Defensive Cyber Engineer - Journeyman

Position Summary

ECS is seeking a Defensive Cyber Engineer - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. In this role, the candidate will serve within Task 3, Cybersecurity Operations Support, performing defensive cyber assessment activities that evaluate security control effectiveness, identify vulnerabilities and misconfigurations, and validate remediation across supported systems and enclaves. The position directly supports ENOCS delivery of Defensive Cyberspace Operations – Internal Defensive Measures (DCO-IDM) and works in coordination with ISSOs, ISSMs, engineers, and SOC personnel to document findings, support POA&M actions, and help drive issues to closure in alignment with RMF and continuous monitoring objectives.

 

Please Note: This position is contingent upon contract award.

 

This role supports ARNG’s mission to defend classified and unclassified network environments serving more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories. The Defensive Cyber Engineer - Journeyman contributes to cybersecurity operations that enable Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations across the DoDIN-Army-NG area of responsibility. The position operates within a technical environment that includes USIEM analytics, eMASS, ACAS, STIG Manager, endpoint and network security data sources, and coordination with organizations such as the NETCOM Global Cyber Center and DISA DCDC to maintain ARNG cybersecurity posture.

Responsibilities

• Perform security control assessments and validation activities to evaluate implementation and effectiveness of cybersecurity controls across supported ARNG systems, enclaves, and networked environments.
• Review system configurations, analyze vulnerability scan results, and identify misconfigurations, security gaps, and control weaknesses affecting overall cybersecurity posture.
• Conduct technical testing and collect assessment evidence to support RMF compliance, ongoing authorization activities, and continuous monitoring objectives.
• Document assessment findings with clear risk impact statements and actionable remediation recommendations for Government review and prioritization.
• Support development, update, and maintenance of POA&Ms for non-compliant controls, and verify completion of corrective actions through follow-up validation.
• Coordinate with ISSOs, ISSMs, engineers, and SOC personnel to ensure assessment findings are tracked to closure and aligned with DoD and ARNG cybersecurity policy.
• Support eMASS record updates by organizing and validating required assessment artifacts, security documentation, and evidence associated with control implementation and remediation status.
• Analyze assessment data from environments supported by ARNG cybersecurity operations, including inputs associated with ACAS, STIG Manager, and broader continuous compliance validation activities.
• Coordinate assessment and reporting activities with the broader Task 3 cybersecurity mission, which delivers 24/7/365 DCO-IDM support across ARNG classified and unclassified environments in coordination with the NETCOM Global Cyber Center and DISA DCDC.