Senior Watch Officer (SWO) / Active Top Secret

Job Locations US-VA-Arlington
Requisition ID
Position Category
Cyber Security
Top Secret/SCI
Cyber Mission


As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets.


Peraton is currently seeking to hire a Senior Watch Officer (SWO) for its' Federal Strategic Cyber group.   


Location: Arlington, VA; (on-site role)


This position is part of the DHS Cybersecurity Infrastructure Security Agency’s (CISA) 24/7 SCIF/Operations Center, which is the hub for staying on top of threats and emerging risks to our nation’s critical infrastructure. Through this operation center, the federal government coordinates situational awareness and response to protect national cyber and infrastructure security.


Position Description:

  • The SWO coordinates cyber and physical incidents affecting critical infrastructure and produces various levels of incident reporting. SWOs gather information from multiple sources and varying levels of classification to provide accurate, timely, and actionable information to our government leadership, law enforcement, federal stakeholders and partners.
  • The SWO candidate should be an experienced Operations/Intelligence/Cyber practitioner with the ability to work in a time sensitive detailed orientated operational environment, conduct quick assessments of cyber related events, and brief senior leaders in a timely manner.
  • The SWO candidate will possess the ability to effectively manage cyber and physical incidents in collaboration with federal staff. In addition, the SWO is responsible for leading a team of analysts throughout the shift and coordinating all tasks through completion.
  • The SWO candidate will triage, analyze, and coordinate cyber, communications, and physical incidents to identify the severity of impact to critical infrastructure. SWOs help determine the level of reporting or briefing required, coordinates incident operational data collection and analysis, and monitors the event through competition.
  • SWOs must be prepared to communicate on multiple platforms and brief management and senior leadership on developing situations during daily briefings or on an ad hoc basis.
  • Understand the operation of all communications and information technology hardware, software, and firmware utilized to perform daily functions. The candidate should have the ability to troubleshoot all equipment issues as needed and coordinate a resolution with the help desk.
  • Monitors classified databases, the ticket management system, subscription-based alerting services, cable and local news, social media, and other open source for threats to the nation’s critical infrastructure and global operations impacting national security.
  • SWOs will act as liaisons with internal divisions, federal stakeholders, law enforcement, intelligence agencies, regional personnel, industry partners, and internal partners to ensure coordinated reporting for events that have cascading cross-sector impacts to critical infrastructure.
  • SWOs must be able to multitask, make quick decisions and utilize critical thinking skills in an often fast paced and time sensitive environment under the direction of a federal CISA Duty Officer.
  • Must have the ability to read technical cyber reporting, including IOCs and TTPs, and be able to extract the important information to provide clear and concise reporting for a non-technical audience.
  • Utilize proprietary processes and technologies to support enterprise-wide international security and crisis management programs.
  • Other services and support as needed or directed by the government client.
  • The SWO candidate will work at a 24x7x365 Classified Operations and Watch Center.
    • Shifts are assigned based on the needs of the team and may include rotating assignments.
      • Shift 1: M-F 0600 - 1400
      • Shift 2: M-F 1400 - 2200
      • Shift 3: M-F 2200 - 0600
      • Shift 4: F/S/S 0600 – 1800
      • Shift 5: F/S/S 1800 - 0600



Basic Qualifications:

  • Bachelor’s degree with a minimum of 5-7 years related experience, or a Master's degree with 3-5 years of related experience. An additional 4 years of experience may be substituted in lieu of a degree.
  • Experience with crisis management at the national and local level.
  • Experience with utilizing work instructions and templates.
  • Experience with time sensitive report writing.
  • Demonstrated ability to manage the production and publishing of event driven reporting, cyclic reporting, and briefing products.
  • Demonstrated ability to manage cyber related incidents while multitasking and performing steady states shift functions.
  • Demonstrated ability to manage and triage group email accounts.
  • Demonstrated ability to communicate professionally via email in a timely manner.
  • Demonstrated ability to conduct oral senior leader briefings.
  • Must be flexible and able to work within a 24x7x365 operations support environment. 
  • Experience with open-source analysis and alerting systems.
  • Knowledge of Microsoft Office automation solutions.
  • Experience with Remedy Service, Knowledge Management System, and ServiceNOW or other Service Desk ticketing system.
  • An Active Top Secret Security Clearance required.
    • In addition, selected candidate must be able to obtain and maintain a favorably adjudicated DHS background investigation for continued employment.


Preferred Qualifications:

  • Experience as an Operations Officer/Action Officer/Incident Manager.
  • Experience in drafting and publishing national level reporting.
  • Experience with email triage and requests for information (RFIs).
  • Experience as an All-Source Intelligence Analyst in Joint Operations Center and/or Fusion Center.
  • Experience as a national level briefer for senior leadership.
  • Experience with cyber incident management and analysis.
  • Obtained Cyber certifications (i.e., CompTIA Security+).



At Peraton, our benefits are designed to help keep you at your best beyond the work you do with us daily. We’re fully committed to the growth of our employees. From fully comprehensive medical plans to tuition reimbursement, tuition assistance, and fertility treatment, we are there to support you all the way.



Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit to learn how we’re keeping people around the world safe and secure.

Target Salary Range

$86,000 - $138,000. This represents the typical salary range for this position based on experience and other factors.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed