Position SummaryECS is seeking a Data Security Analyst - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This role supports Task 3 - Cybersecurity Operations Support - by implementing and managing enterprise data protection controls across ARNG classified and unclassified environments, conducting data discovery and classification activities, monitoring data flows and user activity for indicators of misuse or exfiltration, and supporting audit, remediation, and compliance actions. The Data Security Analyst works closely with SOC personnel, cybersecurity engineering teams, and system owners to strengthen Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) deliverables across the DoDIN-Army-NG area of responsibility.
This position contributes to a mission that delivers DoDIN services and cyber defense to approximately 120,000 users and 141,000 endpoints across about 2,800 sites in 54 states and territories, supporting Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. In this environment, the analyst helps protect sensitive and mission-critical data by supporting DLP and encryption activities, aligning with integrated SIEM/C2C/DLP analytics, and coordinating within a cybersecurity ecosystem that interfaces with the NETCOM Global Cyber Center, DISA DCDC, USIEM operations, and ARNG cyber defense teams.
Please Note: This position is contingent upon contract award.Responsibilities- Implement and administer enterprise data protection controls to safeguard sensitive and mission-critical information across ARNG environments.
- Perform data discovery, classification, and risk assessment activities to identify exposure, misuse, and data handling vulnerabilities.
- Monitor user activity and enterprise data flows for indicators of unauthorized access, misuse, or exfiltration, and document findings for follow-on action.
- Support Data Loss Prevention (DLP), encryption management, access governance, and audit review functions to improve ARNG data security posture.
- Investigate data-related security incidents, validate corrective actions, and coordinate remediation with SOC, cybersecurity engineering, and system teams.
- Contribute to Task 3 cybersecurity operations by helping defend classified and unclassified network environments within the DoDIN-Army-NG area of responsibility.
- Leverage integrated SIEM/C2C/DLP analytics and available enterprise data sources to improve visibility into data security events and support timely incident analysis.
- Coordinate with SOC analysts and other cybersecurity personnel to escalate data-related events through incident, problem, and change processes as required.
- Support compliance with DoD and ARNG data protection policies and assist with documentation and evidence needed for continuous monitoring and RMF-related activities.
Required QualificationsU.S. Citizenship is required
Security Clearance: Secret Eligible
Required Certifications: DCWF Work Role 511-Cyber Defense Analyst - Basic proficiency; must hold ONE OR MORE of the following: CC, CEH, GFACT, GISF
Experience: 3+ years of experience in cybersecurity
- Experience implementing or supporting enterprise data protection controls for sensitive information in regulated environments.
- Experience conducting data discovery, data classification, and data risk assessment activities.
- Experience monitoring user behavior and data movement to identify potential misuse, unauthorized disclosure, or exfiltration.
- Experience supporting DLP, encryption, access governance, and audit review processes.
- Experience documenting incident findings, validating remediation actions, and coordinating with SOC or cybersecurity operations teams.
- Ability to support cybersecurity operations across classified and unclassified environments and maintain accurate compliance-related records.
