Position Summary

ECS is seeking a Cybersecurity Pen Tester Engineer - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This role supports Task 3 - Cybersecurity Operations Support by conducting penetration testing and adversarial assessments of networks, systems, applications, and enclaves to identify exploitable vulnerabilities across ARNG's DoDIN-Army-NG area of responsibility. The Cybersecurity Pen Tester Engineer works under senior oversight as part of the broader cybersecurity operations team, contributing to Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM), documenting technical findings with evidence, and supporting remediation validation and retesting activities that strengthen enterprise cyber defense.

Please Note: This position is contingent upon contract award.

This position directly supports a mission environment that delivers DoDIN services to more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories, including support to Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. The role operates within a cybersecurity ecosystem that includes coordination with the NETCOM Global Cyber Center and DISA DCDC, and interfaces with ARNG's continuous monitoring, vulnerability management, RMF, and security operations capabilities across classified and unclassified network environments.

Responsibilities

• Conduct penetration testing and adversarial assessments of ARNG networks, systems, applications, and enclaves to identify exploitable vulnerabilities and security weaknesses.
• Execute approved testing methodologies under senior oversight and collect technical evidence to support accurate, reproducible findings.
• Document assessment results in detailed technical reports that support RMF packages, continuous monitoring activities, and remediation tracking.
• Validate corrective actions through remediation testing and retesting to confirm identified vulnerabilities have been properly addressed.
• Support Task 3 Cybersecurity Operations Support objectives by contributing to proactive defense of classified and unclassified ARNG network environments within the DoDIN-Army-NG area of responsibility.
• Coordinate assessment activities and technical findings with cybersecurity operations stakeholders supporting DCO-IDM missions and broader cyber engineering, compliance, and vulnerability management efforts.
• Perform testing in environments that support ARNG enterprise operations for more than 120,000 users and approximately 141,000 endpoints across 2,800 sites in 54 states and territories.
• Contribute technical findings and supporting artifacts used by teams coordinating with the NETCOM Global Cyber Center and DISA DCDC for enterprise cybersecurity operations and response.
• Assess systems and enclaves supporting ARNG mission requirements, including classified SIPRNet operations and unclassified enterprise services, to help maintain operational readiness and reduce cyber risk.

Required Qualifications

U.S. Citizenship is required

Security Clearance: Secret Eligible

Required Certifications: DCWF Work Role 631-Information Systems Security Developer - Basic proficiency; must hold ONE OR MORE of the following: CC, CND, GISF, SSCP

Experience: 3+ years of experience in cybersecurity

• Experience conducting penetration testing or adversarial assessments of networks, systems, applications, or enclaves.
• Ability to document technical findings with clear supporting evidence and produce written assessment reports suitable for remediation and compliance tracking.
• Experience supporting remediation validation and retesting activities following vulnerability identification.
• Familiarity with Risk Management Framework (RMF) and continuous monitoring processes in a DoD or federal cybersecurity environment.
• Ability to support cybersecurity operations across classified and unclassified environments.
• Experience coordinating technical assessment results with cybersecurity engineers, analysts, or system owners to support vulnerability mitigation.