Analytic Developer/Insider Threat Analyst - Journeyman
ECS
Position Summary ECS is seeking an Analytic Developer/Insider Threat Analyst – Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. The candidate will develop, implement, and refine analytic rules and detection logic used to identify anomalous user behavior, insider threat indicators, and other high‑risk activity across ARNG enterprise environments. The position contributes directly to Defensive Cyberspace Operations – Internal Defensive Measures (DCO‑IDM) by correlating security and user activity data, triaging alerts, documenting findings, and coordinating with SOC, CIRT, cyber intelligence, defensive cyber, and security engineering teams to strengthen enterprise detection and response. This role operates within a mission environment that delivers DoDIN services and cyber defense for more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories. ENOCS supports both Title 10 and Title 32 missions, including mobilization readiness, domestic emergency response, and classified as well as unclassified operations across ARNG network environments. Responsibilities Develop, implement, and tune analytic rules and detection content to identify anomalous user activity, insider threat behaviors, and high‑risk patterns across ARNG enterprise environments. Correlate data from multiple security and user activity sources to support alert triage, investigative analysis, and evidence‑based findings. Perform in‑depth analysis of alerts and suspicious activity, document investigative results, and maintain supporting artifacts for case development and reporting. Support Task 3 Cybersecurity Operations Support deliverables by contributing analytic content and investigative outputs used in 24x7x365 monitoring, threat detection, and DCO‑IDM activities across the DoDIN‑A(NG) area of responsibility. Coordinate with SOC and CIRT personnel to validate analytic findings, elevate actionable incidents, and improve detection logic based on operational feedback and post‑incident analysis. Build and refine MITRE ATT&CK‑based analytics and support correlation activities aligned with USIEM detection engineering and broader ARNG monitoring and analysis objectives. Leverage integrated SIEM/C2C/DLP analytics and available enterprise data sources to improve centralized visibility and machine‑speed response for insider threat and anomalous behavior detection. Coordinate with cyber intelligence, defensive cyber, and security engineering teams to align analytic development with threat‑informed defense priorities and evolving enterprise risk. Ensure analytic activities, reporting, and evidence handling align with DoD and ARNG cybersecurity policy, insider threat program requirements, RMF controls, and continuous monitoring objectives. Support coordination and information sharing with Task 3 stakeholders and operational partners, including alignment with cybersecurity operations performed in conjunction with the NETCOM Global Cyber Center and DISA DCDC. Required Qualifications U.S. Citizenship is required. Security Clearance: Secret Eligible. Required Certifications: DCWF Work Role 462‑Control Systems Security Specialist – Intermediate proficiency; must hold ONE OR MORE of the following: DAF 462 (Intermediate) (ICS) or DAF 462 (Intermediate) (CS3‑300). Experience: 3+ years in cybersecurity. Education: Bachelor’s degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering. Experience developing or tuning analytic rules, detection logic, or behavioral indicators for cybersecurity monitoring or insider threat use cases. Experience correlating data from multiple security or user activity sources to support triage, investigative analysis, and reporting. Ability to document investigative findings clearly, including supporting evidence, case notes, and escalation details. Experience coordinating with security operations, incident response, or defensive cyber teams to validate findings and improve analytic content. Working knowledge of continuous monitoring objectives and security activities aligned to RMF‑supported environments. Familiarity with MITRE ATT&CK‑based analytic development or threat‑informed detection approaches. Experience supporting enterprise cybersecurity operations in classified, unclassified, or mixed‑enclave environments. Ability to contribute to analysis and reporting supporting large‑scale enterprise environments with distributed users, endpoints, and sites. Desired Qualifications Security Clearance: Active Secret (preferred). Experience supporting ARNG, Army, or other DoD cybersecurity operations programs. Familiarity with USIEM, EDR, or integrated SIEM/C2C/DLP analytic environments used for centralized monitoring and detection. Experience using Sysmon‑informed telemetry, baseline and trend analysis, or other enriched data feeds to improve analytic fidelity. Experience coordinating with SOC, CIRT, CTI, or defensive cyber teams in a 24x7x365 operational monitoring environment. Familiarity with cybersecurity operations supporting both classified and unclassified network environments, including SIPRNet‑related mission support contexts. ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis of any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law. #J-18808-Ljbffr ECS
