Job Description Everforth ECS is seeking a
Cyber Technical Writer to work in our
Portland, OR office.
Please Note: This position is contingent upon contract award. The Cyber Technical Writer develops, maintains , and improves cybersecurity documentation, operational procedures, technical guides, reports, briefings, and knowledge products that support security operations, engineering, assessment, training, and program management activities. This role translates complex cybersecurity concepts, processes, tools, and technical findings into clear, accurate , audience-appropriate documentation.
The ideal candidate combines strong writing and editing skills with a working understanding of cybersecurity operations, risk management, incident response, security tools, and compliance-driven environments. The role requires close collaboration with analysts, engineers, assessors, threat intelligence staff, training personnel, and program leadership to ensure documentation is complete, consistent, usable, and aligned with program requirements.
Key Responsibilities Cybersecurity Documentation Development - Develop, revise, and maintain cybersecurity documentation, including standard operating procedures, playbooks, runbooks, technical guides, process documents, user guides, and job aids.
- Translate technical input from cybersecurity subject matter experts into clear, structured, and actionable documentation for technical, operational, and management audiences.
- Document SOC workflows, incident response procedures, escalation paths, monitoring processes, reporting procedures, and security tool usage guidance.
- Ensure documentation accurately reflects current tools, processes, roles, responsibilities, and operational requirements.
Reports, Briefings & Deliverables - Prepare, edit, and format cybersecurity reports, executive summaries, operational updates, assessment support materials, after-action reports, and program deliverables.
- Support development of recurring status reports, performance summaries, metrics narratives, findings summaries, and stakeholder briefings.
- Ensure written products are clear, accurate , consistent, properly formatted, and aligned with audience needs and program expectations.
- Coordinate with technical contributors to validate facts, terminology, findings, recommendations, and supporting evidence before publication or submission.
Process, Policy & Procedure Support - Support documentation of cybersecurity policies, processes, procedures, standards, templates, and governance materials.
- Assist teams in converting informal practices, analyst notes, lessons learned, and technical workflows into repeatable, approved procedures.
- Maintain documentation that supports audit readiness, compliance activities, risk management, incident handling, training, and operational continuity.
- Identify gaps, inconsistencies, outdated content, or unclear procedures and recommend improvements to documentation owners.
Stakeholder Collaboration & Content Coordination - Work with SOC analysts, engineers, assessors, threat hunters, threat intelligence analysts, forensics personnel, training staff, and program leadership to gather content and clarify requirements.
- Facilitate reviews, collect feedback, adjudicate comments, and incorporate approved changes into formal documentation.
- Support communication between technical teams and non-technical stakeholders by converting technical details into plain-language summaries when appropriate .
- Manage documentation inputs, version history, review cycles, and approval status in coordination with program governance processes.
Knowledge Management & Training Support - Organize, maintain , and improve knowledge repositories, documentation libraries, SharePoint sites, wikis, document inventories, and related knowledge management resources.
- Develop job aids, quick reference guides, checklists, and supporting materials for cyber training, onboarding, tabletop exercises, and operational readiness activities.
- Ensure documentation is searchable, accessible, logically structured, and easy for cyber personnel to use during routine operations and high-priority response activities.
- Coordinate with training personnel to keep instructional materials aligned with current procedures, tools, and operational practices.
Quality Control & Continuous Improvement - Review documentation for clarity, grammar, formatting, consistency, technical accuracy, and adherence to templates, style guides, and program standards.
- Maintain standardized document templates, formatting conventions, terminology, acronym lists, and documentation quality practices.
- Support continuous improvement of documentation workflows, review processes, publishing procedures, and content management practices.
- Stay current with cybersecurity terminology, operational practices, frameworks, and documentation best practices relevant to the program environment.
Required Skills - 3-5 years of experience in technical writing, cybersecurity documentation, IT documentation, communications, knowledge management, training support, or related roles.
- Experience developing or maintaining technical documentation such as SOPs, runbooks, playbooks, user guides, reports, process documents, briefings, or knowledge articles.
- Working knowledge of cybersecurity concepts, security operations, incident response, vulnerability management, risk management, compliance, or security engineering terminology.
- Ability to gather information from technical subject matter experts and convert complex material into clear, organized, and audience-appropriate written products.
- Strong editing, formatting, grammar, quality control, document organization, and version management skills.
- Proficiency with common documentation and collaboration tools such as Microsoft Word, PowerPoint, Excel, SharePoint, Teams, Confluence, ticketing systems, or similar platforms.
- Strong communication , collaboration, attention to detail, and time management skills.
Desired Skills - Experience supporting cybersecurity operations centers, incident response teams, security engineering teams, assessment teams, or compliance-driven cyber programs.
- Familiarity with cybersecurity frameworks, standards, and guidance such as NIST, CIS Controls, ISO 27001, MITRE ATT&CK, or organizational security baselines.
- Experience preparing executive-facing cybersecurity reports, after-action reports, incident summaries, assessment deliverables, training materials, or operational metrics narratives.
- Experience maintaining document repositories, controlled document libraries, SOP inventories, knowledge bases, or formal review and approval workflows.
- Experience in regulated or mission-critical environments such as government, defense, finance, healthcare, critical infrastructure, or large enterprise programs.
- Certifications or training such as Security+, ITIL, Certified Professional Technical Communicator, Microsoft Office Specialist, or equivalent writing, cyber, or IT credentials.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
Everforth ECS is the federal segment of
Everforth , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
- Attracting and developing top talent and high-performing teams
- Fostering a culture that is engaging, accountable, and mission-driven
Meet the challenge. Make a difference with Everforth ECS! 
Never miss an opportunity! Create an alert based on the job you applied for.