SOC DMA Technician - Senior

Job Description

Position Summary
ECS is seeking a SOC DMA Technician - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This position supports Task 3 - Cybersecurity Operations Support by leading sustainment and optimization of automated monitoring, data analytics, and reporting capabilities that enable SOC situational awareness and continuous monitoring across Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM). The role works across the SOC, CDAP, and security engineering functions to maintain reliable data feeds, dashboards, integrations, and analytic workflows; troubleshoot complex ingestion and performance issues; and provide operational metrics and recommendations that improve monitoring effectiveness and mission readiness.

In this role, the selected candidate will help defend ARNG classified and unclassified network environments that support more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories. The position operates within the ENOCS cyber operations environment that includes Unified Security Information & Event Management (USIEM), Endpoint Detection and Response (EDR), IDS/IPS, DLP analytics, and supporting data sources such as Zeek metadata and Sysmon-aligned ATT&CK monitoring. This work directly supports ARNG Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and coordination with NETCOM Global Cyber Center and DISA DCDC to maintain cyber freedom of action across the DoDIN-Army-NG area of responsibility.

Please Note: This position is contingent upon contract award.
Responsibilities

• Lead sustainment and optimization of automated monitoring, data analytics, dashboards, and reporting workflows that support SOC situational awareness and continuous monitoring across Task 3.
• Oversee the configuration, health, and performance of cybersecurity data feeds, integrations, and analytic pipelines to improve data integrity, timeliness, and reporting accuracy.
• Troubleshoot complex ingestion, correlation, and performance issues affecting SOC monitoring and digital media analysis support capabilities.
• Coordinate implementation of monitoring and reporting changes with SOC, CDAP, and security engineering teams to maintain operational continuity and configuration control.
• Support the effectiveness of USIEM analytics by validating enabling data sources, improving feed quality, and helping refine MITRE ATT&CK-based analytic outputs used for threat-informed defense.
• Contribute to monitoring and reporting workflows that incorporate ARNG cyber operations data sources and tools, including USIEM, EDR, IDS/IPS, DLP analytics, Zeek metadata, and Sysmon-based monitoring where applicable.
• Produce operational metrics, status reporting, and technical recommendations for Government stakeholders to improve monitoring effectiveness, analytic coverage, and mission readiness.
• Maintain documentation, configuration records, and change-related artifacts in accordance with program standards for traceability, reproducibility, and auditability.
• Collaborate with ENOCS cyber operations personnel and external mission partners, as required, to support coordinated monitoring activities across classified and unclassified environments and alignment with NETCOM Global Cyber Center and DISA DCDC.

Required Skills

Required Qualifications
U.S. Citizenship is required

Security Clearance: Secret Eligible

Required Certifications: DCWF Work Role 212-Cyber Defense Forensics Analyst - Intermediate proficiency; must hold ONE OR MORE of the following: RCCE Level 1, CHFI

Experience: 7+ years of experience in cybersecurity

Education: Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering

• Experience sustaining and optimizing automated monitoring, data analytics, and reporting capabilities in a Security Operations Center environment.
• Experience administering or supporting cybersecurity data feeds, system integrations, dashboards, and analytic workflows used for continuous monitoring.
• Demonstrated ability to troubleshoot complex data ingestion, correlation, and performance issues affecting operational monitoring and reporting.
• Experience coordinating technical changes across multiple cyber operations stakeholders while maintaining documentation and configuration management discipline.
• Ability to develop and present operational metrics and technical recommendations to Government stakeholders to improve monitoring effectiveness and mission readiness.
• Experience supporting cybersecurity operations across classified and unclassified network environments.
• Familiarity with SIEM-centered monitoring architectures and security telemetry sources used to support enterprise-scale cyber operations.
• Ability to support continuous monitoring activities aligned to DCO-IDM objectives within a large, distributed DoD enterprise.

Desired Skills

Desired Qualifications
Security Clearance: Active Secret (preferred)

• Experience supporting ARNG, Army, or DoD cybersecurity operations for geographically dispersed environments spanning multiple states, territories, or operational sites.
• Experience working with USIEM analytics, EDR, IDS/IPS, DLP analytics, or comparable enterprise monitoring and detection capabilities.
• Familiarity with MITRE ATT&CK-based analytic development, tuning, or reporting in support of threat-informed defense.
• Experience coordinating cyber monitoring or reporting activities with organizations such as NETCOM, DISA, RCCs, or other Government cyber operations stakeholders.
• Experience supporting monitoring and analysis in environments that include both NIPRNet and SIPRNet or other classified and unclassified enclaves.

ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

Everforth ECS is the federal segment of Everforth , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.

Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.

We value:

• Attracting and developing top talent and high-performing teams
• Fostering a culture that is engaging, accountable, and mission-driven