Job Requirements
Fairfax, VA
Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Job Description Position Summary
ECS is seeking a SOC CTIC Technician - Junior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program in Fairfax, VA. This role supports Task 3 - Cybersecurity Operations Support by analyzing threat intelligence feeds and operational security data to identify indicators, adversary tactics, and emerging risks that inform Security Operations Center (SOC) monitoring and analysis. The SOC CTIC Technician - Junior enriches indicators, supports correlation and detection content updates, produces intelligence summaries and reports, and coordinates with SOC analysts and CTIC leadership to document findings in support of continuous monitoring, incident analysis, and broader Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility.
Please Note: This position is contingent upon contract award.
This position contributes to cyber defense for an enterprise that supports more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories, including support to both classified and unclassified network environments. The role operates within an ARNG mission context that includes Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations, while coordinating within the ENOCS cyber ecosystem that includes the SOC, USIEM analytics, EDR management, SIEM/C2C/DLP analytics, and collaboration with the NETCOM Global Cyber Center and DISA DCDC to help preserve cyber freedom of action for Army, ARNG, Joint, and Coalition forces.
Responsibilities
U.S. Citizenship is required
Security Clearance: Secret Eligible
Required Certifications: DCWF Work Role 511-Cyber Defense Analyst - Basic proficiency; must hold ONE OR MORE of the following: CC, CEH, GFACT, GISF
Experience: 3+ years of experience in cybersecurity
Security Clearance: Active Secret (preferred)
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
ECS is seeking a SOC CTIC Technician - Junior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program in Fairfax, VA. This role supports Task 3 - Cybersecurity Operations Support by analyzing threat intelligence feeds and operational security data to identify indicators, adversary tactics, and emerging risks that inform Security Operations Center (SOC) monitoring and analysis. The SOC CTIC Technician - Junior enriches indicators, supports correlation and detection content updates, produces intelligence summaries and reports, and coordinates with SOC analysts and CTIC leadership to document findings in support of continuous monitoring, incident analysis, and broader Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility.
Please Note: This position is contingent upon contract award.
This position contributes to cyber defense for an enterprise that supports more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories, including support to both classified and unclassified network environments. The role operates within an ARNG mission context that includes Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations, while coordinating within the ENOCS cyber ecosystem that includes the SOC, USIEM analytics, EDR management, SIEM/C2C/DLP analytics, and collaboration with the NETCOM Global Cyber Center and DISA DCDC to help preserve cyber freedom of action for Army, ARNG, Joint, and Coalition forces.
Responsibilities
- Analyze threat intelligence feeds and operational security data to identify indicators of compromise, adversary tactics, techniques, and procedures, and emerging cyber risks affecting ARNG network environments.
- Enrich indicators and operational findings to support SOC monitoring, triage, and threat-informed defensive actions under Task 3 Cybersecurity Operations Support.
- Assist with correlation and detection content updates that improve SOC visibility and support more effective monitoring and analysis across ARNG classified and unclassified environments.
- Produce intelligence summaries, reports, and documented findings for CTIC leadership and SOC stakeholders to support continuous monitoring and cybersecurity operations.
- Coordinate with SOC analysts, watch functions, and CTIC leadership to document findings, refine analysis, and support escalation into incident, problem, and change processes as needed.
- Support use of USIEM analytics and integrated SIEM/C2C/DLP data sources to help identify actionable patterns, strengthen centralized visibility, and improve detection outcomes.
- Contribute to MITRE ATT&CK-based analytical activities by helping align observed indicators and adversary behavior to established threat-informed detection approaches used by the ENOCS SOC.
- Collaborate with cybersecurity operations personnel supporting 24x7x365 SOC monitoring to provide intelligence context that improves incident analysis and defensive cyberspace operations.
- Help maintain reporting and documentation that support DoD and ARNG cybersecurity policy, compliance expectations, and continuous monitoring requirements within the ENOCS mission environment.
- Coordinate, as required, with broader cyber operations stakeholders supporting ARNG cybersecurity activities in conjunction with the NETCOM Global Cyber Center and DISA DCDC.
U.S. Citizenship is required
Security Clearance: Secret Eligible
Required Certifications: DCWF Work Role 511-Cyber Defense Analyst - Basic proficiency; must hold ONE OR MORE of the following: CC, CEH, GFACT, GISF
Experience: 3+ years of experience in cybersecurity
- Experience analyzing threat intelligence reporting, indicators, and operational security data to support cyber defense activities.
- Experience documenting findings through intelligence summaries, operational reports, or other written analytical products.
- Experience coordinating with SOC personnel, analysts, or cyber operations teams to support detection, monitoring, or incident analysis workflows.
- Familiarity with continuous monitoring practices in support of DoD or ARNG cybersecurity operations requirements.
- Ability to support indicator enrichment and contribute to detection or correlation content improvement efforts.
- Experience working with cybersecurity data used for analysis in classified and unclassified network environments.
- Ability to organize, track, and communicate findings clearly to technical leadership and operational stakeholders.
Security Clearance: Active Secret (preferred)
- Familiarity with USIEM, EDR management, or integrated SIEM/C2C/DLP analytics used in enterprise SOC operations.
- Experience supporting MITRE ATT&CK-based analysis or threat-informed detection development.
- Experience supporting cyber operations in Army, ARNG, or other DoD environments with large distributed user and endpoint populations.
- Familiarity with coordination processes involving NETCOM, ARCYBER, USCYBERCOM, RCCs, or DISA-connected cyber operations stakeholders.
- Experience supporting cybersecurity operations for mission environments that include SIPRNet or other classified enclave considerations.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
- Attracting and developing top talent and high-performing teams
- Fostering a culture that is engaging, accountable, and mission-driven
group id: 10112231A
