Cybersecurity Manager - SME

Job Description Position Summary

ECS is seeking a Cybersecurity Manager - SME to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. In this role, the Cybersecurity Manager leads Task 3 - Cybersecurity Operations Support - and provides executive-level leadership, governance, and accountability for enterprise cybersecurity operations across ARNG environments. The position sets operational priorities, risk tolerance thresholds, and performance standards across Security Operations Center (SOC) operations, vulnerability management, incident response, RMF support, compliance, defensive cyber engineering, Cyber Defense Assessment Program (CDAP) analytics, and advanced threat operations. This role serves as the primary cybersecurity authority to Government leadership and works closely with ENOCS Task Area Managers, enterprise operations, applications, architecture, and program management teams to sustain authorization posture and mission readiness.

The position directly supports ARNG's mission to deliver DoDIN services and conduct DCO-IDM across the DoDIN-A(NG) area of responsibility for more than 120,000 users and approximately 141,000 endpoints spanning roughly 2,800 sites in 54 states and territories. The Cybersecurity Manager helps defend both classified and unclassified environments supporting Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and SIPRNet operations. The role operates within a technical environment that includes 24x7x365 SOC monitoring, USIEM analytics, EDR, SOAR, ACAS, STIG Manager, eMASS, IDS/IPS tuning, MITRE ATT&CK-based detections, and coordination with NETCOM Global Cyber Center, DISA DCDC, ARCYBER, USCYBERCOM, RCCs, and other mission stakeholders.

Please Note: This position is contingent upon contract award.
Responsibilities

• Lead Task 3 cybersecurity operations and establish enterprise priorities, performance standards, and risk tolerances across SOC operations, vulnerability management, incident response, RMF, compliance, defensive cyber engineering, CDAP analytics, and advanced threat activities.
• Serve as the principal cybersecurity advisor to Government leadership on enterprise security posture, risk acceptance, compliance status, and modernization considerations in accordance with DoD and ARNG cybersecurity policy.
• Direct 24x7x365 cybersecurity operations supporting DCO-IDM across ARNG classified and unclassified network environments within the DoDIN-A(NG) area of responsibility.
• Oversee enterprise risk reporting, compliance validation, and sustained authorization activities, including alignment of security artifacts, POA&Ms, and ongoing authorization evidence within eMASS.
• Guide SOC and monitoring operations using USIEM, EDR, SOAR, IDS/IPS, and MITRE ATT&CK-based analytics to improve threat detection, triage, response, and enterprise defensive posture.
• Coordinate cybersecurity operations and incident response with NETCOM Global Cyber Center, DISA DCDC, ARCYBER, USCYBERCOM, RCCs, and other owning organizations as required.
• Align vulnerability management and secure baseline activities across ARNG environments, including integration of ACAS, STIG Manager, continuous compliance validation, and prioritized remediation based on mission and threat conditions.
• Synchronize cybersecurity support with enterprise applications and enterprise operations teams to maintain secure operations across platforms, enclaves, and hosted services supporting 54 states and territories.
• Direct resource alignment and operational governance to ensure cybersecurity support remains responsive to ARNG mission requirements, including Title 10 and Title 32 operations, mobilization readiness, domestic emergency response, and SIPRNet mission support.
• Support transition-in planning and execution, as needed, to preserve operational continuity, maintain security oversight, and reduce risk during assumption of Task 3 responsibilities.

Required Skills Required Qualifications

U.S. Citizenship is required

Security Clearance: TS//SCI Eligible

Experience: 12+ years of experience in cybersecurity

• Demonstrated experience leading enterprise cybersecurity operations spanning SOC activities, vulnerability management, incident response, compliance, and RMF support.
• Demonstrated ability to establish operational priorities, performance standards, and risk tolerance thresholds for large-scale cybersecurity programs.
• Experience briefing senior Government stakeholders on cybersecurity posture, risk decisions, compliance status, and mission impacts.
• Experience managing cybersecurity operations in both classified and unclassified environments.
• Experience coordinating cross-functional cyber activities with operations, engineering, and application support teams to maintain mission readiness.
• Experience overseeing continuous monitoring, authorization sustainment, and compliance reporting using eMASS and related security evidence processes.
• Experience directing threat detection and defensive cyber activities supported by SIEM analytics, EDR, IDS/IPS, and incident escalation workflows.

Desired Skills Desired Qualifications

Security Clearance: Active TS//SCI (preferred)

• Experience supporting Army, ARNG, or other DoD enterprise cybersecurity operations across geographically distributed environments.
• Experience coordinating cybersecurity activities with NETCOM, ARCYBER, USCYBERCOM, RCCs, or DISA organizations.
• Experience with USIEM analytics, MITRE ATT&CK-based detection development, and enterprise monitoring approaches that integrate SIEM, C2C, and DLP data sources.
• Experience supporting cybersecurity operations for SIPRNet or other classified mission environments.
• Experience leading cyber operations for large user and endpoint populations across multi-site enterprises.

ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.

Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.

We value:

• Attracting and developing top talent and high-performing teams
• Fostering a culture that is engaging, accountable, and mission-driven