SOC Vulnerability Management ACAS Technician - Junior

Job Description

Position Summary
ECS is seeking a SOC Vulnerability Management ACAS Technician - Junior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program in Fairfax, VA. In this role, the candidate supports Task 3 - Cybersecurity Operations Support by executing authenticated and unauthenticated ACAS scans, analyzing vulnerability results, validating credential integrity and scan coverage, and coordinating remediation tracking with system owners. The position contributes directly to ENOCS delivery of 24/7/365 cybersecurity engineering, operations, vulnerability management, and RMF support across the DoDIN-Army-NG area of responsibility, working as part of the broader SOC and cybersecurity operations team that defends ARNG classified and unclassified network environments.

Please Note: This position is contingent upon contract award.

This position helps protect a mission environment that delivers DoDIN services to more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories. The role supports ARNG Title 10 and Title 32 missions, including mobilization readiness, domestic emergency response, and classified SIPRNet operations, by helping maintain secure baseline configurations and continuous compliance across enterprise systems. The technician operates within an environment that uses ACAS, eMASS, STIG Manager, USIEM-integrated cyber operations, and RMF-aligned processes, while coordinating within the larger defensive cyber ecosystem that includes NETCOM Global Cyber Center and DISA DCDC support relationships.
Responsibilities

• Execute authenticated and unauthenticated ACAS scans across ARNG networked systems to identify vulnerabilities affecting classified and unclassified environments.
• Analyze scan results to identify vulnerabilities, assess scan completeness, and validate credential integrity and asset coverage.
• Coordinate remediation actions with system owners and other cybersecurity stakeholders to support timely correction of identified weaknesses.
• Perform follow-up rescans to verify implementation and effectiveness of corrective actions and document validation results.
• Update and maintain POA&M entries based on scan findings, remediation status, and residual risk in support of RMF-aligned cybersecurity operations.
• Support operational reporting for vulnerability management activities in accordance with STIGs, IAVMs, RMF requirements, and DoD and ARNG cybersecurity directives.
• Contribute to Task 3 deliverables for secure baseline configuration, vulnerability management, and vulnerability assessment supporting continuous compliance across the ARNG enterprise.
• Interface with the broader SOC and cybersecurity operations structure to support enterprise defense activities aligned with ENOCS coordination across NETCOM Global Cyber Center and DISA DCDC.
• Help sustain cyber readiness for an ARNG environment spanning approximately 141,000 endpoints and 2,800 sites by validating scan coverage and supporting prioritized remediation tracking.

Required Skills

Required Qualifications
U.S. Citizenship is required

Security Clearance: Secret Eligible

Required Certifications: DCWF Work Role 541-Vulnerability Assessment Analyst - Basic proficiency; must hold ONE OR MORE of the following: CEH

Experience: 3+ years of experience in cybersecurity

• Experience executing vulnerability scans and reviewing findings in support of enterprise cybersecurity operations.
• Experience validating scan credentials, asset coverage, and the quality of vulnerability assessment results.
• Experience tracking remediation actions with system owners and documenting status through closure or risk acceptance workflows.
• Experience updating POA&Ms and supporting compliance activities aligned with RMF requirements.
• Working knowledge of STIGs, IAVMs, and DoD or ARNG cybersecurity directives as they relate to vulnerability management.
• Experience producing operational reports that summarize scan results, remediation progress, and compliance status.

Desired Skills

Desired Qualifications
Security Clearance: Active Secret (preferred)

• Experience supporting ACAS-based vulnerability management within Army, ARNG, or other DoD enterprise environments.
• Familiarity with eMASS updates and integration activities supporting cybersecurity compliance and artifact management.
• Familiarity with STIG Manager in support of secure baseline configuration and compliance validation.
• Experience supporting cybersecurity operations in environments coordinated with enterprise organizations such as NETCOM or DISA.
• Experience supporting vulnerability management activities for large, distributed environments spanning multiple sites or enclaves, including NIPRNet or SIPRNet-related operations.

ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

Everforth ECS is the federal segment of Everforth , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.

Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.

We value:

• Attracting and developing top talent and high-performing teams
• Fostering a culture that is engaging, accountable, and mission-driven