThe Battle Watch Captain serves as...

  • DEU - DCO Watch Officer (WO)

    vor 4 Stunden

    Stuttgart, Baden-Württemberg, Deutschland 3 Reasons Consulting Vollzeit

    Position Title: Defensive Cyber Operations (DCO) Watch OfficerLocation: Stuttgart, GermanyMinimum Security Clearance: Secret, with ability to obtain Top Secret/Sensitive Compartmented Information (TS/SCI)eCRAFT: SISS3 Education: Bachelor's preferredYears of Experience: 6 Citizenship: U.S. Citizen requiredPosition DescriptionThe Defensive Cyber...

  • DEU - Battle Watch Captain

    vor 6 Stunden

    Stuttgart, Baden-Württemberg, Deutschland 3 Reasons Consulting Vollzeit

    Position Title: Battle Watch CaptainLocation: Stuttgart, GermanyMinimum Security Clearance: Secret, with ability to obtain Top Secret/Sensitive Compartmented Information (TS/SCI)eCRAFT: CSE3Education: Bachelor's preferredYears of Experience: 8 (or 5 with a degree)Citizenship: U.S. Citizenship requiredPosition DescriptionThe Battle Watch Captain serves as...

  • DCO Watch Analyst Tier III Forensics Stuttgart

    Vor 2 Tagen

    Stuttgart, Baden-Württemberg, Deutschland Adapt Forward Vollzeit

    Cyber Security Analyst III, DCO Watch Analyst Tier III ForensicsStuttgart, GermanySecret Clearance, with ability to obtain TS/SCI As a Tier 3 Defensive Cyber Operations (DCO) Watch Analyst you will be responsible for leading complex incident responses, conducting proactive threat hunting, and enhancing detection capabilities within a Cybersecurity Service...

  • DCO Watch Analyst Tier III Malware Stuttgart

    vor 12 Stunden

    Stuttgart, Baden-Württemberg, Deutschland Adapt Forward Vollzeit

    Cyber Security Analyst III, DCO Watch Analyst Tier 3 MalwareStuttgart, GermanySecret Clearance, with ability to obtain TS/SCI Position DescriptionThe Tier 3 Defensive Cyber Operations (DCO) Watch Analyst is a senior-level role responsible for leading complex incident response, conducting proactive threat hunting, and enhancing detection capabilities within...

  • Cyber Security Analyst III, DCOP Watch Analyst Tier III Malware

    vor 1 Woche

    Stuttgart, Baden-Württemberg, Deutschland Adapt Forward Vollzeit

    Cyber Security Analyst III, DCO Watch Analyst Tier 3 Malware Stuttgart, Germany Secret Clearance, with ability to obtain TS/SCI Position DescriptionThe Tier 3 Defensive Cyber Operations (DCO) Watch Analyst is a senior-level role responsible for leading complex incident response, conducting proactive threat hunting, and enhancing detection capabilities...