×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Network Security Security Manager

SOC Security Engineering Team Lead - Senior

Job in Fairfax, Fairfax County, Virginia, 22032, USA
Listing for: ECS
Full Time position
Listed on 2026-06-12
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Network Security, Security Manager
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Job Description

Overview

ECS is seeking a SOC Security Engineering Team Lead - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. In this senior Task 3 role, the selected candidate will lead the team responsible for implementing, configuring, and sustaining security engineering capabilities that enable SOC monitoring, detection, and response operations across ARNG enterprise environments. The role directly supports Cybersecurity Operations Support by integrating and maintaining security tools, sensors, log forwarding, and telemetry pipelines;

validating monitoring coverage and alert fidelity; documenting configuration changes and remediation actions; and coordinating with SOC, CTIC, CDAP, and infrastructure teams to sustain continuous monitoring in alignment with DCO-IDM objectives across the DoDIN-Army-NG area of responsibility.

This position supports ARNG’s mission to deliver DoDIN services and cyber defense for more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories, spanning both classified and unclassified network environments. The SOC Security Engineering Team Lead - Senior contributes to protection of Title 10 and Title 32 missions, mobilization readiness, domestic emergency response operations, and classified SIPRNet activities by helping maintain engineering support for 24x7x365 SOC operations and integrated visibility across ARNG’s cybersecurity stack.

The role operates within a technical environment that includes USIEM analytics, EDR, IDS/IPS, DLP, C2C integrations, Zeek metadata, Sysmon-informed ATT&CK analytics, and RMF-aligned continuous monitoring, while coordinating with NETCOM Global Cyber Center and DISA DCDC to strengthen enterprise cyber defense.

Please Note:
This position is contingent upon contract award.

Responsibilities
  • Lead the implementation, configuration, and sustainment of security engineering solutions that support SOC monitoring, detection, and response across ARNG enterprise environments.
  • Integrate and maintain security tools, sensors, log forwarding mechanisms, and telemetry pipelines to improve enterprise visibility, event correlation, and alert accuracy.
  • Support ARNG Task 3 Cybersecurity Operations Support deliverables by enabling continuous monitoring and engineering capabilities required for DCO-IDM across classified and unclassified network environments.
  • Coordinate with SOC, CTIC, CDAP, and infrastructure teams to resolve monitoring gaps, improve alert fidelity, and sustain operational cybersecurity coverage.
  • Engineer and maintain data integrations that support USIEM operations, including relevant feeds and telemetry used for centralized analytics, detection, and incident support.
  • Assist with system hardening and validation of configuration baselines to align monitoring infrastructure with DoD and ARNG cybersecurity policy and RMF requirements.
  • Troubleshoot issues affecting security monitoring coverage, log collection, sensor performance, and detection reliability across ARNG enterprise systems.
  • Document configuration changes, engineering updates, and remediation actions to maintain traceability, support compliance activities, and preserve operational knowledge.
  • Support coordination with NETCOM Global Cyber Center and DISA DCDC, as required, to help maintain enterprise cybersecurity operations and visibility across the DoDIN-Army-NG area of responsibility.
  • Contribute to sustaining telemetry and monitoring support for ARNG’s distributed enterprise of approximately 141,000 endpoints across about 2,800 sites in 54 states and territories.
Required Qualifications
  • U.S. Citizenship is required
  • Security Clearance: TS/SCI Eligible
  • Required

    Certifications:

    DCWF Work Role 521-Cyber Defense Infrastructure Support Specialist — Intermediate proficiency; must hold ONE OR MORE of the following: GMON, GRID, CEH, Cloud+, CySA+, GSEC, Pen Test+, Security+, SSCP
  • Experience:

    7+ years of experience in cybersecurity
  • Education:

    Bachelor’s degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search