×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Network Security

SOC CIRT Technician - Journeyman Security Clearance

Job in Fairfax, Fairfax County, Virginia, 22031, USA
Listing for: ECS
Full Time position
Listed on 2026-06-10
Job specializations:
  • IT/Tech
    Cybersecurity, Network Security
Job Description & How to Apply Below
Position: SOC CIRT Technician - Journeyman with Security Clearance
Job Description Position Summary ECS is seeking a SOC CIRT Technician - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This position supports Task 3 - Cybersecurity Operations Support - by assisting cyber incident response investigations through evidence collection, forensic acquisition, analysis of host and network artifacts, malware triage, root-cause analysis, containment support, recovery validation, and incident documentation.

The role works closely with ENOCS cybersecurity operations personnel, including SOC, CIRT, watch officers, engineers, and analysts, to help deliver Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility.

Please Note:

This position is contingent upon contract award. This role contributes to the protection of ARNG classified and unclassified network environments that support more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories. The SOC CIRT Technician - Journeyman helps sustain cyber readiness for Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations by supporting incident handling within a 24x7x365 cybersecurity enterprise.

Work is performed in coordination with the broader ENOCS cyber ecosystem, including the NETCOM Global Cyber Center, DISA DCDC, USIEM-enabled monitoring and analytics, EDR-supported investigations, and continuous monitoring and reporting processes aligned to DoD and ARNG policy. Responsibilities
* Perform evidence collection and forensic acquisition activities in support of cyber incident response investigations involving host and network artifacts.
* Analyze collected artifacts to support incident scoping, malware triage, root-cause determination, containment actions, and recovery validation.
* Document investigative actions, technical findings, and incident updates in authorized incident tracking and case management systems.
* Support preparation of incident reports, after-action documentation, and related artifacts required for continuous monitoring and ARNG cybersecurity reporting.
* Coordinate incident response activities with SOC personnel, watch officers, and service owners to support timely escalation, analysis, and resolution of cybersecurity events.
* Assist with investigations informed by USIEM detections, integrated SIEM/C2C/DLP analytics, and EDR telemetry to improve visibility and response across ARNG network environments.
* Support incident coordination and reporting actions aligned with ENOCS Task 3 deliverables and in collaboration with external organizations such as the NETCOM Global Cyber Center and DISA DCDC.
* Contribute to post-incident analysis that strengthens enterprise defenses across ARNG classified and unclassified enclaves, including support to lessons learned and recovery validation.
* Maintain records and supporting documentation in accordance with DoD and ARNG cybersecurity policy, continuous monitoring requirements, and established incident response procedures. Required Skills

Required Qualifications U.S. Citizenship is required Security Clearance:
Secret Eligible Required

Certifications:

DCWF Work Role 531-Cyber Defense Incident Responder - Basic proficiency; must hold ONE OR MORE of the following: CC, GDSA, GISF

Experience:

3+ years of experience in cybersecurity
* Experience supporting cyber incident investigations involving host-based and network-based evidence collection.
* Experience performing forensic acquisition and technical analysis to support incident scoping, containment, and recovery activities.
* Experience documenting investigative actions, findings, and response status in formal tracking or case management systems.
* Familiarity with malware triage, root-cause analysis, and after-action reporting in operational cybersecurity environments.
* Ability to support continuous monitoring and reporting requirements in alignment with DoD and ARNG cybersecurity policy.
* Experience collaborating with incident response, SOC, and cybersecurity operations personnel during active event handling.
* Working familiarity with classified and unclassified network security operations environments. Desired Skills Desired Qualifications Security Clearance:
Active Secret (preferred)
* Experience supporting DCO-IDM activities within Army, ARNG, or other DoD cybersecurity operations environments.
* Familiarity with USIEM, EDR, and integrated SIEM/C2C/DLP analytics used for threat detection and incident analysis.
* Experience coordinating incident reporting or response actions with organizations such as NETCOM, DISA, ARCYBER, or RCC stakeholders.
* Familiarity with MITRE ATT&CK-based analysis to help characterize adversary behavior and support post-incident reporting.
* Experience supporting cybersecurity operations across geographically distributed enterprise environments…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search