ECS

Cybersecurity Analyst (CDAP) - Senior

ECS  •  Fairfax, VA (Onsite)  •  6 hours ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

ECS is seeking a Cybersecurity Analyst (CDAP) - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This position supports Task 3 — Cybersecurity Operations Support, contributing to a comprehensive and proactive cybersecurity program that defends ARNG classified and unclassified network environments and enables Defensive Cyberspace Operations – Internal Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility. The Cybersecurity Analyst (CDAP) performs monitoring and analysis of security telemetry within CDAP, conducts alert triage and log analysis, documents findings, supports remediation tracking, and assists with dashboard updates and detection tuning in coordination with SOC and defensive cyber personnel.

In this role, the analyst helps protect mission-critical enterprise services supporting more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories. The position operates within the ARNG cyber mission supporting Title 10 and Title 32 operations, mobilization readiness, domestic emergency response, and both classified SIPRNet and unclassified environments. The role aligns with ENOCS cybersecurity operations that leverage integrated SIEM/C2C/DLP analytics, USIEM data sources, MITRE ATT&CK-based analytics, and coordination with the NETCOM Global Cyber Center and DISA DCDC to strengthen continuous monitoring, threat detection, and ARNG cybersecurity policy compliance.

Please Note: This position is contingent upon contract award.

Responsibilities

  • Monitor and analyze CDAP security telemetry to identify potential threats, anomalous activity, and security misconfigurations affecting ARNG classified and unclassified network environments.
  • Perform alert triage, log review, and basic correlation using established analytic rules to support Task 3 cybersecurity operations and continuous monitoring objectives.
  • Document investigative findings, maintain clear records of observed conditions, and support remediation tracking in coordination with SOC and defensive cyber personnel.
  • Assist with dashboard updates to improve visibility into cyber conditions, incident trends, and operational status across the DoDIN-Army-NG area of responsibility.
  • Support detection tuning under senior oversight to improve the quality and relevance of cyber alerts and monitoring outputs within CDAP.
  • Contribute to monitoring activities that align with integrated SIEM/C2C/DLP analytics and USIEM-enabled visibility used to centralize threat detection and response.
  • Apply established analytic approaches that support MITRE ATT&CK-based detection and analysis methods used across ENOCS cybersecurity operations.
  • Coordinate with cybersecurity operations stakeholders supporting 24x7x365 monitoring, incident escalation, and defensive actions in concert with broader SOC processes.
  • Support cybersecurity activities performed in coordination with the NETCOM Global Cyber Center and DISA DCDC to help maintain ARNG cyber freedom of action and policy compliance.

Qualifications

Required Qualifications

U.S. Citizenship is required

Security Clearance: Secret Eligible

Required Certifications: DCWF Work Role 511-Cyber Defense Analyst — Basic proficiency; must hold ONE OR MORE of the following: CC, CEH, GFACT, GISF

Experience: 3+ years of experience in cybersecurity

  • Experience monitoring security events, alerts, and logs to identify suspicious activity, misconfigurations, or indicators requiring further analysis.
  • Experience documenting findings and maintaining remediation or follow-up actions with accuracy and attention to detail.
  • Familiarity with continuous monitoring activities supporting DoD and ARNG cybersecurity policy compliance.
  • Ability to support dashboard maintenance and reporting used to communicate cybersecurity status and trends.
  • Experience working with SOC or defensive cyber personnel in an operational cybersecurity environment.
  • Familiarity with security telemetry analysis and rule-based alert correlation.
  • Ability to support cybersecurity operations across both classified and unclassified environments.
  • Familiarity with MITRE ATT&CK-based analytic methods and SIEM-driven monitoring concepts referenced in the ENOCS environment.
ECS

About ECS

ECS is a fast-growing 4,000-person, $1.2B provider of advanced technology solutions for federal civilian, defense, intelligence, and commercial customers. We tackle complex client challenges with smart, scalable solutions in data and AI, cybersecurity, and digital transformation. Our collective work empowers customers’ missions, strengthens our partners, inspires our employees, and grows our company.

To achieve our purpose — to tackle the missions that matter most and create a lasting impact on our customers, employees, and community — we are committed to excellence in growth, customer delivery, technology innovation, and employee engagement.  

We believe in:

• Attracting, developing, and retaining top talent

• Building high-performing teams

• Creating an engaging employee environment

• Acting with social responsibility

• Having a positive impact on our community

Our core values: Excellence, Drive, Grit, and Community. We keep these values at the heart of all we do. We’re looking for driven individuals who want to solve meaningful challenges and help shape the future of national security and public service. If you’re ready to make a difference, you’ll find your team here.

Industry
IT & Software
Company Size
1,001-5,000 employees
Headquarters
Fairfax, VA
Year Founded
1993
Website
ecstech.com
Social Media