We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
SMS Data Products Group, Inc. jobs

Cyber Defense Operator (CDO)

SMS Data Products Group, Inc.
United States, Texas, San Antonio
1701 Kenly Avenue (Show on map)
Mar 22, 2026

Cyber Defense Operator (CDO)
Job Locations

US-TX-San Antonio






Job ID
2026-5308
 # of Openings
2
 Clearance Requirement
TS/SCI
 Education Requirement
High School Diploma/GED
 Certifications
CND & GCFA
 Experience Level
Senior
 8570 Compliant
IAT 1


Overview

The Cyber Defense Operator (CDO) supports the Air Force Computer Emergency Response Team (AFCERT) mission by providing continuous, near real-time network security monitoring, intrusion detection analysis, and host security monitoring across the Air Force Information Network (AFIN). The CDO operates as a member of the DCO Hunt and Assess Crew (HAC) and is required to attain and maintain Mission Ready (MR) status in accordance with applicable Air Combat Command Instructions (ACCI) and ACCMANs governing the AFIN weapon system. This position supports 24x7x365 mission operations across rotating crew schedules and will require shift work.

As a dynamic systems integrator, SMS offers proven solutions in engineering, operations, cybersecurity, and digital transformation. With expertise in modernizing and optimizing legacy infrastructure and systems, ensuring operational efficiency, and designing, implementing, and managing secure environments, SMS supports business and mission goals with proficiency, quality, and integrity.

SMS has been serving the advanced information technology needs of the federal government since 1976, delivering talented teams and innovative, cost-effective solutions and services to support our customers' missions for more than 45 years. SMS is headquartered in McLean, Virginia, with offices and on-site operations at customer locations throughout the United States. For additional information on SMS, visit www.sms.com.

Submit your resume today!



Responsibilities
    Conduct near real-time network security monitoring and intrusion detection analysis across networks and systems
  • Review IDS/IPS alerts per Operating Instruction (OI) and checklists
  • Conduct host security monitoring, alert review, intrusion detection analysis, and event analysis and triage
  • Develop, Review and Maintain procedures related to the overall monitoring of Hosts/Systems.
  • Monitor security sensors to analyze Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) to identify and correlate security issues/events and review logs to identify intrusions for remediation.
  • Correlate suspicious events with network events, if possible, and data stored within databases and other external DoD resources.
  • Analyze traffic/logs/events to determine the necessity for higher level analysis and conduct an initial assessment of type and extent of intruder activities.
  • Record who, what, where, why and when for any identified suspicious activity in case management system (CMS) to enable additional investigations.
  • Conduct triage of suspicious activity alerts and logs in order to make a fast and accurate triage decision.
  • Enter event data into mission support systems in accordance with operational procedures and reports.
  • Escalate security incidents using established policies and procedures.
  • Generate end of mission reports (MISREPS) and provide pass-on information for knowledge transfer to subsequent /crews of analysts on duty regarding the latest suspicious traffic seen from a given port, Internet Protocol (IP), etc.
  • Provide computer security-related support to AF field units.
  • Provide feedback on detection mechanisms that are both true and false positive events to Content Development as applicable.


Qualifications

Required Qualifications

  • A minimum of five (5) years of experience in cyber defense operations, network security monitoring, intrusion detection analysis, or a related discipline within a DoD or Intelligence Community environment.
  • Active TS/SCI clearance required.
  • High School Diploma or GED required.
  • 8140 IAT Level 1 (A+ CE, CCNA-Security, CND, Network+ CE, or SSCP) & GCFA certified
  • General knowledge of cyber security frameworks, such as the Cyber Kill Chain, MITRE ATT&CK, and the NIST 800 series
  • General knowledge of physical computer components and architectures, including the functions of computer domains, directory services, various components and peripherals, basic programming concepts, assembly codes, TCP/IP, OSI models, underlying networking protocols (e.g., DNS, ARP, etc.), security hardware and software
  • Candidate must be self-motivated and able to perform with minimal supervision

Preferred Skills/ Qualifications:

  • Certified Network Defender (CND) certification
  • Knowledge of cyber forensic collection, preservation, and chain of custody
  • Prior AFCERT / DCO / SOC experience supporting government networks.
  • Experience with endpoint and network security tooling such as SIEM, EDR, packet capture, IDS/IPS, and case management workflows.
  • Familiarity with producing operational deliverables in a regulated environment (formal ticketing, incident timelines, evidence handling).

SMS is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Applied = 0
MORE JOBS LIKE THIS

(web-bd9584865-kzk4k)