Defense Critical Infrastructure/Operational Technology Team Lead - Senior

Job Description

Position Summary
ECS is seeking a Defense Critical Infrastructure/Operational Technology Team Lead - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This senior role supports Task 3 - Cybersecurity Operations Support - by leading enterprise data protection activities that strengthen Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility. The position establishes data security monitoring strategies, risk assessment methodologies, and governance processes for data loss prevention, encryption, and access control enforcement; analyzes data risk trends; leads complex data security incident investigations; and coordinates remediation with system owners, cybersecurity teams, and broader ENOCS cyber operations personnel.

In this role, the successful candidate helps protect ARNG classified and unclassified network environments that support more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories. The position contributes to cybersecurity operations that enable Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. The role operates within an enterprise environment that includes USIEM analytics, DLP, EDR, cross domain services, and continuous coordination with the NETCOM Global Cyber Center and DISA DCDC, while supporting ARNG efforts to extend unified detection capabilities across Defense Critical Infrastructure (DCI) and Operational Technology (OT) environments.

Please Note: This position is contingent upon contract award.
Responsibilities

• Lead enterprise data protection activities by defining and implementing monitoring strategies, risk assessment methods, and governance processes for DLP, encryption, and access control enforcement.
• Analyze data risk trends and high-risk exposure areas across ARNG classified and unclassified environments, and provide prioritized recommendations to leadership for remediation and risk reduction.
• Oversee investigation of complex data security incidents and ensure response actions align with DoD and ARNG cybersecurity policy, continuous monitoring objectives, and Task 3 cybersecurity operations deliverables.
• Coordinate remediation activities with system owners, cybersecurity teams, and security operations personnel to reduce data exposure and improve enterprise security posture across the DoDIN-Army-NG AOR.
• Support integration of data protection considerations with USIEM, DLP analytics, and broader monitoring and analysis activities to improve centralized visibility and cyber defense decision-making.
• Collaborate with NETCOM Global Cyber Center, DISA DCDC, and internal ENOCS cyber teams, as required, to support incident coordination, reporting, and protection of critical national infrastructure and other networks of interest.
• Advise on data security risks affecting Defense Critical Infrastructure/Operational Technology environments and help align monitoring and protective measures with ARNG cyber defense objectives.
• Ensure data security governance and incident handling activities support RMF-related continuous monitoring expectations, including coordination of evidence, reporting, and corrective actions where applicable.
• Contribute to the protection of ARNG mission operations spanning Title 10, Title 32, mobilization readiness, domestic emergency response, and classified SIPRNet-supported activities by reducing enterprise data risk and strengthening cyber resilience.

Required Skills

Required Qualifications
U.S. Citizenship is required

Security Clearance: Secret Eligible

Required Certifications: DCWF Work Role 511-Cyber Defense Analyst - Intermediate proficiency; must hold ONE OR MORE of the following: CEH(P),GMON,GRID,Cloud+,FITSP-O,GCED,GDSA,GSEC,PenTest+,Security+

Experience: 7+ years of experience in cybersecurity

Education: Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering

• Experience leading data security monitoring, risk analysis, and governance activities in support of enterprise cybersecurity operations.
• Experience investigating complex data security incidents and coordinating remediation across system owners and cybersecurity stakeholders.
• Experience developing or applying data protection controls supporting DLP, encryption, and access control enforcement.
• Ability to analyze enterprise data risk trends and present high-risk exposure findings and remediation priorities to leadership.
• Experience supporting continuous monitoring objectives within DoD or ARNG cybersecurity environments.
• Experience working across classified and unclassified network environments in support of enterprise cyber defense missions.
• Familiarity with SIEM-driven monitoring and analytics in support of centralized security visibility and incident response.
• Ability to coordinate data security activities within large, geographically distributed environments supporting mission operations across multiple sites and stakeholders.

Desired Skills

Desired Qualifications
Security Clearance: Active Secret (preferred)

• Experience supporting Defense Critical Infrastructure (DCI) and Operational Technology (OT) cybersecurity activities within a military or federal enterprise environment.
• Familiarity with USIEM, DLP analytics, EDR, and related enterprise monitoring capabilities used to support threat detection and data protection.
• Experience coordinating with organizations such as NETCOM, DISA, ARCYBER, USCYBERCOM, or regional cyber centers in support of cybersecurity operations.
• Experience supporting SIPRNet or other classified enclave operations as part of enterprise cyber defense or data protection activities.
• Familiarity with RMF continuous monitoring, eMASS artifact support, and POA&M-related coordination in operational cybersecurity environments.

ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

Everforth ECS is the federal segment of Everforth , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.

Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.

We value:

• Attracting and developing top talent and high-performing teams
• Fostering a culture that is engaging, accountable, and mission-driven