Data Security Analyst - Senior

Job Description

Position Summary
ECS is seeking a Data Security Analyst - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This role supports Task 3 - Cybersecurity Operations Support - by implementing and managing enterprise data protection controls across ARNG classified and unclassified environments, conducting data discovery and classification activities, monitoring data flows and user activity for indicators of misuse or exfiltration, and supporting audit, remediation, and compliance actions. The Data Security Analyst works closely with SOC personnel, cybersecurity engineering teams, and system owners to strengthen Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) deliverables across the DoDIN-Army-NG area of responsibility.

This position contributes to a mission that delivers DoDIN services and cyber defense to approximately 120,000 users and 141,000 endpoints across about 2,800 sites in 54 states and territories, supporting Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. In this environment, the analyst helps protect sensitive and mission-critical data by supporting DLP and encryption activities, aligning with integrated SIEM/C2C/DLP analytics, and coordinating within a cybersecurity ecosystem that interfaces with the NETCOM Global Cyber Center, DISA DCDC, USIEM operations, and ARNG cyber defense teams.

Please Note: This position is contingent upon contract award.
Responsibilities

• Implement and administer enterprise data protection controls to safeguard sensitive and mission-critical information across ARNG environments.
• Perform data discovery, classification, and risk assessment activities to identify exposure, misuse, and data handling vulnerabilities.
• Monitor user activity and enterprise data flows for indicators of unauthorized access, misuse, or exfiltration, and document findings for follow-on action.
• Support Data Loss Prevention (DLP), encryption management, access governance, and audit review functions to improve ARNG data security posture.
• Investigate data-related security incidents, validate corrective actions, and coordinate remediation with SOC, cybersecurity engineering, and system teams.
• Contribute to Task 3 cybersecurity operations by helping defend classified and unclassified network environments within the DoDIN-Army-NG area of responsibility.
• Leverage integrated SIEM/C2C/DLP analytics and available enterprise data sources to improve visibility into data security events and support timely incident analysis.
• Coordinate with SOC analysts and other cybersecurity personnel to escalate data-related events through incident, problem, and change processes as required.
• Support compliance with DoD and ARNG data protection policies and assist with documentation and evidence needed for continuous monitoring and RMF-related activities.

Required Skills

Required Qualifications
U.S. Citizenship is required

Security Clearance: Secret Eligible

Required Certifications: DCWF Work Role 511-Cyber Defense Analyst - Basic proficiency; must hold ONE OR MORE of the following: CC, CEH, GFACT, GISF

Experience: 3+ years of experience in cybersecurity

• Experience implementing or supporting enterprise data protection controls for sensitive information in regulated environments.
• Experience conducting data discovery, data classification, and data risk assessment activities.
• Experience monitoring user behavior and data movement to identify potential misuse, unauthorized disclosure, or exfiltration.
• Experience supporting DLP, encryption, access governance, and audit review processes.
• Experience documenting incident findings, validating remediation actions, and coordinating with SOC or cybersecurity operations teams.
• Ability to support cybersecurity operations across classified and unclassified environments and maintain accurate compliance-related records.

Desired Skills

Desired Qualifications
Security Clearance: Active Secret (preferred)

• Experience supporting ARNG, Army, or other DoD cybersecurity operations in environments spanning multiple sites or geographically distributed users.
• Familiarity with USIEM, integrated SIEM/C2C/DLP analytics, and enterprise data sources used to improve threat visibility and detection quality.
• Experience coordinating with organizations such as NETCOM Global Cyber Center, DISA DCDC, RCCs, or related cyber defense stakeholders.
• Experience supporting data protection activities in environments that include SIPRNet or other classified enclaves.
• Familiarity with RMF continuous monitoring practices, eMASS artifact support, and audit evidence collection for security compliance activities.

ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

Everforth ECS is the federal segment of Everforth , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.

Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.

We value:

• Attracting and developing top talent and high-performing teams
• Fostering a culture that is engaging, accountable, and mission-driven