Operational Technology Engineer - Journeyman

About The Position

Requirements

• U.S. Citizenship is required
• Security Clearance: Secret Eligible
• Required Certifications: DCWF Work Role 462-Control Systems Security Specialist — Basic proficiency; must hold ONE OR MORE of the following: DAF 462 (Basic) (ICS)
• 3+ years of experience in cybersecurity
• Experience monitoring and analyzing security events in OT, ICS, or DCI environments.
• Ability to review network traffic, system logs, and sensor outputs to identify suspicious activity, threats, and configuration issues.
• Experience documenting findings, risk impacts, and remediation status in support of cybersecurity operations and continuous monitoring.
• Ability to coordinate with SOC, incident response, engineering, and stakeholder teams during investigation and containment of security events.
• Working knowledge of RMF-aligned monitoring and reporting practices in support of cybersecurity compliance objectives.
• Experience supporting vulnerability mitigation and remediation validation in environments where safety and availability are critical operational considerations.

Responsibilities

• Monitor OT, ICS, and DCI security telemetry to identify anomalous behavior, policy violations, indicators of compromise, and misconfigurations affecting control system networks.
• Analyze OT network traffic, system logs, and sensor outputs to assess threats while accounting for operational safety, system availability, and mission continuity requirements.
• Document security findings, risk impacts, and remediation status to support continuous monitoring, vulnerability management, and ARNG cybersecurity reporting objectives.
• Coordinate with SOC and CIRT personnel to investigate, escalate, and help contain cybersecurity events affecting OT and DCI environments.
• Support validation of vulnerability mitigation and remediation actions within operational environments to help maintain secure baseline configurations and resilient cyber posture.
• Align monitoring, analysis, and reporting activities with DoD and ARNG cybersecurity policy, RMF requirements, and ongoing authorization and compliance objectives.
• Contribute to Task 3 cybersecurity operations deliverables by supporting proactive DCO-IDM activities across ARNG classified and unclassified environments.
• Work with OT engineers and facility stakeholders to evaluate potential cyber impacts to mission-critical infrastructure and recommend response actions that preserve operational continuity.
• Support the OT/DCI monitoring approach described for ENOCS by helping extend enterprise detection visibility through USIEM and related cyber defense capabilities into operational technology environments.
• Coordinate, as required, within the broader ENOCS cyber defense structure that interfaces with the NETCOM Global Cyber Center and DISA DCDC for enterprise cybersecurity operations.