Job Requirements
Fairfax, VA
Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Job Description Position Summary
ECS is seeking a Network Security Engineer (CDAP) - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This role supports Task 3 - Cybersecurity Operations Support by helping implement and sustain network security monitoring capabilities that defend ARNG classified and unclassified network environments across the DoDIN-Army-NG area of responsibility. The Network Security Engineer (CDAP) integrates data from network sensors and boundary protection devices, assists with correlation rule tuning and ingestion troubleshooting, validates detection coverage under senior direction, and documents configuration updates that support reliable, compliant cybersecurity operations. The position works as part of the broader ENOCS cyber team supporting Security Operations Center activities, monitoring and analysis, vulnerability management, and DCO-IDM execution.
Please Note: This position is contingent upon contract award.
This position contributes to a mission environment that delivers DoDIN services and cyber defense support to more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories, including support for Title 10 and Title 32 missions. The role operates within an enterprise cybersecurity architecture that includes integrated SIEM/C2C/DLP analytics, USIEM detection engineering, IDS/IPS, EDR, Zeek metadata, Sysmon-based ATT&CK analytics, and coordination with NETCOM Global Cyber Center and DISA DCDC. The work directly supports ARNG mission continuity, mobilization readiness, domestic emergency response, and the protection of both NIPRNet and SIPRNet-connected operations through sustained monitoring reliability and improved detection visibility.
Responsibilities
U.S. Citizenship is required
Security Clearance: Secret Eligible
Required Certifications: DCWF Work Role 441-Network Operations Specialist - Basic proficiency; must hold ONE OR MORE of the following: A+, Network+
Experience: 3+ years of experience in cybersecurity
Security Clearance: Active Secret (preferred)
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
ECS is seeking a Network Security Engineer (CDAP) - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This role supports Task 3 - Cybersecurity Operations Support by helping implement and sustain network security monitoring capabilities that defend ARNG classified and unclassified network environments across the DoDIN-Army-NG area of responsibility. The Network Security Engineer (CDAP) integrates data from network sensors and boundary protection devices, assists with correlation rule tuning and ingestion troubleshooting, validates detection coverage under senior direction, and documents configuration updates that support reliable, compliant cybersecurity operations. The position works as part of the broader ENOCS cyber team supporting Security Operations Center activities, monitoring and analysis, vulnerability management, and DCO-IDM execution.
Please Note: This position is contingent upon contract award.
This position contributes to a mission environment that delivers DoDIN services and cyber defense support to more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories, including support for Title 10 and Title 32 missions. The role operates within an enterprise cybersecurity architecture that includes integrated SIEM/C2C/DLP analytics, USIEM detection engineering, IDS/IPS, EDR, Zeek metadata, Sysmon-based ATT&CK analytics, and coordination with NETCOM Global Cyber Center and DISA DCDC. The work directly supports ARNG mission continuity, mobilization readiness, domestic emergency response, and the protection of both NIPRNet and SIPRNet-connected operations through sustained monitoring reliability and improved detection visibility.
Responsibilities
- Integrate data from network sensors and boundary protection devices to support CDAP network security monitoring across ARNG classified and unclassified environments.
- Assist with tuning correlation rules and analytics under senior direction to improve detection fidelity, monitoring effectiveness, and coverage validation.
- Troubleshoot event ingestion issues affecting security monitoring data streams and support restoration of reliable telemetry into enterprise monitoring platforms.
- Validate detection coverage for monitored network traffic and document gaps, updates, and recommended adjustments to support DCO-IDM operations.
- Maintain documentation for configuration changes, monitoring updates, and performance optimization activities to support compliance alignment and operational traceability.
- Support monitoring reliability for security capabilities that feed centralized visibility through integrated SIEM/C2C/DLP analytics and USIEM-enabled operations.
- Coordinate with senior cybersecurity personnel supporting SOC monitoring, detection engineering, and network security operations to align sensor data and monitoring outputs.
- Help optimize monitoring performance for boundary protection technologies such as firewalls, IDS/IPS, VPN, and other enterprise network equipment identified within the ENOCS environment.
- Contribute to cybersecurity operations conducted in coordination with the NETCOM Global Cyber Center and DISA DCDC by supporting accurate, sustainable network security data integration.
U.S. Citizenship is required
Security Clearance: Secret Eligible
Required Certifications: DCWF Work Role 441-Network Operations Specialist - Basic proficiency; must hold ONE OR MORE of the following: A+, Network+
Experience: 3+ years of experience in cybersecurity
- Experience supporting network security monitoring, sensor integration, or boundary defense capabilities in an enterprise environment.
- Experience assisting with correlation rule tuning, event parsing, or alert optimization to improve monitoring outcomes.
- Experience troubleshooting log or telemetry ingestion issues and documenting corrective actions.
- Ability to document configuration updates, monitoring changes, and operational procedures with accuracy and traceability.
- Familiarity with integrating and validating data from firewalls, IDS/IPS, VPN, or comparable network security devices.
- Ability to work under senior technical direction within a structured cybersecurity operations environment.
- Experience supporting compliance-aligned monitoring activities in classified and unclassified network environments.
Security Clearance: Active Secret (preferred)
- Familiarity with USIEM, SIEM/C2C/DLP analytics, or similar centralized security monitoring environments.
- Exposure to MITRE ATT&CK-based analytics, Sysmon monitoring, or Zeek metadata used to improve threat-informed detections.
- Experience supporting cybersecurity operations for large, geographically dispersed enterprises serving multiple sites or organizational stakeholders.
- Familiarity with ARNG, Army, or DoD cybersecurity operations supporting NIPRNet and SIPRNet mission environments.
- Experience supporting coordination across SOC, network operations, and cybersecurity engineering teams in a 24x7x365 operational model.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
- Attracting and developing top talent and high-performing teams
- Fostering a culture that is engaging, accountable, and mission-driven
group id: 10112231A
