SOC Security Engineering Technician - Journeyman

About The Position

Requirements

• U.S. Citizenship is required
• Security Clearance: TS//SCI Eligible
• Required Certifications: DCWF Work Role 521-Cyber Defense Infrastructure Support Specialist — Intermediate proficiency; must hold ONE OR MORE of the following: GMON, GRID, CEH, Cloud+, CySA+, GSEC, PenTest+, Security+, SSCP
• 7+ years of experience in cybersecurity
• Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering
• Experience implementing, configuring, and sustaining security engineering solutions that support SOC monitoring, detection, and response operations.
• Experience integrating security sensors, log forwarding mechanisms, and telemetry pipelines to enable comprehensive visibility and accurate event correlation.
• Experience supporting system hardening activities, validating configuration baselines, and assisting with remediation of monitoring or security control deficiencies.
• Experience documenting configuration changes, remediation actions, and technical updates in support of operational accountability and auditability.
• Experience coordinating with cross-functional cybersecurity and infrastructure teams to maintain continuous monitoring capabilities.
• Experience supporting RMF-aligned cybersecurity operations and compliance activities within classified and unclassified enterprise environments.
• Experience supporting enterprise cybersecurity operations at scale across distributed users, endpoints, or sites.

Responsibilities

• Lead implementation, configuration, and maintenance of security engineering capabilities that support SOC monitoring, detection, and response operations across ARNG enterprise environments.
• Integrate and sustain security tools, sensors, log forwarding mechanisms, and telemetry pipelines to improve monitoring coverage, event quality, and alert fidelity.
• Support continuous monitoring operations by validating data flow and correlation effectiveness within the ARNG cyber environment, including USIEM-integrated analytics and related detection engineering activities.
• Troubleshoot security engineering issues affecting visibility, sensor performance, log ingestion, and monitoring effectiveness across classified and unclassified enclaves.
• Perform system hardening support and validate configuration baselines to help maintain secure operational conditions aligned with DoD and ARNG cybersecurity policy.
• Document configuration changes, remediation actions, and engineering updates to support traceability, operational continuity, and RMF-related evidence requirements.
• Coordinate with SOC, CTIC, CDAP, and infrastructure teams to sustain enterprise monitoring capabilities and support threat detection, vulnerability management, and cyber defense operations.
• Support cybersecurity engineering activities performed in coordination with the NETCOM Global Cyber Center and DISA DCDC to maintain defensive coverage across the DoDIN-Army-NG area of responsibility.
• Assist with maintaining monitoring and response capabilities that support ARNG missions across 54 states and territories, including operational environments tied to Title 10, Title 32, and SIPRNet-supported activities.