SOS International LLC.
NSOC Cyber Defense Lead (DCO Lead)
SOS International LLC., Pearl City, Hawaii, United States, 96782
Overview
Lead the Digital Shield of the Indo-Pacific
SOSi is on the hunt for a visionary
NSOC Cyber Defense Lead (DCO Lead)
to command the front lines of cyber resilience at
Joint Base Pearl Harbor Hickam . In this high-impact role, you’ll orchestrate 24/7
Defensive Cyberspace Operations , driving real-time threat detection, response, and mission assurance across a dynamic Indo-Pacific enterprise. As the strategic force behind the NSOC’s cyber defense branch, you’ll synchronize operations, engineering, and compliance—delivering innovation, leadership, and security at scale.
Essential Job Duties
Lead the
Defensive Cyberspace Operations (DCO)
branch of the NSOC, providing daily oversight of cyber defense, incident response, vulnerability management, and compliance tracking.
Supervise, mentor, and train analysts and engineers to ensure consistent performance and procedural adherence across shifts.
Serve as the
Incident Response Lead
for escalated cyber events, coordinating containment, remediation, and communication with mission partners and CSSP stakeholders.
Collaborating with the
NSOC Deputy ,
Battle Captains , and
Operations/Engineering leads
to maintain unified situational awareness across network, system, and cyber domains.
Direct proactive
threat hunting
and detection tuning using adversary TTPs and MITRE ATT&CK methodology.
Oversee
AI- and SOAR-assisted response workflows , ensuring automation pipelines align with NSOC standard operating procedures (SOPs).
Track and report
CTOs, ATOs, POA&Ms , and vulnerability remediation metrics to support accreditation and compliance.
Conduct and document
tabletop exercises, readiness drills, and after-action reviews
to validate detection and response posture.
Develop and deliver
daily/weekly SITREPs, KPIs, and incident summaries
for leadership.
Ensure DCO processes comply with
RMF, CSSP, and DoD 8140
standards, maintaining accreditation readiness.
Minimum Requirements
Active in scope SECRET clearance.
Bachelor’s degree in Cybersecurity, Computer Science, or related discipline (or equivalent work experience).
5+ years
of experience in SOC/NSOC or Defensive Cyberspace Operations environments.
DoD 8140 / 8570 Baseline Certification:
IAT Level III (CASP+, CISSP) or CND (GCIH, GCIA, CEH, CFR).
Demonstrated experience leading teams or shift operations within a cyber defense or SOC environment.
Strong proficiency with
SIEM, EDR, and SOAR
platforms (e.g., Splunk, Elastic, Microsoft Defender, Trellix, Chronicle).
Knowledge of adversary TTPs, malware analysis, and incident response methodologies.
Excellent leadership, communication, and analytical problem-solving skills.
Preferred Qualifications
Advanced certifications such as
GCIA, GCIH, GDAT, CISSP, or GCTI .
Prior experience in
military or coalition cyber defense
Familiarity with
AI-assisted detection ,
SOAR automation , and
Zero Trust Architecture .
Experience supporting
DISA PAC, CSSP , or
Mission Partner Environment (MPE)
Work Environment
Normal office environment with potential for limited travel or participation in exercises at deployed or classified sites.
May be required to work evenings, weekends, or on-call rotations to meet mission and contract needs.
This is a
core leadership position
in a
24/7/365
operations center supporting INDOPACOM.
Working at SOSi All interested individuals will receive consideration and will not be discriminated against for any reason.
#J-18808-Ljbffr
Lead the Digital Shield of the Indo-Pacific
SOSi is on the hunt for a visionary
NSOC Cyber Defense Lead (DCO Lead)
to command the front lines of cyber resilience at
Joint Base Pearl Harbor Hickam . In this high-impact role, you’ll orchestrate 24/7
Defensive Cyberspace Operations , driving real-time threat detection, response, and mission assurance across a dynamic Indo-Pacific enterprise. As the strategic force behind the NSOC’s cyber defense branch, you’ll synchronize operations, engineering, and compliance—delivering innovation, leadership, and security at scale.
Essential Job Duties
Lead the
Defensive Cyberspace Operations (DCO)
branch of the NSOC, providing daily oversight of cyber defense, incident response, vulnerability management, and compliance tracking.
Supervise, mentor, and train analysts and engineers to ensure consistent performance and procedural adherence across shifts.
Serve as the
Incident Response Lead
for escalated cyber events, coordinating containment, remediation, and communication with mission partners and CSSP stakeholders.
Collaborating with the
NSOC Deputy ,
Battle Captains , and
Operations/Engineering leads
to maintain unified situational awareness across network, system, and cyber domains.
Direct proactive
threat hunting
and detection tuning using adversary TTPs and MITRE ATT&CK methodology.
Oversee
AI- and SOAR-assisted response workflows , ensuring automation pipelines align with NSOC standard operating procedures (SOPs).
Track and report
CTOs, ATOs, POA&Ms , and vulnerability remediation metrics to support accreditation and compliance.
Conduct and document
tabletop exercises, readiness drills, and after-action reviews
to validate detection and response posture.
Develop and deliver
daily/weekly SITREPs, KPIs, and incident summaries
for leadership.
Ensure DCO processes comply with
RMF, CSSP, and DoD 8140
standards, maintaining accreditation readiness.
Minimum Requirements
Active in scope SECRET clearance.
Bachelor’s degree in Cybersecurity, Computer Science, or related discipline (or equivalent work experience).
5+ years
of experience in SOC/NSOC or Defensive Cyberspace Operations environments.
DoD 8140 / 8570 Baseline Certification:
IAT Level III (CASP+, CISSP) or CND (GCIH, GCIA, CEH, CFR).
Demonstrated experience leading teams or shift operations within a cyber defense or SOC environment.
Strong proficiency with
SIEM, EDR, and SOAR
platforms (e.g., Splunk, Elastic, Microsoft Defender, Trellix, Chronicle).
Knowledge of adversary TTPs, malware analysis, and incident response methodologies.
Excellent leadership, communication, and analytical problem-solving skills.
Preferred Qualifications
Advanced certifications such as
GCIA, GCIH, GDAT, CISSP, or GCTI .
Prior experience in
military or coalition cyber defense
Familiarity with
AI-assisted detection ,
SOAR automation , and
Zero Trust Architecture .
Experience supporting
DISA PAC, CSSP , or
Mission Partner Environment (MPE)
Work Environment
Normal office environment with potential for limited travel or participation in exercises at deployed or classified sites.
May be required to work evenings, weekends, or on-call rotations to meet mission and contract needs.
This is a
core leadership position
in a
24/7/365
operations center supporting INDOPACOM.
Working at SOSi All interested individuals will receive consideration and will not be discriminated against for any reason.
#J-18808-Ljbffr