×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Support Network Security Security Manager

SOC CIRT Technician - Journeyman

Job in Fairfax, Fairfax County, Virginia, 22032, USA
Listing for: ECS
Full Time position
Listed on 2026-06-15
Job specializations:
  • IT/Tech
    Cybersecurity, IT Support, Network Security, Security Manager
Salary/Wage Range or Industry Benchmark: 60000 USD Yearly USD 60000.00 YEAR
Job Description & How to Apply Below

Job Description

ECS is seeking a SOC CIRT Technician - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This position supports Task 3 — Cybersecurity Operations Support — by assisting cyber incident response investigations through evidence collection, forensic acquisition, analysis of host and network artifacts, malware triage, root‑cause analysis, containment support, recovery validation, and incident documentation.

The role works closely with ENOCS cybersecurity operations personnel, including SOC, CIRT, watch officers, engineers, and analysts, to help deliver Defensive Cyberspace Operations – Internal Defensive Measures (DCO-IDM) across the DoDIN‑Army‑NG area of responsibility.

Please Note: This position is contingent upon contract award.

This role contributes to the protection of ARNG classified and unclassified network environments that support more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories. The SOC CIRT Technician - Journeyman helps sustain cyber readiness for Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations by supporting incident handling within a 24x7x365 cybersecurity enterprise.

Responsibilities
  • Perform evidence collection and forensic acquisition activities in support of cyber incident response investigations involving host and network artifacts.
  • Analyze collected artifacts to support incident scoping, malware triage, root‑cause determination, containment actions, and recovery validation.
  • Document investigative actions, technical findings, and incident updates in authorized incident tracking and case management systems.
  • Support preparation of incident reports, after‑action documentation, and related artifacts required for continuous monitoring and ARNG cybersecurity reporting.
  • Coordinate incident response activities with SOC personnel, watch officers, and service owners to support timely escalation, analysis, and resolution of cybersecurity events.
  • Assist with investigations informed by USIEM detections, integrated SIEM/C2C/DLP analytics, and EDR telemetry to improve visibility and response across ARNG network environments.
  • Support incident coordination and reporting actions aligned with ENOCS Task 3 deliverables and in collaboration with external organizations such as the NETCOM Global Cyber Center and DISA DCDC.
  • Contribute to post‑incident analysis that strengthens enterprise defenses across ARNG classified and unclassified enclaves, including support to lessons learned and recovery validation.
  • Maintain records and supporting documentation in accordance with DoD and ARNG cybersecurity policy, continuous monitoring requirements, and established incident response procedures.
Required Qualifications
  • U.S. Citizenship is required.
  • Security Clearance:
    Secret Eligible.
  • Required

    Certifications:

    DCWF Work Role 531‑Cyber Defense Incident Responder — Basic proficiency; must hold ONE OR MORE of the following: CC, GDSA, GISF.
  • Experience:

    3+ years of experience in cybersecurity.
  • Experience supporting cyber incident investigations involving host‑based and network‑based evidence collection.
  • Experience performing forensic acquisition and technical analysis to support incident scoping, containment, and recovery activities.
  • Experience documenting investigative actions, findings, and response status in formal tracking or case management systems.
  • Familiarity with malware triage, root‑cause analysis, and after‑action reporting in operational cybersecurity environments.
  • Ability to support continuous monitoring and reporting requirements in alignment with DoD and ARNG cybersecurity policy.
  • Experience collaborating with incident response, SOC, and cybersecurity operations personnel during active event handling.
  • Working familiarity with classified and unclassified network security operations environments.
Desired Qualifications
  • Security Clearance:
    Active Secret (preferred).
  • Experience supporting DCO-IDM activities within Army, ARNG, or other DoD cybersecurity operations environments.
  • Familiarity with USIEM, EDR, and…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search