DEU - DCO Watch Analyst (Tier 1, Tier 2, Tier 3)

vor 11 Stunden

Stuttgart, Baden-Württemberg, Deutschland 3 Reasons Consulting Vollzeit


Position Title: DCO Watch Analyst (Tier 1, Tier 2, Tier 3)
Location: Stuttgart, Germany

Minimum Security Clearance: Secret, with ability to obtain Top Secret/Sensitive Compartmented Information (TS/SCI)

eCRAFT: SISS2/SISS3

Education: Bachelor's preferred

Years of Experience: 3 or more (varies based on tier)
Citizenship: U.S. Citizen required

Position Overview

We are seeking Defensive Cyber Operations (DCO) Analysts at the Tier 1, Tier 2, and Tier 3 levels to support a 24/7 mission-critical cyber defense environment. Analysts are responsible for monitoring, analyzing, and responding to cybersecurity events and incidents in accordance with CJCSM B and applicable Department of Defense (DoD) directives. The appropriate tier will be determined based on candidate qualifications, experience, certifications, and mission requirements.

Key Responsibilities (By Tier)

Tier 1
  • Monitor network and host-based systems for suspicious activity using approved tools and SOPs.
  • Validate security events and escalate potential incidents to Tier 2 analysts per CJCSM B.
  • Enter and maintain accurate incident data in designated reporting systems.
  • Assist with incident documentation and tracking under supervision.
  • Perform basic log correlation using tools such as Splunk, Elastic, or Sentinel.
  • Support 24/7 watch operations and shift turnovers across multiple ROCs.
Tier 2
  • Analyze and respond to validated security incidents, determining severity and operational impact.
  • Coordinate incident response activities with internal teams, reporting agencies, and subscriber sites.
  • Perform network and host-based digital forensics on Windows, Linux, and other operating systems.
  • Conduct log correlation and deeper analysis to identify trends and patterns.
  • Update and maintain SOPs to ensure compliance with CJCSM B.
  • Support IDS/IPS tuning and signature implementation.
Tier 3
  • Lead complex incident response efforts, including analysis, mitigation, and reporting.
  • Manage and oversee incident response campaigns and multi-team coordination.
  • Conduct proactive threat hunting and advanced investigations.
  • Lead purple team exercises to improve detection and response capabilities.
  • Evaluate and refine IDS/IPS signatures, detection logic, and correlation rules.
  • Perform advanced digital forensics and mentor junior analysts.
  • Support program reviews, product evaluations, and certification assessments.


Education & Experience Requirements

Tier 1
  • Bachelor's degree in a relevant technical discipline, OR
  • IAT Level II certification plus 3 years of recent specialized experience
Tier 2
  • Bachelor's degree in a relevant technical discipline plus 2 years of relevant experience, OR
  • IAT Level II certification plus 5 years of recent specialized experience
Tier 3
  • Bachelor's degree in a relevant technical discipline plus 5 years of relevant experience, OR
  • IAT Level II certification plus 8 years of recent specialized experience
Required Certifications (All Tiers)
  • Must meet DoD 8570 IAT Level II requirements
  • Must obtain and maintain role-based certifications per DoD standards
Desired Qualifications (All Levels – Depth Varies by Tier)
  • Experience with log aggregation and analysis tools (Splunk, Elastic, Sentinel)
  • Experience with IDS/IPS, host-based, and OS logging solutions
  • Familiarity with incident response methodologies and CJCSM B
  • Digital forensics and threat hunting experience
  • Strong analytical, problem-solving, and attention-to-detail skills
  • Effective written and verbal communication skills
  • Ability to work independently and as part of a 24/7 operations team
Additional Details
  • Operations are conducted 24/7/365 across three Regional Operations Centers (ROCs)
  • Four 10-hour shifts per ROC (Sunday–Wednesday or Wednesday–Saturday)
  • Shift assignment at the manager's discretion
  • Overtime or surge support may be required during incident response
  • Up to 10% travel may be required
This posting is intended to fill multiple levels (Tier 1–3). Candidates will be aligned to the appropriate tier based on experience, certifications, and mission requirements.

Benefits at 3 Reasons Consulting

At 3 Reasons Consulting, we are committed to supporting the well-being of our team with a comprehensive benefits package that includes both company-paid and shared-cost options. Our benefits are designed to enhance your health, financial security, and work-life balance to help you thrive personally and professionally as a valued member of our team.

Company-Paid Benefits
  • Short/Long Term Disability
  • Basic Life Insurance
  • Direct Payroll Deposit
  • Leave Accrual
  • Holidays
  • 401(k) Match


Employee / Company Shared Benefits
  • Additional (Voluntary) Life Insurance
  • 401(k)
  • Medical Coverage
  • Dental Coverage
  • Vision Care Plan
  • Flexible Spending Account Plan
3 Reasons Consulting is an Equal Opportunity Employer. We are committed to providing a workplace free from discrimination or harassment and hold all 3 Reasons employees accountable to protect this mission. We do not discriminate on the basis of race, color, gender, religion, national origin, sexual orientation, age, marital status, veteran status, military status, disability status, or any other characteristic protected by federal, state, or local law. All applicants will receive consideration for employment without regard to protected bases.

