Attack Sensing & Warning (AS&W) Technical Lead

Job Description Position Title: Attack Sensing & Warning (AS&W) Technical LeadLocation: Charleston, South CarolinaMinimum Security Clearance: Secret, with ability to obtain Top Secret / Sensitive Compartmented Information (TS/SCI)eCRAFT: CSE2Education: Bachelor’s degree in a relevant discipline preferredYears of Experience: Five (5) years with degree or eight (8) years of equivalent experiencePosition DescriptionThe Attack Sensing & Warning (AS&W) Technical Lead serves as the technical authority for global AS&W operations, overseeing defensive cyber operations across multiple Regional Operations Centers (ROCs) and the DETECT team.

This leadership role is responsible for directing incident response activities, ensuring technical excellence, enforcing quality control standards, and integrating operations across geographically dispersed teams.As a subject matter expert in AS&W operations, the Technical Lead drives operational consistency, technical rigor, and continuous improvement across cybersecurity processes.

This role requires strong leadership in high-pressure environments, the ability to manage complex technical initiatives, and a proactive approach to personnel development, conflict resolution, and team cohesion.Duties and ResponsibilitiesServe as the AS&W Subject Matter Expert (SME) during live incident response, providing near-real-time quality control and oversightEnsure accurate documentation, campaign notes, and operational updates are maintained by Regional Operations Centers and analystsProvide mentorship and professional development guidance to Defensive Cyber Operations (DCO) Watch and DETECT team membersCoordinate communications, policies, and processes across regional operations center analysts and incident respondersLead continuous review and improvement of operational processes and procedural documentation governing ROC operationsCollaborate with training development teams to design, execute, and maintain role-based baseline and progressive training plansEnsure quality control of DCO Watch products, including threat hunts, detection evaluations, and purple team reportsIdentify, assess, and mitigate operational and programmatic risksLead cross-functional technical teams and manage task prioritization across service areasParticipate in meetings and conferences with internal and external stakeholders to ensure delivery of high-quality products within established schedulesCoordinate with customer organizations to improve operational processes, outcomes, and overall customer experienceEnsure organizational processes align with customer policies and external directivesConduct periodic onsite evaluations of personnel and team performance at regional operations center facilitiesSupport short-notice global travel requirements as mission needs dictateDelegate high-level training priorities to the Service Area Training Lead to execute enterprise training initiativesServe as the primary point of contact for coordinating and deconflicting surge support and operational interactions between DETECT and DCO Watch teamsAct as a Trusted Agent for all Red Team operationsRequired SkillsExtensive knowledge of Attack Sensing & Warning operations, incident response, and defensive cyber workflowsExperience with quality control processes, ticket management, and analyst performance evaluationProficiency reviewing, refining, and enforcing operational documentation and proceduresExpert-level knowledge of Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01BStrong critical thinking, analytical reasoning, and problem-solving abilitiesDemonstrated ability to maintain composure and make effective decisions under stressDesired SkillsStrong leadership, decision-making, and operational oversight capabilitiesAbility to operate effectively in fast-paced, high-pressure cybersecurity environmentsExcellent verbal and written communication skillsProven ability to lead cross-functional and geographically distributed teamsExperience, Education and Certification RequirementsBachelor’s degree in a relevant discipline with a minimum of five (5) years of experience, orAt least eight (8) years of experience working in a cybersecurity operations environmentMinimum of four (4) years of experience in a leadership roleMust meet Department of Defense (DoD) 8570 Information Assurance Technical (IAT) Level III and other applicable certification requirementsAdditional InformationPosition may require up to twenty percent (20%) travel based on mission requirementsMay require extended hours beyond normal duty schedules to support operational needs Benefits at 3 Reasons ConsultingAt 3 Reasons Consulting, we are committed to supporting the well-being of our team with a comprehensive benefits package that includes both company-paid and shared-cost options.

Our benefits are designed to enhance your health, financial security, and work-life balance to help you thrive personally and professionally as a valued member of our team.Company-Paid BenefitsShort/Long Term DisabilityBasic Life InsuranceDirect Payroll DepositLeave AccrualHolidays401(k) MatchEmployee / Company Shared BenefitsAdditional (Voluntary) Life Insurance401(k)Medical CoverageDental CoverageVision Care PlanFlexible Spending Account Plan3 Reasons Consulting is an Equal Opportunity Employer.

We are committed to providing a workplace free from discrimination or harassment and hold all 3 Reasons employees accountable to protect this mission.

We do not discriminate on the basis of race, color, gender, religion, national origin, sexual orientation, age, marital status, veteran status, military status, disability status, or any other characteristic protected by federal, state, or local law.

All applicants will receive consideration for employment without regard to protected bases.

PIcab3a62ce6ba-