Job Requirements
Fairfax, VA
Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Job Description Position Summary
ECS is seeking a SOC CTIC Technician - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. In this role, you will support Task 3 - Cybersecurity Operations Support by analyzing threat intelligence feeds and operational security data to identify indicators, adversary tactics, and emerging risks that inform Security Operations Center (SOC) monitoring and response. The position contributes directly to ENOCS delivery of 24/7/365 cybersecurity operations, threat detection, and Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) by enriching indicators, supporting correlation and detection content updates, producing intelligence reporting, and coordinating findings with SOC analysts and CTIC leadership.
Please Note: This position is contingent upon contract award.
This role supports ARNG's mission to defend classified and unclassified network environments across the DoDIN-Army-NG area of responsibility, helping sustain services for more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories. The SOC CTIC Technician - Journeyman operates within an enterprise environment that includes Unified Security Information & Event Management (USIEM), EDR, IDS/IPS, DLP, and supporting data sources such as Zeek metadata and Sysmon-informed ATT&CK analytics, while coordinating with organizations including the NETCOM Global Cyber Center and DISA DCDC. The role supports cyber defense outcomes tied to ARNG Title 10 and Title 32 missions, classified SIPRNet operations, mobilization readiness, and domestic emergency response.
Responsibilities
U.S. Citizenship is required
Security Clearance: Secret Eligible
Required Certifications: DCWF Work Role 511-Cyber Defense Analyst - Basic proficiency; must hold ONE OR MORE of the following: CC, CEH, GFACT, GISF
Experience: 3+ years of experience in cybersecurity
Security Clearance: Active Secret (preferred)
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
ECS is seeking a SOC CTIC Technician - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. In this role, you will support Task 3 - Cybersecurity Operations Support by analyzing threat intelligence feeds and operational security data to identify indicators, adversary tactics, and emerging risks that inform Security Operations Center (SOC) monitoring and response. The position contributes directly to ENOCS delivery of 24/7/365 cybersecurity operations, threat detection, and Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) by enriching indicators, supporting correlation and detection content updates, producing intelligence reporting, and coordinating findings with SOC analysts and CTIC leadership.
Please Note: This position is contingent upon contract award.
This role supports ARNG's mission to defend classified and unclassified network environments across the DoDIN-Army-NG area of responsibility, helping sustain services for more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories. The SOC CTIC Technician - Journeyman operates within an enterprise environment that includes Unified Security Information & Event Management (USIEM), EDR, IDS/IPS, DLP, and supporting data sources such as Zeek metadata and Sysmon-informed ATT&CK analytics, while coordinating with organizations including the NETCOM Global Cyber Center and DISA DCDC. The role supports cyber defense outcomes tied to ARNG Title 10 and Title 32 missions, classified SIPRNet operations, mobilization readiness, and domestic emergency response.
Responsibilities
- Analyze threat intelligence feeds and operational security data to identify indicators of compromise, adversary tactics, techniques, and procedures, and emerging risks affecting ARNG classified and unclassified environments.
- Enrich indicators and operational findings to support SOC monitoring, incident analysis, and CTIC reporting within Task 3 Cybersecurity Operations Support.
- Support updates to correlation logic and detection content used in SOC operations, helping improve threat-informed detections and monitoring effectiveness.
- Produce intelligence summaries, reports, and documented findings for SOC analysts, CTIC leadership, and other cybersecurity stakeholders.
- Coordinate with SOC analysts and technical teams to translate threat information into actionable detection, monitoring, and response support.
- Contribute to USIEM analytics activities by helping correlate available security data and documenting findings that improve centralized visibility and response.
- Support analysis aligned to MITRE ATT&CK-based detections using enterprise data sources identified in the ENOCS environment, including Zeek metadata and Sysmon-informed monitoring.
- Coordinate with NETCOM Global Cyber Center, DISA DCDC, and related cybersecurity stakeholders as required to support threat analysis, reporting, and continuous monitoring objectives across the DoDIN-A(NG) area of responsibility.
- Document intelligence findings and supporting artifacts in accordance with DoD and ARNG cybersecurity policy, continuous monitoring, and reporting requirements.
U.S. Citizenship is required
Security Clearance: Secret Eligible
Required Certifications: DCWF Work Role 511-Cyber Defense Analyst - Basic proficiency; must hold ONE OR MORE of the following: CC, CEH, GFACT, GISF
Experience: 3+ years of experience in cybersecurity
- Experience analyzing threat intelligence, indicators, and operational security data to support cyber defense or SOC activities.
- Experience documenting findings in intelligence summaries, reports, or other written products for operational or leadership use.
- Experience coordinating with analysts, engineers, or operational stakeholders to communicate threat findings and support follow-on action.
- Familiarity with continuous monitoring activities in support of DoD or ARNG cybersecurity requirements.
- Working knowledge of SIEM-supported analysis and correlation in enterprise security operations environments.
- Familiarity with classified and unclassified network defense operations in support of mission-critical environments.
Security Clearance: Active Secret (preferred)
- Experience supporting USIEM analytics, detection content, or correlation activities in a DoD cyber operations environment.
- Familiarity with MITRE ATT&CK-based analysis and use of threat-informed detection methods.
- Experience working with enterprise security data sources such as EDR, IDS/IPS, DLP, Zeek metadata, or Sysmon-related telemetry.
- Experience supporting ARNG, Army, or other DoD cybersecurity operations involving coordination with NETCOM, ARCYBER, USCYBERCOM, or RCC organizations.
- Familiarity with cybersecurity support requirements spanning both SIPRNet and unclassified environments.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
- Attracting and developing top talent and high-performing teams
- Fostering a culture that is engaging, accountable, and mission-driven
group id: 10112231A
