Skip to main content
ECS

Cybersecurity Engineer - Journeyman (CDAP)

4w

ECS

Fairfax, US · Full-time · $95,000 – $125,000

About this role

ECS is seeking a Cybersecurity Engineer (CDAP) - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This role contributes directly to Defensive Cyberspace Operations – Internal Defensive Measures (DCO-IDM) by ensuring reliable telemetry, validated platform performance, and dashboard integration.

Day-to-day responsibilities include implementing and maintaining CDAP data ingestion pipelines, connectors, and analytic components that enable enterprise security monitoring across ARNG classified and unclassified environments. You will troubleshoot data flow and platform performance issues to improve the quality, timeliness, and reliability of security telemetry and dashboard outputs.

The position works closely with broader ENOCS cybersecurity operations personnel, including SOC, data feed, incident analysis, and RMF support teams. This mission environment delivers DoDIN services and cyber defense for more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories.

This role offers the opportunity to sustain the data and analytics foundation that feeds ARNG enterprise cyber operations, supporting telemetry and reporting aligned to the program's integrated SIEM/C2C/DLP analytics approach. You will also coordinate with organizations such as the NETCOM Global Cyber Center and DISA DCDC across the DoDIN-A(NG) area of responsibility.

Requirements

  • U.S. Citizenship is required.
  • Security Clearance: Secret Eligible.
  • DCWF Work Role 631-Information Systems Security Developer — Basic proficiency.
  • Must hold ONE OR MORE of the following certifications: CC, CND, GISF, SSCP.
  • 3+ years of experience in cybersecurity.
  • Experience implementing or maintaining data ingestion pipelines, connectors, or analytic components.

Responsibilities

  • Implement and maintain CDAP data ingestion pipelines, connectors, and analytic components that support enterprise security monitoring across ARNG cybersecurity operations.
  • Configure and sustain platform components used to collect, normalize, and deliver reliable telemetry for continuous monitoring and operational reporting.
  • Troubleshoot data flow, connector, and platform performance issues to improve the quality, timeliness, and reliability of security telemetry and dashboard outputs.
  • Support performance validation and testing activities to confirm analytic components, ingestion pipelines, and reporting integrations are operating as intended.
  • Integrate validated telemetry and analytic outputs into dashboards and reporting views that support cybersecurity operations and enterprise visibility.
  • Document configuration changes, component updates, and validation results in accordance with program configuration control and RMF support requirements.
  • Assist in aligning CDAP telemetry, reporting, and evidence artifacts with continuous monitoring objectives and eMASS-supported RMF activities.
  • Coordinate with ENOCS cybersecurity operations personnel supporting the SOC and related Task 3 functions to ensure CDAP data pipelines support DCO-IDM monitoring across classified and unclassified ARNG enclaves.

Benefits

  • Contingent upon contract award — opportunity to support a high-impact national defense program.
  • Work on a mission environment delivering DoDIN services and cyber defense for over 120,000 users and 141,000 endpoints.
  • Collaborate with cybersecurity operations personnel across SOC, data feed, incident analysis, and RMF support teams.
  • Gain experience with integrated SIEM, C2C, and DLP analytics in a large-scale, multi-site enterprise environment.