- ECS is looking for an Analytic Developer/Insider Threat Analyst - Journeyman to enhance Army National Guard cybersecurity operations. The successful candidate will develop and refine detection logic to identify high-risk user behaviors and assist in operational decisions...Journeyman
- ECS is seeking a Cybersecurity Analyst (CDAP) - Journeyman to support the Army National Guard's cybersecurity program. The role involves developing analytic rules to detect insider threats and coordinating with multiple security teams for incident response and analysis....Journeyman
- Dawson is seeking an Insider Threat Analyst for a position at Fort Belvoir, Virginia. This role involves providing support to a government agency by identifying and analyzing insider threat activities. Candidates must have a TS/SCI clearance and five years of experience...Suggested
- Dawsonohana is seeking an Insider Threat Analyst to provide support at Fort Belvoir, Virginia. The role requires a TS/SCI clearance and involves identifying indicators of insider threat events while using various tools for analysis. Candidates must have five years of experience...Suggested
- ECS is seeking a Cybersecurity Threat Analyst - Journeyman based in Fairfax, Virginia. This position involves supporting the ARNG’s cybersecurity operations by analyzing emerging threats and correlating security data. The successful candidate will work closely with SOC...Journeyman
- ...Full Time Alexandria, VA, US Insider Threat Analyst Position : Insider Threat Analyst Location : Onsite (Mark Center) Clearance : Top Secret... ..., information, and personnel security planning as the team develops the lifecycle concept, capability, policy, procedures governing...Full timeTemporary workFor contractors
- ...identity theft coverage; pet insurance, and more. SUMMARY Provide Insider Threat support to a government agency at Fort Belvoir VA. DUTIES... ...(have taken or within 6 months of hire) Insider Threat Analyst Course (have taken or within 6 months of hire) Certified Counter...For contractorsFlexible hours
$82.55k - $149.23k
Via Logic LLC is seeking a Hunt Analyst to support the Department of Homeland Security's Insider Threat Program within the Cybersecurity and Infrastructure Security... ...involves analyzing insider threat data, providing analytical support, and coordinating responses to UAM...$107.9k - $195.05k
eidos has a current job opportunity for an Insider Threat/UAM (User Activity Monitoring) Analyst at the Mark Center in Alexandria, VA. POSITION SUMMARY This... ...the ability to create complex technical reports on analytic findings. Demonstrated experience with the Windows...For contractors$107.9k - $195.05k
Via Logic LLC is seeking an Insider Threat/UAM Analyst for a role at the Mark Center in Alexandria, VA. The successful candidate will analyze UAM alerts, document findings, and create countermeasures to enhance cybersecurity measures. The role requires a Top Secret/SCI...- LAUKOA in Arlington, Virginia, is seeking a candidate for the Insider Threat support role to assist a government agency at Fort Belvoir. This position requires substantial experience and a focus on risk assessment and threat analysis. The ideal candidate will possess a...
- Dawsonohana is seeking an experienced Insider Threat Analyst to support a government agency at Fort Belvoir, Virginia. The role involves analyzing indicators of insider threats, utilizing various security tools, and conducting briefings. Candidates must have at least five...
- Description Overview of the Role: We are seeking a Principal Insider Threat Analyst to take a leading role in maturing our Insider Threat Program. We're looking for a candidate who combines deep technical skills (expertise in detections, hunts, and investigations) with...
- Dawson is recruiting for a position to provide Insider Threat support to a government agency at Fort Belvoir, Virginia. The successful candidate will need to analyze network traffic and produce recommendations based on insider threat indicators. Candidates must possess...
- Dawson is seeking an Insider Threat Analyst to provide support to a government agency in Fort Belvoir, VA. This role requires identifying and reporting insider threat events and analyzing indicators of potential risks. The ideal candidate must possess strong briefing skills...
