SOC-Vulnerability Management AESS Technician - Junior

Position Summary

ECS is seeking a SOC-Vulnerability Management AESS Technician - Junior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program in Fairfax, VA. This position supports Task 3 — Cybersecurity Operations Support, which delivers Defensive Cyberspace Operations – Internal Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility. The role executes endpoint security scanning and compliance validation using AESS tools, verifies endpoint coverage and scan accuracy, analyzes vulnerability and compliance findings, documents results with supporting evidence, and coordinates remediation with system owners and endpoint administrators. This technician contributes directly to ENOCS cybersecurity operations by helping maintain secure, compliant endpoint posture and by supporting the broader SOC, vulnerability management, and RMF workflows used across the program.

 

Please Note: This position is contingent upon contract award.

 

In this role, the selected candidate will help protect ARNG classified and unclassified network environments that support more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories. The position supports mission systems and operations tied to Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. Within the ENOCS technical environment, the technician will support continuous monitoring and compliance activities aligned to AESS, USIEM-integrated cybersecurity operations, eMASS record maintenance, POA&M tracking, and ARNG requirements for STIG, IAVM, and RMF-based vulnerability management in coordination with the larger cyber operations enterprise.

Responsibilities

• Execute endpoint vulnerability scanning and compliance validation activities using AESS tools across supported ARNG enterprise environments.
• Verify endpoint coverage, scan configurations, and data integrity to ensure accurate vulnerability and compliance assessment results.
• Analyze scan findings to identify vulnerabilities, security misconfigurations, and compliance gaps affecting supported systems and endpoints.
• Document vulnerability assessment results with supporting evidence and maintain accurate records in vulnerability tracking systems and POA&Ms.
• Coordinate remediation actions with system owners, endpoint administrators, and other stakeholders to address identified security weaknesses and configuration issues.
• Perform follow-up validation to confirm corrective actions have been implemented and that residual risk status is accurately reflected.
• Support continuous monitoring activities aligned with STIGs, IAVMs, RMF requirements, and ARNG cybersecurity objectives for classified and unclassified enclaves.
• Contribute to Task 3 deliverables by supporting vulnerability management and secure baseline configuration efforts across the DoDIN-A(NG) environment.
• Interface with broader SOC and cybersecurity operations processes that integrate AESS endpoint security activities with USIEM-driven monitoring, analysis, and reporting.
• Support cybersecurity operations conducted in coordination with the NETCOM Global Cyber Center and DISA DCDC by providing accurate vulnerability data, evidence, and status updates for enterprise reporting and risk management.