SOC DMA Technician - Senior

Position Summary

ECS is seeking a SOC DMA Technician - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This position supports Task 3 — Cybersecurity Operations Support by leading sustainment and optimization of automated monitoring, data analytics, and reporting capabilities that enable SOC situational awareness and continuous monitoring across Defensive Cyberspace Operations – Internal Defensive Measures (DCO-IDM). The role works across the SOC, CDAP, and security engineering functions to maintain reliable data feeds, dashboards, integrations, and analytic workflows; troubleshoot complex ingestion and performance issues; and provide operational metrics and recommendations that improve monitoring effectiveness and mission readiness.

In this role, the selected candidate will help defend ARNG classified and unclassified network environments that support more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories. The position operates within the ENOCS cyber operations environment that includes Unified Security Information & Event Management (USIEM), Endpoint Detection and Response (EDR), IDS/IPS, DLP analytics, and supporting data sources such as Zeek metadata and Sysmon-aligned ATT&CK monitoring. This work directly supports ARNG Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and coordination with NETCOM Global Cyber Center and DISA DCDC to maintain cyber freedom of action across the DoDIN-Army-NG area of responsibility.

Please Note: This position is contingent upon contract award.

Responsibilities

• Lead sustainment and optimization of automated monitoring, data analytics, dashboards, and reporting workflows that support SOC situational awareness and continuous monitoring across Task 3.
• Oversee the configuration, health, and performance of cybersecurity data feeds, integrations, and analytic pipelines to improve data integrity, timeliness, and reporting accuracy.
• Troubleshoot complex ingestion, correlation, and performance issues affecting SOC monitoring and digital media analysis support capabilities.
• Coordinate implementation of monitoring and reporting changes with SOC, CDAP, and security engineering teams to maintain operational continuity and configuration control.
• Support the effectiveness of USIEM analytics by validating enabling data sources, improving feed quality, and helping refine MITRE ATT&CK-based analytic outputs used for threat-informed defense.
• Contribute to monitoring and reporting workflows that incorporate ARNG cyber operations data sources and tools, including USIEM, EDR, IDS/IPS, DLP analytics, Zeek metadata, and Sysmon-based monitoring where applicable.
• Produce operational metrics, status reporting, and technical recommendations for Government stakeholders to improve monitoring effectiveness, analytic coverage, and mission readiness.
• Maintain documentation, configuration records, and change-related artifacts in accordance with program standards for traceability, reproducibility, and auditability.
• Collaborate with ENOCS cyber operations personnel and external mission partners, as required, to support coordinated monitoring activities across classified and unclassified environments and alignment with NETCOM Global Cyber Center and DISA DCDC.