Defensive Cyber Engineer - Journeyman

ECS is seeking a Defensive Cyber Engineer - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. In this role, the candidate will serve within Task 3, Cybersecurity Operations Support, performing defensive cyber assessment activities that evaluate security control effectiveness, identify vulnerabilities and misconfigurations, and validate remediation across supported systems and enclaves. The position directly supports ENOCS delivery of Defensive Cyberspace Operations – Internal Defensive Measures (DCO-IDM) and works in coordination with ISSOs, ISSMs, engineers, and SOC personnel to document findings, support POA&M actions, and help drive issues to closure in alignment with RMF and continuous monitoring objectives. Please Note: This position is contingent upon contract award. This role supports ARNG’s mission to defend classified and unclassified network environments serving more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories. The Defensive Cyber Engineer - Journeyman contributes to cybersecurity operations that enable Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations across the DoDIN-Army-NG area of responsibility. The position operates within a technical environment that includes USIEM analytics, eMASS, ACAS, STIG Manager, endpoint and network security data sources, and coordination with organizations such as the NETCOM Global Cyber Center and DISA DCDC to maintain ARNG cybersecurity posture. Responsibilities Perform security control assessments and validation activities to evaluate implementation and effectiveness of cybersecurity controls across supported ARNG systems, enclaves, and networked environments. Review system configurations, analyze vulnerability scan results, and identify misconfigurations, security gaps, and control weaknesses affecting overall cybersecurity posture. Conduct technical testing and collect assessment evidence to support RMF compliance, ongoing authorization activities, and continuous monitoring objectives. Document assessment findings with clear risk impact statements and actionable remediation recommendations for Government review and prioritization. Support development, update, and maintenance of POA&Ms for non-compliant controls, and verify completion of corrective actions through follow-up validation. Coordinate with ISSOs, ISSMs, engineers, and SOC personnel to ensure assessment findings are tracked to closure and aligned with DoD and ARNG cybersecurity policy. Support eMASS record updates by organizing and validating required assessment artifacts, security documentation, and evidence associated with control implementation and remediation status. Analyze assessment data from environments supported by ARNG cybersecurity operations, including inputs associated with ACAS, STIG Manager, and broader continuous compliance validation activities. Coordinate assessment and reporting activities with the broader Task 3 cybersecurity mission, which delivers 24/7/365 DCO-IDM support across ARNG classified and unclassified environments in coordination with the NETCOM Global Cyber Center and DISA DCDC. Required Qualifications U.S. Citizenship is required Security Clearance: Secret Eligible Required Certifications: DCWF Work Role 541-Vulnerability Assessment Analyst — Intermediate proficiency; must hold ONE OR MORE of the following: CEH(P), RCCE Level 1, Cloud+, CPTE, FITSP-A, GCED, GCIH, GCSA, GICSP, GSEC, PenTest+, Security+, Experience: 7+ years of experience in cybersecurity Education: Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering Demonstrated ability to perform security control assessments, technical validation, and evidence collection to assess control effectiveness and overall system cybersecurity posture. Experience analyzing vulnerability data, configuration baselines, and scan results to identify weaknesses, misconfigurations, and remediation priorities. Experience documenting findings, risk impacts, and recommended corrective actions in a clear, audit-ready manner suitable for Government review. Ability to support POA&M development, update activities, and follow‑up validation of remediation actions through closure. Experience working with RMF processes and continuous monitoring activities in support of DoD cybersecurity compliance objectives. Ability to coordinate effectively with ISSOs, ISSMs, engineers, and SOC personnel across multiple stakeholders and operational teams. Experience supporting cybersecurity assessment activities in large, distributed enterprise environments with classified and unclassified enclaves. Ability to support cybersecurity operations for geographically dispersed users, endpoints, and sites across the ARNG enterprise. Desired Qualifications Security Clearance: Active Secret (preferred) Experience supporting Army, ARNG, or other DoD cybersecurity operations within RMF‑driven enterprise environments. Experience using eMASS to support artifact management, security documentation, and assessment tracking. Familiarity with ACAS and STIG Manager in support of vulnerability assessment, compliance validation, and remediation verification. Experience assessing cybersecurity posture in environments that include both NIPRNet and SIPRNet or other classified and unclassified enclaves. Familiarity with USIEM‑supported operational environments and coordination with enterprise cyber organizations such as NETCOM Global Cyber Center or DISA DCDC. ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law. #J-18808-Ljbffr RadNet