- MIRLOGIC SOLUTIONS CORPORATION is seeking an Insider Threat Analyst based in Alexandria, VA. This full-time role involves integrating security... ..., and 401K. Candidates should also demonstrate strong analytical and communication skills. #J-18808-Ljbffr MirLogic Solutions...Full time
$82.55k - $149.23k
...Sector at Leidos has an opening for a Hunt Analyst supporting the HEITS Contract as part... ...Department of Homeland Security (DHS) Insider Threat Program (ITP) for the Cybersecurity and... ...of the ITP, utilizing advanced analytics, monitoring, and data correlation to identify...Contract work- ECS in Fairfax, Virginia, is seeking a Data Application Analyst - Journeyman to support the Army National Guard's mission-critical IT infrastructure... ...and cybersecurity operations. The selected candidate will develop enterprise data applications and implement secure coding...JourneymanFull time
$120k - $160k
Saic is hiring a Data Analyst - GEOINT Technical SME in Newington, VA. This role focuses on applying technical and analytical skills to enhance organizational efficiency and support insider threat programs. Candidates should have strong data analysis and visualization...$62k - $141k
Phase2 Technology is seeking a CBRN Analyst in Arlington, Virginia. This role involves utilizing analytical skills to support CBRN threat prediction and operational planning for the Air Force. Your insights will enhance national security and readiness. The ideal candidate...- ECS is seeking a Business Analyst - Journeyman to support the Army National Guard ENOCS program in Virginia. You will analyze mission workflows and operational processes, ensuring alignment with government needs and documenting functional requirements. The ideal candidate...Journeyman
- Overview ECS is seeking a Data Application Analyst - Journeyman to support the Army National Guard's... ...upon contract award. Responsibilities Develop and maintain enterprise data... ...reporting, integration, and operational analytics. Implement secure coding practices to...JourneymanContract workLocal area
- ECS is seeking a Database Analyst / Developer - Journeyman to support the Army National Guard (ARNG) ENOCS program. In this position, you will develop and optimize database solutions critical to enterprise applications, ensuring data integrity and performance. Collaboration...Journeyman
- ...compensation and benefits package. PMO Analyst Candidate must have a TS/SCI w/ Poly For... ...development methodologies Engage in defining, developing and keeping current engineering (SDLC)... ...years of experience Full Performance / Journeyman High School Diploma + 8 years of...JourneymanFlexible hours
- Position: Threat Intelligence & Data Analyst, Mission Assurance (USSF) | The Watchtower Location: Alexandria... .... The bottom line: You are an analytical problem-solver who thrives on turning... ...written intelligence products, developing briefings for leadership, and monitoring...
- Infinity Labs LLC in Arlington, Virginia, is looking for a Threat Intelligence & Data Analyst to support U.S. Space Force Mission Assurance. In this role, you will aggregate and analyze threat intelligence to identify risks to space systems and infrastructure. The ideal...
$103.54k - $147.92k
...(in days) to receive an alert: Vulnerability Management Analyst (Structured Threat Analyst 3) ADVANA Location: Fairfax, VA, Virginia, United... ...data fabric, and support AI/ML applications for predictive analytics, targeting, and mission planning. This position is contingent...Full timeContract workFor contractorsWork at officeLocal areaRemote workWorldwide- ...Summary ECS is seeking a Cybersecurity Threat Analyst - Journeyman to support the Army National Guard (... ...defense capabilities such as USIEM analytics, EDR, IDS/IPS event monitoring, DLP analytics... ..., and defensive cyber teams. Develop findings, recommendations, and...JourneymanContract workLocal area
- ...SIPRNet operations. Position Summary ECS is seeking a Business Analyst - Journeyman to support the Army National Guard ENOCS program by... ...stakeholder interviews to gather and validate requirements. Develop use cases and data mapping to support system integration efforts...JourneymanContract workLocal area
$138k - $155k
Information Security Analyst (Mid-Level / Journeyman) Position Title: Information Security Analyst (Mid-Level... ...role in identifying and mitigating threats to the ARNG's DoDIN-A(NG) network... ...maintain compliance documentation in eMASS Develop and maintain POA&Ms for non‑compliant...JourneymanFull timeContract work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Analytic Developer/Insider Threat Analyst - Journeyman. Be the first to apply!

