Defensive Cyber Operations Officer

Position Summary

The Defensive Cyber Operations Officer serves as a central point of coordination for DTRA’s Defensive Cyber Operations (DCO), providing expert oversight of cyber communications, incident response, and operational reporting across the enterprise. This role is responsible for monitoring and reporting the status of CSSP systems, coordinating with internal teams and external DoD and inter-agency cyber partners, and leading the Cyber Fusion cell to ensure situational awareness and timely response to threats.

The officer develops threat intelligence products, supports exercises and training events, and oversees quality assurance of operational and reporting products. Acting as a liaison between DTRA and broader DoD cyber initiatives, this position requires technical proficiency in CSSP/SOC operations, strong leadership, and the ability to manage shift work, incident escalations, and mission-critical cyber operations.

• Act as the central communications point for all things cyber; track, communicate, and report status of DTRA CSSP systems and applications
• Prepare briefing documentation to show current status of CTO tasking
• Attend daily CTO meetings, and other meetings for named operations as required representing DTRA Cyber Operations in the meeting
• Maintain situational awareness through daily interactions and coordination with JOC Watch Team, BSN4 Watch Team, and DTRA IT-CS IA Directives personnel
• Employ effective web, email, and telephonic communications to clearly manage security incident response procedures as they pertain to CTO, and/or other named operations

• Coordinate DTRA Defensive Cyber Operations activities and initiatives across the organization
• Serve as primary liaison for DCO Division with external cyber organizations and stakeholders
• Facilitate coordination between DTRA DCO operations and broader DoD defensive cyber initiatives
• Coordinate DCO-related activities with outside entities including Cyber Fusion Groups, inter-agency partners, and DoD cyber components
• Represent DTRA DCO Division in external coordination meetings and working groups
• Facilitate information sharing and collaboration on defensive cyber operations matters

• Responsible for reporting status of DTRA CSSP projects, DTRA CPCON changes, status of DTRA compliance with Tier I initiatives, and communicating requests for OPS assistance to the CSSP
• Responsible for gathering pertinent data from the Morning IT Operations briefing, and disseminating this data to the CSSP Detect team, and CSSP leadership
• Tracking, response, and timely reporting of requests for information (RFI), VDPs, Tippers, CTO's, WARNORDs, TASKORDs and all applicable operation support documents, ensuring any associated tasking is completed by CSSP Watch team
• Responsible for tracking and reporting of CPCON status and any relevant actions resulting from CPCON changes to CSSP leadership
• Responsible for ensuring coordinated responses to Tier I RFI's and the creation of Blue/Red reports

• Coordinate and support Table-top Exercises (TTX) and other cyber training events for DTRA DCO operations
• Assist in planning, execution, and after-action reporting for DCO-related exercises
• Coordinate DTRA participation in external cyber exercises and training opportunities

• Develop and maintain threat landscape reporting relevant to DTRA defensive cyber operations
• Coordinate threat intelligence sharing between DTRA DCO and external cyber organizations
• Support the development of threat assessments and defensive recommendations

• Lead the Cyber Fusion cell; organize monthly meetings to discuss relevant Cybersecurity topics affecting DTRA and other DoD organizations
• Oversee shift changes, ensuring communication of case/mission status occur between shifts and the timely notification to leadership during off‑hours when priority events occur
• Validates that the comprehensive documentation and any operational issues affecting the CSSP team are brought to the attention of the…