Defensive Cyber Engineer (STIGs, POA&M, IAVMs) - Senior

Position Summary

ECS is seeking a Defensive Cyber Engineer (STIGs, POA&M, IAVMs) - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This role supports Task 3 — Cybersecurity Operations Support — by implementing and maintaining technical security controls that harden ARNG systems in accordance with STIGs, IAVMs, and DoD and ARNG cybersecurity policy. The engineer applies secure configuration baselines, validates remediation actions, tracks POA&M items to closure, and works closely with system owners, SOC personnel, and broader cybersecurity operations teams to strengthen continuous monitoring and risk mitigation across the DoDIN-A(NG) area of responsibility.

In this position, the candidate contributes directly to ENOCS’ mission to defend classified and unclassified ARNG network environments that support more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories. The role operates within a cybersecurity environment that includes 24x7x365 SOC operations, USIEM analytics, EDR, ACAS, eMASS, and coordination with the NETCOM Global Cyber Center and DISA DCDC. This work helps sustain ARNG Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and SIPRNet-enabled operations by ensuring systems remain compliant, hardened, and defensible against evolving threats.

Please Note: This position is contingent upon contract award.

Responsibilities

• Implement and maintain technical security controls to harden systems in accordance with STIGs, IAVMs, and DoD and ARNG cybersecurity policy.
• Apply approved configuration baselines, security patches, and system hardening measures to improve enterprise security posture across ARNG classified and unclassified environments.
• Conduct vulnerability assessments, analyze findings, and validate remediation actions to reduce risk and improve compliance.
• Track POA&M activities through resolution, ensuring deficiencies are documented, monitored, and progressed to closure in coordination with responsible stakeholders.
• Support Task 3 deliverables by contributing to secure baseline configuration, vulnerability management, and continuous compliance validation across the DoDIN-A(NG) area of responsibility.
• Coordinate with system owners, ISSM/ISSO personnel, and SOC teams to align remediation actions with continuous monitoring and operational risk mitigation efforts.
• Update and support cybersecurity compliance artifacts and related records in eMASS as security changes, remediation actions, and control status evolve.
• Work with SOC and monitoring teams that leverage USIEM, EDR, and IDS/IPS data to ensure hardening actions and corrective measures are informed by current threat and incident information.
• Coordinate, as required, with NETCOM Global Cyber Center and DISA DCDC-aligned operations to support defensive cyberspace operations and enterprise vulnerability response activities.