Position Summary

ECS is seeking a Defensive Cyber Assessment Analyst - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This role supports Task 3 - Cybersecurity Operations Support by assisting with security control assessments, configuration reviews, vulnerability analysis, evidence collection, and documentation of findings under senior oversight. The analyst contributes to ENOCS deliverables across cybersecurity compliance, vulnerability management, and RMF support, helping validate remediation actions, update POA&Ms, and confirm that corrective measures are implemented in accordance with DoD and ARNG cybersecurity policy. The position works as part of the broader ENOCS cyber operations team that coordinates assessment, monitoring, incident support, and defensive cyberspace activities across the ARNG enterprise.

Please Note: This position is contingent upon contract award.

This role directly supports ARNG's mission to defend classified and unclassified network environments across the DoDIN-Army-NG area of responsibility serving more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories. ENOCS supports Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations, requiring disciplined assessment and validation of cybersecurity controls across enterprise environments. The analyst operates within a technical environment that includes eMASS-based RMF records management, vulnerability and compliance activities tied to ACAS and STIG Manager, and coordination points across the Security Operations Center, NETCOM Global Cyber Center, and DISA DCDC to help sustain ARNG cyber readiness and DCO-IDM effectiveness.

Responsibilities

• Conduct configuration reviews and assist with security control assessment activities for ARNG classified and unclassified network environments under senior analyst oversight.
• Analyze vulnerability scan results, identify control deficiencies, and document assessment findings to support Task 3 cybersecurity compliance and vulnerability management deliverables.
• Collect, organize, and maintain assessment evidence for RMF packages, security reviews, and follow-up validation activities in accordance with DoD and ARNG cybersecurity policy.
• Support POA&M maintenance by recording findings, tracking remediation actions, and updating status to reflect progress toward compliance closure.
• Perform follow-up validation testing to verify that corrective actions have been implemented and that previously identified findings are resolved.
• Assist with eMASS record updates and supporting artifacts to help maintain accurate authorization documentation and ongoing RMF compliance.
• Review vulnerability and compliance data associated with enterprise tools and processes such as ACAS and STIG Manager to support secure baseline validation and continuous compliance activities.
• Coordinate assessment documentation and findings with cybersecurity operations personnel supporting the SOC and related Task 3 teams to ensure visibility of issues affecting ARNG defensive cyber posture.
• Support cybersecurity assessment activities aligned with ARNG DCO-IDM operations conducted in coordination with the NETCOM Global Cyber Center and DISA DCDC.

Required Qualifications

U.S. Citizenship is required

Security Clearance: TS//SCI Eligible

Required Certifications: DCWF Work Role 541-Vulnerability Assessment Analyst - Basic proficiency; must hold ONE OR MORE of the following: CEH

Experience: 3+ years of experience in cybersecurity

• Experience conducting configuration reviews, vulnerability analysis, and evidence collection in support of security control assessments.
• Experience documenting findings and maintaining remediation records in support of POA&M tracking and closure verification.
• Experience supporting RMF activities, including preparation or maintenance of security compliance documentation and assessment artifacts.
• Ability to analyze scan results and translate technical findings into clear, actionable documentation for senior reviewers and stakeholders.
• Experience performing follow-up validation to confirm remediation actions were completed and findings were resolved.
• Familiarity with DoD and ARNG cybersecurity policy implementation in operational network environments.
• Experience supporting cybersecurity activities across enterprise environments with classified and unclassified enclaves.
• Ability to coordinate effectively with assessment, compliance, and operations personnel to support defensible audit trails and timely corrective action tracking.