Job Requirements
Fairfax, VA
Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Job Description Position Summary
ECS is seeking an Operational Technology Engineer - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This position supports Task 3 - Cybersecurity Operations Support - by monitoring and analyzing security telemetry across Operational Technology (OT), Industrial Control System (ICS), and Defense Critical Infrastructure (DCI) environments to detect anomalous activity, policy violations, and indicators of compromise. The role contributes to ENOCS Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) by reviewing OT network traffic, system logs, and sensor outputs, documenting risk impacts, supporting remediation validation, and coordinating with SOC/CIRT personnel, OT engineers, and facility stakeholders to investigate and contain cyber events while preserving operational continuity.
Please Note: This position is contingent upon contract award.
This role directly supports ARNG's mission to defend classified and unclassified network environments that enable operations for more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories. The Operational Technology Engineer - Journeyman operates within a cybersecurity environment aligned to ARNG Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. In support of the program's OT/DCI mission space, the position works within an enterprise cyber defense architecture that includes USIEM, C2C, DLP analytics, IDS/IPS-informed monitoring, SOC and CIRT coordination, and RMF-based continuous monitoring practices designed to protect mission-critical infrastructure without disrupting safety, reliability, or availability.
Responsibilities
U.S. Citizenship is required
Security Clearance: Secret Eligible
Required Certifications: DCWF Work Role 462-Control Systems Security Specialist - Basic proficiency; must hold ONE OR MORE of the following: DAF 462 (Basic) (ICS)
Experience: 3+ years of experience in cybersecurity
Security Clearance: Active Secret (preferred)
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
ECS is seeking an Operational Technology Engineer - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This position supports Task 3 - Cybersecurity Operations Support - by monitoring and analyzing security telemetry across Operational Technology (OT), Industrial Control System (ICS), and Defense Critical Infrastructure (DCI) environments to detect anomalous activity, policy violations, and indicators of compromise. The role contributes to ENOCS Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) by reviewing OT network traffic, system logs, and sensor outputs, documenting risk impacts, supporting remediation validation, and coordinating with SOC/CIRT personnel, OT engineers, and facility stakeholders to investigate and contain cyber events while preserving operational continuity.
Please Note: This position is contingent upon contract award.
This role directly supports ARNG's mission to defend classified and unclassified network environments that enable operations for more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories. The Operational Technology Engineer - Journeyman operates within a cybersecurity environment aligned to ARNG Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. In support of the program's OT/DCI mission space, the position works within an enterprise cyber defense architecture that includes USIEM, C2C, DLP analytics, IDS/IPS-informed monitoring, SOC and CIRT coordination, and RMF-based continuous monitoring practices designed to protect mission-critical infrastructure without disrupting safety, reliability, or availability.
Responsibilities
- Monitor OT, ICS, and DCI security telemetry to identify anomalous behavior, policy violations, indicators of compromise, and misconfigurations affecting control system networks.
- Analyze OT network traffic, system logs, and sensor outputs to assess threats while accounting for operational safety, system availability, and mission continuity requirements.
- Document security findings, risk impacts, and remediation status to support continuous monitoring, vulnerability management, and ARNG cybersecurity reporting objectives.
- Coordinate with SOC and CIRT personnel to investigate, escalate, and help contain cybersecurity events affecting OT and DCI environments.
- Support validation of vulnerability mitigation and remediation actions within operational environments to help maintain secure baseline configurations and resilient cyber posture.
- Align monitoring, analysis, and reporting activities with DoD and ARNG cybersecurity policy, RMF requirements, and ongoing authorization and compliance objectives.
- Contribute to Task 3 cybersecurity operations deliverables by supporting proactive DCO-IDM activities across ARNG classified and unclassified environments.
- Work with OT engineers and facility stakeholders to evaluate potential cyber impacts to mission-critical infrastructure and recommend response actions that preserve operational continuity.
- Support the OT/DCI monitoring approach described for ENOCS by helping extend enterprise detection visibility through USIEM and related cyber defense capabilities into operational technology environments.
- Coordinate, as required, within the broader ENOCS cyber defense structure that interfaces with the NETCOM Global Cyber Center and DISA DCDC for enterprise cybersecurity operations.
U.S. Citizenship is required
Security Clearance: Secret Eligible
Required Certifications: DCWF Work Role 462-Control Systems Security Specialist - Basic proficiency; must hold ONE OR MORE of the following: DAF 462 (Basic) (ICS)
Experience: 3+ years of experience in cybersecurity
- Experience monitoring and analyzing security events in OT, ICS, or DCI environments.
- Ability to review network traffic, system logs, and sensor outputs to identify suspicious activity, threats, and configuration issues.
- Experience documenting findings, risk impacts, and remediation status in support of cybersecurity operations and continuous monitoring.
- Ability to coordinate with SOC, incident response, engineering, and stakeholder teams during investigation and containment of security events.
- Working knowledge of RMF-aligned monitoring and reporting practices in support of cybersecurity compliance objectives.
- Experience supporting vulnerability mitigation and remediation validation in environments where safety and availability are critical operational considerations.
Security Clearance: Active Secret (preferred)
- Experience supporting cybersecurity operations in Defense Critical Infrastructure (DCI) or other operational technology mission environments.
- Familiarity with enterprise cyber defense platforms and data sources referenced in the ENOCS environment, including USIEM, C2C, DLP analytics, and IDS/IPS-informed monitoring.
- Experience supporting ARNG, Army, or other DoD cybersecurity missions spanning both classified and unclassified network environments.
- Familiarity with coordination processes involving SOC, CIRT, NETCOM, or DISA-connected cyber operations activities.
- Experience operating in geographically distributed enterprise environments supporting large user populations across multiple sites or jurisdictions.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
- Attracting and developing top talent and high-performing teams
- Fostering a culture that is engaging, accountable, and mission-driven
group id: 10112231A
