ECS

Operational Technology Cybersecurity Analyst - Journeyman

ECS$85K — $110K *
Fairfax, VA 22030In-Person
Aerospace & Defense
Less than 5 years of experience
Today
Be an Early Applicant
Job Overview by Ladders

Qualifications

  • U.S. Citizenship required.
  • Secret clearance eligibility.
  • At least 3 years of cybersecurity experience.
  • Bachelor's degree in a relevant field such as Computer Science or Cybersecurity.
  • Intermediate-level certifications in Control Systems Security.
  • Experience in Operational Technology, Industrial Control Systems, or Defense Critical Infrastructure monitoring.
  • Familiarity with Risk Management Framework (RMF) principles.

Responsibilities

  • Monitor security telemetry from OT, ICS, and DCI environments for anomalous activity.
  • Review network traffic and logs to identify security threats considering operational safety.
  • Document findings regarding cybersecurity impacts and risks, assisting in follow-up reporting.
  • Coordinate investigations and responses to cybersecurity events with various stakeholders.
  • Contribute to continuous monitoring and defensive operations across Army National Guard environments.
  • Align reporting activities with ARNG cybersecurity policies and compliance goals.
  • Assist in integrating OT/DCI events with wider enterprise cybersecurity data for improved visibility.

Benefits

  • Dynamic work environment with a focus on cybersecurity for the U.S. Army.
  • Opportunity to support critical national defense operations.
  • Engagement with a diverse range of stakeholders in cybersecurity.
  • Contribution to significant projects with real-world impact on national security.
Full Job Description
Position Summary

ECS is seeking an Operational Technology Cybersecurity Analyst - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. In this role, the candidate supports Task 3 - Cybersecurity Operations Support by monitoring and analyzing security telemetry across Operational Technology (OT), Industrial Control System (ICS), and Defense Critical Infrastructure (DCI) environments; identifying anomalous activity, policy violations, and indicators of compromise; and coordinating response actions with SOC/CIRT personnel, OT engineers, and facility stakeholders. The position contributes directly to ENOCS delivery of Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility and helps maintain continuous cyber defense operations in coordination with the broader cybersecurity operations team.

Please Note: This position is contingent upon contract award.

This role supports ARNG's mission to provide secure enterprise services for more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories, including support to Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified and unclassified network environments. The analyst operates within the ENOCS cybersecurity ecosystem that coordinates with NETCOM, the Global Cyber Center, DISA DCDC, RCCs, and USIEM-enabled monitoring activities, and helps extend enterprise detection and reporting practices into OT/DCI environments where operational continuity, safety, and availability are mission critical. The role aligns monitoring and reporting activities with RMF, continuous monitoring objectives, and ARNG cybersecurity policy while supporting a future-state environment in which OT visibility is integrated with enterprise cyber defense capabilities.

Responsibilities

  • Monitor and analyze security telemetry from OT, ICS, and DCI environments to detect anomalous activity, policy violations, misconfigurations, and indicators of compromise affecting control system networks.
  • Review OT network traffic, system logs, and sensor outputs to identify threats while accounting for operational safety, system availability, and mission continuity requirements.
  • Document cybersecurity findings, operational impacts, and risk implications, and support mitigation tracking, remediation validation, and follow-up reporting.
  • Coordinate with SOC Tier 2, Cyber Incident Response Team (CIRT), OT engineers, and facility stakeholders to investigate, contain, and communicate cybersecurity events in operational environments.
  • Support Task 3 cybersecurity operations objectives by contributing to continuous monitoring, threat detection, vulnerability management, and Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) activities across the DoDIN-Army-NG area of responsibility.
  • Align OT monitoring and reporting activities with DoD and ARNG cybersecurity policy, RMF requirements, eMASS-related evidence needs, and continuous compliance objectives.
  • Assist in correlating OT/DCI events with broader enterprise cybersecurity data to improve visibility and support coordinated analysis across classified and unclassified network environments.
  • Coordinate, as required, with NETCOM, RCCs, and other ENOCS cybersecurity stakeholders to support incident reporting, defensive actions, and operational awareness for OT and DCI environments.
  • Contribute to the evolving ARNG cyber defense architecture by helping apply USIEM-supported detection and monitoring concepts to OT environments consistent with ENOCS Task 3 DCI/OT objectives.


Required Qualifications

U.S. Citizenship is required

Security Clearance: Secret Eligible

Required Certifications: DCWF Work Role 462-Control Systems Security Specialist - Intermediate proficiency; must hold ONE OR MORE of the following: DAF 462 (Intermediate) (ICS), or, DAF 462 (Intermediate) (CS3-300)

Experience: 3+ years of experience in cybersecurity

Education: Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering
  • Experience monitoring and analyzing security events in Operational Technology, Industrial Control System, or Defense Critical Infrastructure environments.
  • Experience reviewing network traffic, logs, and security telemetry to identify anomalous behavior, threats, or policy violations.
  • Ability to document findings, assess risk impacts, and support remediation validation in mission-critical operational environments.
  • Experience coordinating cybersecurity investigations with incident response personnel, engineers, and operational stakeholders.
  • Working knowledge of Risk Management Framework (RMF) and continuous monitoring practices in DoD or federal cybersecurity environments.
  • Ability to support cybersecurity operations affecting both classified and unclassified network environments while maintaining operational continuity.

About ECS

ECS is a leading provider of digital solutions and services to the federal government. The company was founded in 2001 by Roy Kapani and has since grown to become a trusted partner to a wide range of government agencies. ECS offers a broad range of services, including cloud computing, cybersecurity, and artificial intelligence. The company has been recognized for its innovative solutions and has won numerous awards, including the AWS Public Sector Partner of the Year award.
Learn more about ECS
Size
2,000 employees
Industry
Information Technology
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at ECS

More Aerospace & Defense Jobs

Find similar Operational Technology Cybersecurity Analyst - Journeyman jobs:

NationwideFairfax, VA