Defensive Cyber Engineer - Junior

Job Description

Position Summary
ECS is seeking a Defensive Cyber Engineer - Junior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program in Fairfax, VA. This position supports Task 3 - Cybersecurity Operations Support - by implementing and maintaining defensive cybersecurity tools and technical controls across enterprise systems and enclaves, applying hardening measures, validating remediation actions, assisting with event investigation, and documenting corrective actions that support continuous monitoring and RMF objectives. The role contributes directly to ENOCS delivery of Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) and works in coordination with cybersecurity operations, compliance, vulnerability management, SOC, and RMF personnel across the broader Task 3 team.

Please Note: This position is contingent upon contract award.

This role supports ARNG mission operations across classified and unclassified environments serving more than 120,000 users and approximately 141,000 endpoints at about 2,800 sites in 54 states and territories. The Defensive Cyber Engineer - Junior helps protect the DoDIN-Army-NG area of responsibility in support of Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. The position operates within the ENOCS cybersecurity environment that includes USIEM analytics, EDR, IDS/IPS, eMASS, ACAS, STIG Manager, and coordination with the NETCOM Global Cyber Center and DISA DCDC to sustain secure, compliant, and resilient enterprise operations.
Responsibilities

• Implement and maintain defensive cybersecurity tools and technical controls across ARNG enterprise systems, enclaves, and supported network environments under Task 3 Cybersecurity Operations Support.
• Apply STIG configurations, security patches, and hardening measures to help maintain secure baseline configurations and support continuous compliance validation.
• Perform vulnerability analysis, verify remediation effectiveness, and document findings to support enterprise vulnerability management and secure baseline configuration activities.
• Review logs and security event data under senior direction to support monitoring, analysis, and investigation of suspicious or anomalous activity.
• Assist incident response personnel with containment activities and technical follow-through during cybersecurity events, then document corrective actions and remediation status.
• Support RMF and continuous monitoring activities by helping maintain technical evidence, updating artifacts, and contributing information required for eMASS records and POA&M tracking.
• Coordinate with SOC and cybersecurity operations personnel to support detection and response workflows, including escalation of issues identified through monitoring and analysis processes.
• Contribute to security operations that leverage ARNG's operational toolsets and data sources, including USIEM, EDR, IDS/IPS, ACAS, and STIG Manager, to improve visibility and defensive posture.
• Support cybersecurity activities conducted in coordination with the NETCOM Global Cyber Center and DISA DCDC across classified and unclassified ARNG network environments.
• Help sustain technical security controls that protect ARNG mission operations supporting Title 10 and Title 32 requirements, classified SIPRNet operations, mobilization readiness, and domestic emergency response.

Required Skills

Required Qualifications
U.S. Citizenship is required

Security Clearance: Secret Eligible

Required Certifications: DCWF Work Role 521-Cyber Defense Infrastructure Support Specialist - Basic proficiency; must hold ONE OR MORE of the following: CC, A+, CND, GCLD, GDSA, GFACT, Network+

Experience: 3+ years of experience in cybersecurity

• Experience applying STIG settings, security patches, and system hardening measures to enterprise IT assets.
• Experience conducting vulnerability analysis and verifying remediation actions in support of continuous monitoring objectives.
• Experience supporting log review, event analysis, or security investigation activities in an enterprise environment.
• Experience documenting technical findings, corrective actions, and remediation status for compliance or RMF-related purposes.
• Experience assisting with incident response containment activities under established procedures and senior guidance.
• Experience working across classified and unclassified environments or supporting security controls for multiple enclaves.
• Familiarity with enterprise cybersecurity platforms and processes referenced in the ENOCS environment, such as eMASS, ACAS, STIG Manager, USIEM, EDR, or IDS/IPS.

Desired Skills

Desired Qualifications
Security Clearance: Active Secret (preferred)

• Experience supporting DCO-IDM operations within a DoD or Army enterprise environment.
• Familiarity with ARNG, Army, or other large-scale federal enterprise environments supporting geographically dispersed users, endpoints, and sites.
• Experience supporting cybersecurity operations in coordination with a SOC or with higher headquarters or service-level cyber organizations.
• Familiarity with eMASS artifact maintenance, POA&M development, and continuous monitoring evidence collection.
• Experience supporting cybersecurity controls in SIPRNet or other classified operational environments.

ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

Everforth ECS is the federal segment of Everforth , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.

Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.

We value:

• Attracting and developing top talent and high-performing teams
• Fostering a culture that is engaging, accountable, and mission-driven