Position Summary

ECS is seeking an Enterprise Information System Security Manager (ISSM) - SME to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. Supporting Task 3 - Cybersecurity Operations Support, this role leads implementation and validation of technical security controls that harden systems in accordance with STIGs, IAVMs, RMF requirements, and DoD and ARNG cybersecurity policy. The Enterprise Information System Security Manager (ISSM) - SME establishes secure configuration baselines, directs vulnerability remediation prioritization, oversees POA&M management activities, and conducts advanced log analysis to validate control effectiveness and strengthen the ARNG defensive posture. This position works closely with cybersecurity operations, compliance, RMF, SOC, and engineering personnel across the ENOCS task area to support 24x7x365 Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM).

This role directly supports ARNG's mission to deliver and defend DoDIN services for more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories, including Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified and unclassified operations. The ISSM - SME contributes to the protection of both NIPRNet and SIPRNet environments by helping maintain secure baselines, integrating updates into eMASS, and supporting continuous monitoring across the ENOCS cybersecurity ecosystem. In coordination with the NETCOM Global Cyber Center, DISA DCDC, RCCs, and SOC operations leveraging USIEM, EDR, IDS/IPS, ACAS, and STIG Manager, this role helps ensure ARNG forces retain cyber freedom of action while denying the same to adversaries.

Please Note: This position is contingent upon contract award.

Responsibilities

• Lead implementation and validation of technical security controls to harden systems in accordance with STIGs, IAVMs, RMF requirements, and DoD and ARNG cybersecurity policy.
• Establish and maintain secure configuration baselines, including baseline updates tied to approved changes, continuous compliance validation, and risk posture assessment.
• Direct vulnerability remediation prioritization and oversee POA&M management activities to drive timely risk reduction across classified and unclassified ARNG network environments.
• Conduct advanced log analysis to validate control effectiveness, identify security gaps, and provide technical recommendations that improve continuous monitoring outcomes.
• Provide technical guidance to engineers, administrators, and cybersecurity personnel on secure configurations, remediation actions, and defensive measures that strengthen enterprise cyber posture.
• Support eMASS update and integration activities by ensuring required artifacts, compliance evidence, and risk documentation are aligned to RMF processes and ongoing authorization needs.
• Coordinate with SOC and monitoring teams using USIEM, EDR, IDS/IPS, and related analytics to assess security events, verify defensive control performance, and inform corrective actions.
• Contribute to enterprise vulnerability management activities that include scanning, patching, mitigation, and compliance monitoring across approximately 141,000 endpoints and supporting infrastructure.
• Interface with coordinating organizations including the NETCOM Global Cyber Center, DISA DCDC, RCCs, and other ENOCS cybersecurity stakeholders to align remediation, reporting, and defensive cyber activities.
• Support DCO-IDM objectives for the DoDIN-Army-NG area of responsibility by validating hardening measures and sustaining secure operations across NIPRNet and SIPRNet enclaves.

Required Qualifications

U.S. Citizenship is required

Security Clearance: Secret Eligible

Required Certifications: DCWF Work Role 521-Cyber Defense Infrastructure Support Specialist - Intermediate proficiency; must hold ONE OR MORE of the following: GMON, GRID, CEH, Cloud+, CySA+, GSEC, PenTest+, Security+, SSCP

Experience: 7+ years of experience in cybersecurity

Education: Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering

• Experience implementing and validating security controls aligned to STIGs, IAVMs, RMF requirements, and DoD cybersecurity policy.
• Experience establishing technical configuration baselines and driving remediation actions to reduce enterprise security risk.
• Experience managing or overseeing POA&M activities, including documenting findings, tracking corrective actions, and supporting timely closure.
• Experience performing log analysis to validate control effectiveness and identify indicators of non-compliance or heightened risk.
• Experience supporting continuous monitoring and compliance activities in coordination with cybersecurity operations and engineering teams.
• Experience supporting eMASS artifact updates, compliance documentation, or related RMF evidence management activities.
• Ability to provide technical guidance to engineers and administrators on secure hardening, vulnerability mitigation, and defensive cyber best practices.