  • DEU - DCO Watch Analyst (Tier 1, Tier 2, Tier 3)

    Vor 2 Tagen

    Stuttgart, Baden-Württemberg, Deutschland 3 Reasons Consulting, LLC Vollzeit

    Position Title: DCO Watch Analyst (Tier 1, Tier 2, Tier 3)Location: Stuttgart, GermanyMinimum Security Clearance: Secret, with ability to obtain Top Secret/Sensitive Compartmented Information (TS/SCI)eCRAFT: SISS2/SISS3Education: Bachelor's preferredYears of Experience: 3 or more (varies based on tier)Citizenship: U.S. Citizen requiredPosition OverviewWe are...

  • DCO Watch Analyst Tier II Stuttgart

    vor 1 Woche

    Stuttgart, Baden-Württemberg, Deutschland Adapt Forward Vollzeit

    Cyber Security Analyst I, DCO Watch Analyst Tier II Stuttgart, DESecret Required to Start, TS SCI Required The Tier 2 Defensive Cyber Operations (DCO) Watch Analyst is an intermediate role responsible for analyzing and responding to security incidents within a Cybersecurity Service Provider (CSSP) environment. You will  investigate validated events,...

  • DCO Watch Analyst Tier II Stuttgart

    Vor 2 Tagen

    Stuttgart, Baden-Württemberg, Deutschland Adapt Forward Vollzeit

    Cyber Security Analyst I, DCO Watch Analyst Tier IIStuttgart, DESecret Required to Start, TS SCI Required The Tier 2 Defensive Cyber Operations (DCO) Watch Analyst is an intermediate role responsible for analyzing and responding to security incidents within a Cybersecurity Service Provider (CSSP) environment. You will investigate validated events,...

  • DCO Watch Analyst Tier III Malware Stuttgart

    vor 13 Stunden

    Stuttgart, Baden-Württemberg, Deutschland Adapt Forward Vollzeit

    Cyber Security Analyst III, DCO Watch Analyst Tier 3 MalwareStuttgart, GermanySecret Clearance, with ability to obtain TS/SCI Position DescriptionThe Tier 3 Defensive Cyber Operations (DCO) Watch Analyst is a senior-level role responsible for leading complex incident response, conducting proactive threat hunting, and enhancing detection capabilities within...

  • DEU - DCO Watch Officer (WO)

    Vor 2 Tagen

    Stuttgart, Baden-Württemberg, Deutschland 3 Reasons Consulting, LLC Vollzeit

    Position Title: Defensive Cyber Operations (DCO) Watch OfficerLocation: Stuttgart, GermanyMinimum Security Clearance: Secret, with ability to obtain Top Secret/Sensitive Compartmented Information (TS/SCI)eCRAFT: SISS3Education: Bachelor's preferredYears of Experience: 6Citizenship: U.S. Citizen required Position DescriptionThe Defensive Cyber Operations...

  • Cyber Security Analyst I, DCO Watch Analyst Tier II

    vor 1 Woche

    Stuttgart, Baden-Württemberg, Deutschland Adapt Forward Vollzeit

    DCO Watch Analyst Tier II Stuttgart, DESecret Required to Start, TS SCI Required The Tier 2 Defensive Cyber Operations (DCO) Watch Analyst is an intermediate role responsible for analyzing and responding to security incidents within a Cybersecurity Service Provider (CSSP) environment. You will  investigate validated events, coordinates with stakeholders,...

  • DEU - DCO Watch Officer (WO)

    vor 5 Stunden

    Stuttgart, Baden-Württemberg, Deutschland 3 Reasons Consulting Vollzeit

    Position Title: Defensive Cyber Operations (DCO) Watch OfficerLocation: Stuttgart, GermanyMinimum Security Clearance: Secret, with ability to obtain Top Secret/Sensitive Compartmented Information (TS/SCI)eCRAFT: SISS3 Education: Bachelor's preferredYears of Experience: 6 Citizenship: U.S. Citizen requiredPosition DescriptionThe Defensive Cyber...

  • DCO Watch Analyst Tier III Forensics Stuttgart

    Vor 2 Tagen

    Stuttgart, Baden-Württemberg, Deutschland Adapt Forward Vollzeit

    Cyber Security Analyst III, DCO Watch Analyst Tier III ForensicsStuttgart, GermanySecret Clearance, with ability to obtain TS/SCI As a Tier 3 Defensive Cyber Operations (DCO) Watch Analyst you will be responsible for leading complex incident responses, conducting proactive threat hunting, and enhancing detection capabilities within a Cybersecurity Service...

  • Cyber Security Analyst III, DCOP Watch Analyst Tier III Malware

    vor 1 Woche

    Stuttgart, Baden-Württemberg, Deutschland Adapt Forward Vollzeit

    Cyber Security Analyst III, DCO Watch Analyst Tier 3 Malware Stuttgart, Germany Secret Clearance, with ability to obtain TS/SCI Position DescriptionThe Tier 3 Defensive Cyber Operations (DCO) Watch Analyst is a senior-level role responsible for leading complex incident response, conducting proactive threat hunting, and enhancing detection capabilities...

  • DEU - Battle Watch Captain

    Vor 2 Tagen

    Stuttgart, Baden-Württemberg, Deutschland 3 Reasons Consulting, LLC Vollzeit

    Position Title: Battle Watch CaptainLocation: Stuttgart, GermanyMinimum Security Clearance: Secret, with ability to obtain Top Secret/Sensitive Compartmented Information (TS/SCI)eCRAFT: CSE3Education: Bachelor's preferredYears of Experience: 8 (or 5 with a degree)Citizenship: U.S. Citizenship required Position DescriptionThe Battle Watch Captain serves as...