Job Requirements
Fairfax, VA
Top Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Job Description Position Summary
ECS is seeking a Network Security Analyst (CDAP) - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. In this Task 3 - Cybersecurity Operations Support role, the selected candidate will analyze network traffic, logs, and security telemetry within the Cybersecurity Data Analytics Platform (CDAP) to identify malicious activity, policy violations, and anomalous behavior across ARNG network environments. The role directly supports ENOCS delivery of 24/7/365 cybersecurity engineering, monitoring, threat detection, vulnerability management, incident support, and Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility, while coordinating with SOC, cyber threat, defensive cyber, and network engineering personnel to improve enterprise defense.
This position supports a mission environment that provides DoDIN services to more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories, including support to Title 10 and Title 32 missions, mobilization readiness, domestic emergency response operations, and classified and unclassified network operations. The Network Security Analyst (CDAP) - Senior will contribute to cyber situational awareness and defense by working with integrated SIEM/C2C/DLP analytics, USIEM-aligned data sources, MITRE ATT&CK-based analytics, and network security telemetry from enterprise and boundary environments. The role operates in coordination with the NETCOM Global Cyber Center and DISA DCDC and helps sustain continuous monitoring, incident analysis, and RMF-aligned cybersecurity operations across ARNG enclaves.
Please Note: This position is contingent upon contract award.
Responsibilities
U.S. Citizenship is required
Security Clearance: TS//SCI Eligible
Required Certifications: DCWF Work Role 441-Network Operations Specialist - Intermediate proficiency; must hold ONE OR MORE of the following: CND, GFACT, GSEC, Security+
Experience: 7+ years of experience in cybersecurity
Education: Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering
Security Clearance: Active TS//SCI (preferred)
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
ECS is seeking a Network Security Analyst (CDAP) - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. In this Task 3 - Cybersecurity Operations Support role, the selected candidate will analyze network traffic, logs, and security telemetry within the Cybersecurity Data Analytics Platform (CDAP) to identify malicious activity, policy violations, and anomalous behavior across ARNG network environments. The role directly supports ENOCS delivery of 24/7/365 cybersecurity engineering, monitoring, threat detection, vulnerability management, incident support, and Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility, while coordinating with SOC, cyber threat, defensive cyber, and network engineering personnel to improve enterprise defense.
This position supports a mission environment that provides DoDIN services to more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories, including support to Title 10 and Title 32 missions, mobilization readiness, domestic emergency response operations, and classified and unclassified network operations. The Network Security Analyst (CDAP) - Senior will contribute to cyber situational awareness and defense by working with integrated SIEM/C2C/DLP analytics, USIEM-aligned data sources, MITRE ATT&CK-based analytics, and network security telemetry from enterprise and boundary environments. The role operates in coordination with the NETCOM Global Cyber Center and DISA DCDC and helps sustain continuous monitoring, incident analysis, and RMF-aligned cybersecurity operations across ARNG enclaves.
Please Note: This position is contingent upon contract award.
Responsibilities
- Analyze network traffic, packet data, logs, and security telemetry within CDAP to detect malicious activity, anomalous behavior, and cybersecurity policy violations across enterprise and boundary environments.
- Perform intrusion analysis, packet inspection, and event correlation using SIEM and network monitoring capabilities to support identification, validation, and escalation of potential security incidents.
- Develop and refine dashboards, reports, and analytic outputs that improve cyber situational awareness and support operational decision-making for ARNG cybersecurity stakeholders.
- Support detection engineering by helping refine analytic content and detection logic aligned to MITRE ATT&CK-based analytics and continuous monitoring objectives.
- Correlate network security data with integrated SIEM/C2C/DLP analytics and coordinate with USIEM engineers to improve visibility, data quality, and threat-informed detections.
- Work closely with SOC, CTI, defensive cyber, and network engineering teams to validate findings, support incident response activities, and strengthen ARNG network defense posture.
- Coordinate with the NETCOM Global Cyber Center and DISA DCDC, as required under Task 3 operations, to support DCO-IDM activities across classified and unclassified ARNG environments.
- Document analysis results, indicators, and trends to support reporting, governance, and continuous improvement of cybersecurity operations across the DoDIN-A(NG) area of responsibility.
- Ensure monitoring, analysis, and reporting activities align with DoD and ARNG cybersecurity policy, RMF requirements, and continuous monitoring strategies supporting ENOCS cybersecurity deliverables.
U.S. Citizenship is required
Security Clearance: TS//SCI Eligible
Required Certifications: DCWF Work Role 441-Network Operations Specialist - Intermediate proficiency; must hold ONE OR MORE of the following: CND, GFACT, GSEC, Security+
Experience: 7+ years of experience in cybersecurity
Education: Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering
- Experience analyzing network traffic, log data, and security telemetry to identify malicious activity, anomalous behavior, and policy violations.
- Experience performing intrusion analysis, packet inspection, and event correlation in support of cybersecurity monitoring and incident response.
- Experience producing dashboards, reports, or other analytic outputs that improve cyber situational awareness for operational stakeholders.
- Experience collaborating with SOC, cyber threat, defensive cyber, or network engineering teams to validate findings and improve defensive posture.
- Experience supporting RMF-aligned continuous monitoring activities and cybersecurity operations in accordance with DoD or ARNG policy.
- Experience working in enterprise network environments spanning multiple sites, users, and endpoint populations.
Security Clearance: Active TS//SCI (preferred)
- Experience supporting ARNG, Army, or other DoD cybersecurity operations in classified and unclassified enclaves.
- Experience working with integrated SIEM/C2C/DLP analytics, USIEM-related data sources, or similar enterprise security analytics environments.
- Experience developing or tuning MITRE ATT&CK-based analytics to improve threat detection and operational reporting.
- Familiarity with coordination processes involving NETCOM, ARCYBER, USCYBERCOM, RCCs, or DISA cyber operations stakeholders.
- Experience supporting cybersecurity operations for large, geographically dispersed enterprises serving mission users across multiple sites or states and territories.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
- Attracting and developing top talent and high-performing teams
- Fostering a culture that is engaging, accountable, and mission-driven
group id: 10112231A