Job Requirements
Fairfax, VA
Top Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Job Description Position Summary
ECS is seeking a SOC Security Engineering Technician - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This position supports Task 3 - Cybersecurity Operations Support - by leading implementation, configuration, and sustainment of security engineering solutions that enable Security Operations Center (SOC) monitoring, detection, and response across ARNG enterprise environments. The role integrates with the broader ENOCS cyber team by coordinating with SOC analysts, CTIC, CDAP, and infrastructure stakeholders to maintain continuous monitoring, improve event correlation, and preserve monitoring coverage and alert fidelity in support of Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM).
Please Note: This position is contingent upon contract award.
This role directly contributes to ARNG's mission to defend classified and unclassified network environments supporting more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories. The SOC Security Engineering Technician - Journeyman helps sustain cybersecurity visibility and response across the DoDIN-Army-NG area of responsibility, including environments supporting Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. The position works within the program's operational cyber ecosystem, supporting integrated security data and analytics through USIEM, endpoint and detection capabilities aligned with EDR operations, IDS/IPS tuning, log forwarding and telemetry pipelines, and RMF-aligned continuous monitoring in coordination with organizations including the NETCOM Global Cyber Center and DISA DCDC.
Responsibilities
U.S. Citizenship is required
Security Clearance: TS//SCI Eligible
Required Certifications: DCWF Work Role 521-Cyber Defense Infrastructure Support Specialist - Intermediate proficiency; must hold ONE OR MORE of the following: GMON, GRID, CEH, Cloud+, CySA+, GSEC, PenTest+, Security+, SSCP
Experience: 7+ years of experience in cybersecurity
Education: Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering
Security Clearance: Active TS//SCI (preferred)
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
ECS is seeking a SOC Security Engineering Technician - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This position supports Task 3 - Cybersecurity Operations Support - by leading implementation, configuration, and sustainment of security engineering solutions that enable Security Operations Center (SOC) monitoring, detection, and response across ARNG enterprise environments. The role integrates with the broader ENOCS cyber team by coordinating with SOC analysts, CTIC, CDAP, and infrastructure stakeholders to maintain continuous monitoring, improve event correlation, and preserve monitoring coverage and alert fidelity in support of Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM).
Please Note: This position is contingent upon contract award.
This role directly contributes to ARNG's mission to defend classified and unclassified network environments supporting more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories. The SOC Security Engineering Technician - Journeyman helps sustain cybersecurity visibility and response across the DoDIN-Army-NG area of responsibility, including environments supporting Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. The position works within the program's operational cyber ecosystem, supporting integrated security data and analytics through USIEM, endpoint and detection capabilities aligned with EDR operations, IDS/IPS tuning, log forwarding and telemetry pipelines, and RMF-aligned continuous monitoring in coordination with organizations including the NETCOM Global Cyber Center and DISA DCDC.
Responsibilities
- Lead implementation, configuration, and maintenance of security engineering capabilities that support SOC monitoring, detection, and response operations across ARNG enterprise environments.
- Integrate and sustain security tools, sensors, log forwarding mechanisms, and telemetry pipelines to improve monitoring coverage, event quality, and alert fidelity.
- Support continuous monitoring operations by validating data flow and correlation effectiveness within the ARNG cyber environment, including USIEM-integrated analytics and related detection engineering activities.
- Troubleshoot security engineering issues affecting visibility, sensor performance, log ingestion, and monitoring effectiveness across classified and unclassified enclaves.
- Perform system hardening support and validate configuration baselines to help maintain secure operational conditions aligned with DoD and ARNG cybersecurity policy.
- Document configuration changes, remediation actions, and engineering updates to support traceability, operational continuity, and RMF-related evidence requirements.
- Coordinate with SOC, CTIC, CDAP, and infrastructure teams to sustain enterprise monitoring capabilities and support threat detection, vulnerability management, and cyber defense operations.
- Support cybersecurity engineering activities performed in coordination with the NETCOM Global Cyber Center and DISA DCDC to maintain defensive coverage across the DoDIN-Army-NG area of responsibility.
- Assist with maintaining monitoring and response capabilities that support ARNG missions across 54 states and territories, including operational environments tied to Title 10, Title 32, and SIPRNet-supported activities.
U.S. Citizenship is required
Security Clearance: TS//SCI Eligible
Required Certifications: DCWF Work Role 521-Cyber Defense Infrastructure Support Specialist - Intermediate proficiency; must hold ONE OR MORE of the following: GMON, GRID, CEH, Cloud+, CySA+, GSEC, PenTest+, Security+, SSCP
Experience: 7+ years of experience in cybersecurity
Education: Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering
- Experience implementing, configuring, and sustaining security engineering solutions that support SOC monitoring, detection, and response operations.
- Experience integrating security sensors, log forwarding mechanisms, and telemetry pipelines to enable comprehensive visibility and accurate event correlation.
- Experience supporting system hardening activities, validating configuration baselines, and assisting with remediation of monitoring or security control deficiencies.
- Experience documenting configuration changes, remediation actions, and technical updates in support of operational accountability and auditability.
- Experience coordinating with cross-functional cybersecurity and infrastructure teams to maintain continuous monitoring capabilities.
- Experience supporting RMF-aligned cybersecurity operations and compliance activities within classified and unclassified enterprise environments.
- Experience supporting enterprise cybersecurity operations at scale across distributed users, endpoints, or sites.
Security Clearance: Active TS//SCI (preferred)
- Experience supporting USIEM-related data integration, analytics enablement, or detection engineering in a SOC environment.
- Experience working with EDR, IDS/IPS, or related security monitoring technologies in support of continuous cyber defense operations.
- Experience supporting ARNG, Army, or other DoD enterprise cybersecurity environments with coordination across organizations such as NETCOM, RCCs, or DISA.
- Experience supporting cybersecurity operations for SIPRNet or other classified environments in addition to unclassified enterprise enclaves.
- Familiarity with MITRE ATT&CK-informed detection use cases, threat-informed defense, and operational handoff practices supporting 24x7 cybersecurity monitoring.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
- Attracting and developing top talent and high-performing teams
- Fostering a culture that is engaging, accountable, and mission-driven
group id: 10112231A
