SOC Security Engineering Technician - Journeyman

Position Summary

ECS is seeking a SOC Security Engineering Technician - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This position supports Task 3 — Cybersecurity Operations Support — by leading implementation, configuration, and sustainment of security engineering solutions that enable Security Operations Center (SOC) monitoring, detection, and response across ARNG enterprise environments. The role integrates with the broader ENOCS cyber team by coordinating with SOC analysts, CTIC, CDAP, and infrastructure stakeholders to maintain continuous monitoring, improve event correlation, and preserve monitoring coverage and alert fidelity in support of Defensive Cyberspace Operations – Internal Defensive Measures (DCO-IDM).

Please Note: This position is contingent upon contract award.

This role directly contributes to ARNG’s mission to defend classified and unclassified network environments supporting more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories. The SOC Security Engineering Technician - Journeyman helps sustain cybersecurity visibility and response across the DoDIN-Army-NG area of responsibility, including environments supporting Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. The position works within the program’s operational cyber ecosystem, supporting integrated security data and analytics through USIEM, endpoint and detection capabilities aligned with EDR operations, IDS/IPS tuning, log forwarding and telemetry pipelines, and RMF-aligned continuous monitoring in coordination with organizations including the NETCOM Global Cyber Center and DISA DCDC.

Responsibilities

• Lead implementation, configuration, and maintenance of security engineering capabilities that support SOC monitoring, detection, and response operations across ARNG enterprise environments.
• Integrate and sustain security tools, sensors, log forwarding mechanisms, and telemetry pipelines to improve monitoring coverage, event quality, and alert fidelity.
• Support continuous monitoring operations by validating data flow and correlation effectiveness within the ARNG cyber environment, including USIEM-integrated analytics and related detection engineering activities.
• Troubleshoot security engineering issues affecting visibility, sensor performance, log ingestion, and monitoring effectiveness across classified and unclassified enclaves.
• Perform system hardening support and validate configuration baselines to help maintain secure operational conditions aligned with DoD and ARNG cybersecurity policy.
• Document configuration changes, remediation actions, and engineering updates to support traceability, operational continuity, and RMF-related evidence requirements.
• Coordinate with SOC, CTIC, CDAP, and infrastructure teams to sustain enterprise monitoring capabilities and support threat detection, vulnerability management, and cyber defense operations.
• Support cybersecurity engineering activities performed in coordination with the NETCOM Global Cyber Center and DISA DCDC to maintain defensive coverage across the DoDIN-Army-NG area of responsibility.
• Assist with maintaining monitoring and response capabilities that support ARNG missions across 54 states and territories, including operational environments tied to Title 10, Title 32, and SIPRNet-supported activities.