BreakPoint Labs LLC
BreakPoint Labs is seeking a COMET CSSP Specialist to play a critical role in supporting leadership by defining Cyber Service Area requirements and identifying process improvement opportunities. The CSSP Specialist is a member of a team that provides essential assistance in Defensive Cyber Operations (DCO) monitoring and incident response functions, as well as ancillary support for inherently government operational responsibilities. COMET personnel are instrumental in cybersecurity operations, aiding leadership with operational oversight, prioritization, and decision‑making. During their local daytime shift, they oversee technical cyber monitoring and incident response, provide key updates to leadership and stakeholders, and champion continuous improvement. This is achieved by proactively researching, evaluating, and implementing novel tools, capabilities, and processes to define new methodologies for operational scalability. Furthermore, COMET personnel monitor resources, advocate for the organization’s operational needs, and serve as Subject Matter Experts (SMEs) across various cybersecurity skillsets through continuous learning. They may also be directed by leadership to provide surge support during high‑criticality cyber incidents. The ideal candidate for this role will have a deep understanding of cybersecurity operations, coupled with proven experience in managing and overseeing technical cyber monitoring and incident response. Success requires excellent communication and problem‑solving skills, and the capacity to collaborate effectively with cross‑functional teams.
Responsibilities
Assist leadership in defining Cyber Service Area requirements for Defensive Cyber Operations (DCO).
Oversee and validate network intrusion detection, monitoring, and correlation analysis, incident response, and digital forensics as needed.
Provide operational updates to leadership and communicate significant incidents or outages.
Identify process improvement opportunities to enhance cyber operations efficiency.
Advocate for operational needs and resource allocation across teams.
Direct, coach, and mentor analysts during both normal operations and cybersecurity events.
Lead development of documentation, training materials, and process improvements.
Provide technical direction to contractors and to steer incident response plans and recovery actions.
Participate in operational meetings to identify issues and propose improvement projects.
Up to 20% travel may be required.
Required Experience
Experience presenting to senior leadership (GS‑15/O5+).
Experience using Security Information and Event Management (SIEM) tools such as Splunk, Elastic, and Microsoft Sentinel.
Experience in managing and overseeing technical cyber monitoring and incident response.
Must demonstrate IT‑related experience that includes the following competencies:
Attention to Detail: Performs work thoroughly and conscientiously.
Customer Service: Assesses needs, provides assistance, resolves problems, and ensures quality service.
Oral Communication: Effectively conveys information to technical and non‑technical audiences.
Problem Solving: Identifies issues, evaluates information accuracy, and recommends sound solutions.
Highly valued experience includes:
Knowledge of reverse engineering and malware analysis, including program memory structure, compilation, and assembly.
Ability to read, de‑obfuscate, and determine if code is malicious or benign.
Understanding of programming logic, secure coding, and core computer science domains (information theory, cryptography, operating systems, networks, embedded systems).
Knowledge of Department of Defense (DoD) Cyber policies and compliance guidelines.
Familiarity with Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01B.
Working knowledge of Defensive Cyber Operations (DCO) tools.
Familiarity with Scaled Agile Framework (SAFe) methodology and Atlassian products (Jira, Confluence).
Knowledge of Intrusion Detection/Prevention Systems (IDS/IPS), Packet Capture (PCAP) analysis, and digital forensics tools.
Advanced writing and documentation skills.
Ability to manage multiple priorities in a dynamic environment.
Certifications Required Certifications Required: IAT or IAM & IASAE Level I
Security Clearance Required Security Clearance Required: DoD Secret
Education Level Required Master’s Degree in Cybersecurity, Computer, Electrical, or Electronics Engineering, or Mathematics with a concentration in computer science or equivalent.
#J-18808-Ljbffr
Responsibilities
Assist leadership in defining Cyber Service Area requirements for Defensive Cyber Operations (DCO).
Oversee and validate network intrusion detection, monitoring, and correlation analysis, incident response, and digital forensics as needed.
Provide operational updates to leadership and communicate significant incidents or outages.
Identify process improvement opportunities to enhance cyber operations efficiency.
Advocate for operational needs and resource allocation across teams.
Direct, coach, and mentor analysts during both normal operations and cybersecurity events.
Lead development of documentation, training materials, and process improvements.
Provide technical direction to contractors and to steer incident response plans and recovery actions.
Participate in operational meetings to identify issues and propose improvement projects.
Up to 20% travel may be required.
Required Experience
Experience presenting to senior leadership (GS‑15/O5+).
Experience using Security Information and Event Management (SIEM) tools such as Splunk, Elastic, and Microsoft Sentinel.
Experience in managing and overseeing technical cyber monitoring and incident response.
Must demonstrate IT‑related experience that includes the following competencies:
Attention to Detail: Performs work thoroughly and conscientiously.
Customer Service: Assesses needs, provides assistance, resolves problems, and ensures quality service.
Oral Communication: Effectively conveys information to technical and non‑technical audiences.
Problem Solving: Identifies issues, evaluates information accuracy, and recommends sound solutions.
Highly valued experience includes:
Knowledge of reverse engineering and malware analysis, including program memory structure, compilation, and assembly.
Ability to read, de‑obfuscate, and determine if code is malicious or benign.
Understanding of programming logic, secure coding, and core computer science domains (information theory, cryptography, operating systems, networks, embedded systems).
Knowledge of Department of Defense (DoD) Cyber policies and compliance guidelines.
Familiarity with Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01B.
Working knowledge of Defensive Cyber Operations (DCO) tools.
Familiarity with Scaled Agile Framework (SAFe) methodology and Atlassian products (Jira, Confluence).
Knowledge of Intrusion Detection/Prevention Systems (IDS/IPS), Packet Capture (PCAP) analysis, and digital forensics tools.
Advanced writing and documentation skills.
Ability to manage multiple priorities in a dynamic environment.
Certifications Required Certifications Required: IAT or IAM & IASAE Level I
Security Clearance Required Security Clearance Required: DoD Secret
Education Level Required Master’s Degree in Cybersecurity, Computer, Electrical, or Electronics Engineering, or Mathematics with a concentration in computer science or equivalent.
#J-18808-Ljbffr