SOC Security Engineering Technician - Junior

Job Description

Position Summary
ECS is seeking a SOC Security Engineering Technician - Junior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program in Fairfax, VA. In this role, the candidate supports Task 3 - Cybersecurity Operations Support by implementing, configuring, and maintaining security engineering solutions that enable SOC monitoring, detection, and response across ARNG enterprise environments. The position contributes directly to Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) by sustaining security tools, sensors, log forwarding, telemetry pipelines, configuration baselines, and remediation documentation, while coordinating with SOC, CTIC, CDAP, and infrastructure teams to preserve continuous monitoring and effective event correlation.

Please Note: This position is contingent upon contract award.

This role supports a mission environment delivering DoDIN services to more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories. The technician helps defend classified and unclassified ARNG network environments that support Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and SIPRNet operations. The position operates within the ENOCS cyber ecosystem that includes USIEM analytics, EDR, IDS/IPS, DLP, SIEM/C2C data integration, Zeek metadata, Sysmon-informed MITRE ATT&CK analytics, eMASS artifact support, and coordination with the NETCOM Global Cyber Center and DISA DCDC to maintain visibility, alert fidelity, and cyber readiness across the DoDIN-A(NG) area of responsibility.
Responsibilities

• Implement, configure, and maintain security engineering capabilities that support SOC monitoring, threat detection, and response operations across ARNG enterprise environments.
• Integrate and sustain security tools, sensors, log forwarding mechanisms, and telemetry pipelines to improve monitoring coverage, event visibility, and correlation accuracy.
• Support continuous monitoring operations by validating security configuration baselines, assisting with system hardening, and troubleshooting issues that affect sensor performance or alert fidelity.
• Document configuration changes, technical adjustments, and remediation actions to support auditability, operational traceability, and RMF-aligned cybersecurity activities.
• Coordinate with SOC, CTIC, CDAP, and infrastructure teams to maintain uninterrupted monitoring and support cybersecurity engineering deliverables within Task 3 - Cybersecurity Operations Support.
• Support integration and tuning activities associated with USIEM, EDR, IDS/IPS, DLP, and related telemetry sources used for centralized visibility and machine-speed response across ARNG environments.
• Assist with maintaining data quality and log flow from relevant sources such as network sensors, Zeek metadata, and Sysmon-enabled monitoring to strengthen event analysis and MITRE ATT&CK-based detections.
• Work in coordination with NETCOM Global Cyber Center and DISA DCDC support constructs to sustain cybersecurity visibility across classified and unclassified enclaves within the DoDIN-A(NG) area of responsibility.
• Contribute to cybersecurity policy and compliance objectives by supporting evidence collection, artifact maintenance, and remediation tracking associated with ARNG and DoD cybersecurity requirements.

Required Skills

Required Qualifications
U.S. Citizenship is required

Security Clearance: Secret Eligible

Required Certifications: DCWF Work Role 521-Cyber Defense Infrastructure Support Specialist - Basic proficiency; must hold ONE OR MORE of the following: CC, A+, CND, GCLD, GDSA, GFACT, Network+

Experience: 3+ years of experience in cybersecurity

• Experience implementing or sustaining security engineering solutions used for monitoring, detection, and response in enterprise environments.
• Experience supporting security tools, sensors, log forwarding, or telemetry collection mechanisms used to maintain continuous monitoring coverage.
• Experience troubleshooting configuration issues affecting visibility, event correlation, or alert fidelity.
• Experience documenting configuration changes, remediation actions, and technical support activities in an operational cybersecurity environment.
• Experience working with cross-functional teams such as SOC, infrastructure, compliance, or engineering organizations to resolve monitoring and security tooling issues.
• Familiarity with RMF-related operational support activities, including maintenance of security documentation or remediation artifacts.
• Familiarity with classified and unclassified network security operations in DoD or similarly regulated enterprise environments.

Desired Skills

Desired Qualifications
Security Clearance: Active Secret (preferred)

• Experience supporting SIEM-centric operations using data feeds from EDR, IDS/IPS, DLP, or related enterprise security monitoring platforms.
• Experience working with USIEM-related analytics, log integration, or event correlation support in a SOC environment.
• Familiarity with Zeek metadata, Sysmon-based monitoring, or MITRE ATT&CK-informed detection support activities.
• Experience supporting eMASS artifact maintenance, POA&M-related remediation tracking, or continuous monitoring evidence collection.
• Experience supporting Army, ARNG, or other DoD cybersecurity operations involving coordination with NETCOM, DISA, RCCs, or similar operational stakeholders.

ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

Everforth ECS is the federal segment of Everforth , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.

Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.

We value:

• Attracting and developing top talent and high-performing teams
• Fostering a culture that is engaging, accountable, and mission-driven