Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.
Job Description
SOC CTIC
Technician•Junior at ECS Corporate Services
SOC CTIC
Technician•Junior at ECS Corporate Services in Fairfax, Virginia Posted in 6 days ago.
Job Description:
Position Summary ECS is seeking a
SOC CTIC
Technician•Junior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program in Fairfax, VA . This role supports Task 3•Cybersecurity Operations Support by analyzing threat intelligence feeds and operational security data to identify indicators, adversary tactics, and emerging risks that inform Security Operations Center (SOC) monitoring and analysis. The
SOC CTIC
Technician•Junior enriches indicators, supports correlation and detection content updates, produces intelligence summaries and reports, and coordinates with SOC analysts and CTIC leadership to document findings in support of continuous monitoring, incident analysis, and broader Defensive Cyberspace Operations•Internal Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility.
Please Note:
This position is contingent upon contract award. This position contributes to cyber defense for an enterprise that supports more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories, including support to both classified and unclassified network environments. The role operates within an ARNG mission context that includes Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations, while coordinating within the ENOCS cyber ecosystem that includes the
SOC, USIEM
analytics, EDR management, SIEM/C2C/DLP analytics, and collaboration with the NETCOM Global Cyber Center and
DISA DCDC
to help preserve cyber freedom of action for Army, ARNG, Joint, and Coalition forces. Responsibilities Analyze threat intelligence feeds and operational security data to identify indicators of compromise, adversary tactics, techniques, and procedures, and emerging cyber risks affecting ARNG network environments. Enrich indicators and operational findings to support SOC monitoring, triage, and threat-informed defensive actions under Task 3 Cybersecurity Operations Support. Assist with correlation and detection content updates that improve SOC visibility and support more effective monitoring and analysis across ARNG classified and unclassified environments. Produce intelligence summaries, reports, and documented findings for CTIC leadership and SOC stakeholders to support continuous monitoring and cybersecurity operations. Coordinate with SOC analysts, watch functions, and CTIC leadership to document findings, refine analysis, and support escalation into incident, problem, and change processes as needed. Support use of USIEM analytics and integrated
SIEM/C2C/DLP
data sources to help identify actionable patterns, strengthen centralized visibility, and improve detection outcomes. Contribute to MITRE ATT&CK-based analytical activities by helping align observed indicators and adversary behavior to established threat-informed detection approaches used by the
ENOCS SOC.
Collaborate with cybersecurity operations personnel supporting 24x7x365 SOC monitoring to provide intelligence context that improves incident analysis and defensive cyberspace operations. Help maintain reporting and documentation that support DoD and ARNG cybersecurity policy, compliance expectations, and continuous monitoring requirements within the ENOCS mission environment. Coordinate, as required, with broader cyber operations stakeholders supporting ARNG cybersecurity activities in conjunction with the NETCOM Global Cyber Center and
DISA DCDC.
Required Qualifications U.S. Citizenship is required
Security Clearance:
Secret Eligible Required Certifications:
DCWF Work Role 511-Cyber Defense Analyst•Basic proficiency; must hold
ONE OR MORE
of the following:
CC, CEH, GFACT, GISF
Experience:
3+ years of experience in cybersecurity Experience analyzing threat intelligence reporting, indicators, and operational security data to support cyber defense activities. Experience documenting findings through intelligence summaries, operational reports, or other written analytical products. Experience coordinating with SOC personnel, analysts, or cyber operations teams to support detection, monitoring, or incident analysis workflows. Familiarity with continuous monitoring practices in support of DoD or ARNG cybersecurity operations requirements. Ability to support indicator enrichment and contribute to detection or correlation content improvement efforts. Experience working with cybersecurity data used for analysis in classified and unclassified network environments. Ability to organize, track, and communicate findings clearly to technical leadership and operational stakeholders.
