What are the responsibilities and job description for the Network Security Engineer (CDAP) - Senior position at Electronic Consulting Services, Inc (ECS Federal)?
Job Description
Position Summary
ECS is seeking a Network Security Engineer (CDAP) - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. In this role, the engineer supports Task 3 - Cybersecurity Operations Support by designing, implementing, and optimizing network security monitoring and analytic capabilities within the Cybersecurity Data Analytics Platform (CDAP). The position contributes directly to Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility by engineering data ingestion from network sensors and boundary devices, improving detection logic, and coordinating with SOC, CTIC, defensive cyber, and infrastructure teams to strengthen ARNG network defense operations.
This role operates in a mission environment that delivers DoDIN services and cyber defense for more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories, supporting Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified and unclassified operations. The Network Security Engineer (CDAP) - Senior helps improve visibility and response across environments that include USIEM analytics, EDR, IDS/IPS, firewall technologies, cross domain services, and SIPRNet and NIPRNet-connected operations, while coordinating with organizations such as the NETCOM Global Cyber Center and DISA DCDC to advance continuous monitoring, threat-informed defense, and RMF-aligned cybersecurity outcomes.
Please Note: This position is contingent upon contract award.
Responsibilities
Required Skills
Required Qualifications
U.S. Citizenship is required
Security Clearance: TS//SCI Eligible
Required Certifications: DCWF Work Role 441-Network Operations Specialist - Intermediate proficiency; must hold ONE OR MORE of the following: CND, GFACT, GSEC, Security
Experience: 7 years of experience in cybersecurity
Education: Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering
Desired Skills
Desired Qualifications
Security Clearance: Active TS//SCI (preferred)
Everforth ECS is the federal segment of Everforth , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
Position Summary
ECS is seeking a Network Security Engineer (CDAP) - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. In this role, the engineer supports Task 3 - Cybersecurity Operations Support by designing, implementing, and optimizing network security monitoring and analytic capabilities within the Cybersecurity Data Analytics Platform (CDAP). The position contributes directly to Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility by engineering data ingestion from network sensors and boundary devices, improving detection logic, and coordinating with SOC, CTIC, defensive cyber, and infrastructure teams to strengthen ARNG network defense operations.
This role operates in a mission environment that delivers DoDIN services and cyber defense for more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories, supporting Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified and unclassified operations. The Network Security Engineer (CDAP) - Senior helps improve visibility and response across environments that include USIEM analytics, EDR, IDS/IPS, firewall technologies, cross domain services, and SIPRNet and NIPRNet-connected operations, while coordinating with organizations such as the NETCOM Global Cyber Center and DISA DCDC to advance continuous monitoring, threat-informed defense, and RMF-aligned cybersecurity outcomes.
Please Note: This position is contingent upon contract award.
Responsibilities
- Design and implement network security monitoring and analytics capabilities within CDAP to improve threat visibility across ARNG classified and unclassified network environments.
- Engineer and maintain data ingestion pipelines from network sensors, firewalls, IDS/IPS, and boundary protection devices to support centralized security analytics and continuous monitoring.
- Develop, tune, and validate correlation rules and detection logic to improve detection fidelity, reduce false positives, and strengthen DCO-IDM operations across DoDIN-connected environments.
- Support configuration hardening, performance optimization, and validation testing of network security technologies in alignment with DoD and ARNG cybersecurity policy and RMF objectives.
- Coordinate with SOC, CTIC, defensive cyber, and infrastructure teams to refine detections, improve analytic coverage, and support cyber incident identification and response workflows.
- Leverage integrated USIEM, C2C, and DLP analytics approaches described for Task 3 to enhance centralized visibility and machine-speed response across the ARNG enterprise.
- Coordinate with USIEM engineers and related cybersecurity teams to improve enabling data sources, support MITRE ATT&CK-based analytic development, and strengthen enterprise detection outcomes.
- Support monitoring and defense of environments spanning approximately 141,000 endpoints across 2,800 sites in 54 states and territories, helping protect mission operations tied to Title 10, Title 32, and domestic emergency response requirements.
- Contribute to cybersecurity operations performed in coordination with the NETCOM Global Cyber Center and DISA DCDC, ensuring analytic and monitoring capabilities support 24x7x365 ARNG cyber defense objectives.
Required Skills
Required Qualifications
U.S. Citizenship is required
Security Clearance: TS//SCI Eligible
Required Certifications: DCWF Work Role 441-Network Operations Specialist - Intermediate proficiency; must hold ONE OR MORE of the following: CND, GFACT, GSEC, Security
Experience: 7 years of experience in cybersecurity
Education: Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering
- Experience designing and optimizing network security monitoring, analytics, or detection capabilities for enterprise network environments.
- Experience engineering data ingestion pipelines from network sensors, firewalls, IDS/IPS, or other boundary protection devices into centralized analytic platforms.
- Experience developing, tuning, and validating correlation rules or detection logic to improve threat visibility and reduce false positives.
- Experience supporting configuration hardening, validation testing, and performance optimization of network security technologies.
- Experience coordinating with SOC, threat analysis, defensive cyber, or infrastructure teams to improve detection coverage and operational response.
- Working knowledge of RMF-aligned continuous monitoring objectives and application of DoD or ARNG cybersecurity policy to operational security tooling.
Desired Skills
Desired Qualifications
Security Clearance: Active TS//SCI (preferred)
- Experience supporting cybersecurity operations in DoDIN-connected environments spanning both classified and unclassified enclaves, including NIPRNet and SIPRNet.
- Experience working with USIEM analytics, EDR, IDS/IPS tuning, or related enterprise monitoring and detection engineering activities.
- Familiarity with MITRE ATT&CK-based analytic development and threat-informed detection methods within a SOC or cyber operations environment.
- Experience coordinating cybersecurity data feeds or detection requirements with NETCOM, ARCYBER, USCYBERCOM, RCCs, or similar operational stakeholders.
- Experience supporting cyber defense operations at large enterprise scale across geographically dispersed sites, users, and endpoints.
Everforth ECS is the federal segment of Everforth , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
- Attracting and developing top talent and high-performing teams
- Fostering a culture that is engaging, accountable, and mission-driven