SOC Technician (Shift 2) - Junior

ECS Tech IncFairfax, VA
Onsite
Match Resume

About The Position

ECS is seeking a SOC Technician (Shift 2) - Junior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program in Fairfax, VA. In this role, the selected candidate supports Task 3 — Cybersecurity Operations Support by monitoring security events and alerts, performing initial triage and analysis, documenting incidents, correlating telemetry to identify indicators of compromise, and escalating events in accordance with established SOC procedures and playbooks. The position contributes to ENOCS 24/7/365 cybersecurity operations by supporting continuous monitoring, ticketing, case management, and coordination with SOC leadership and the Cyber Incident Response Team (CIRT) to enable timely containment and response actions across the DoDIN-Army-NG area of responsibility. This role directly supports ARNG’s mission to deliver DoDIN services and conduct Defensive Cyberspace Operations – Internal Defensive Measures (DCO-IDM) for more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories. The SOC Technician helps defend both classified and unclassified network environments that support Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and SIPRNet operations. The position operates within ENOCS’ cybersecurity environment using centralized monitoring and analytics capabilities such as USIEM, integrated SIEM/C2C/DLP analytics, IDS/IPS event flows, endpoint detection and response, and coordination processes aligned with NETCOM Global Cyber Center and DISA DCDC.

Requirements

  • U.S. Citizenship is required
  • Security Clearance: Secret Eligible
  • Required Certifications: DCWF Work Role 511-Cyber Defense Analyst — Basic proficiency; must hold ONE OR MORE of the following: CC, CEH, GFACT, GISF
  • 1+ years of experience in cybersecurity
  • Experience monitoring security alerts, reviewing event data, and performing initial incident triage in a SOC or similar cyber defense environment.
  • Ability to document incidents clearly and maintain accurate case notes in accordance with established procedures and escalation workflows.
  • Familiarity with correlating telemetry to identify indicators of compromise and support incident analysis.
  • Experience supporting ticketing and case management processes for cybersecurity events and operational handoff.
  • Ability to follow established playbooks and coordinate with SOC leadership and incident response personnel during active events.
  • Familiarity with continuous monitoring activities in support of DoD or ARNG cybersecurity policy compliance.
  • Experience working with enterprise security monitoring data such as SIEM, IDS/IPS, DLP, or endpoint security event sources.
  • Ability to support mission operations affecting large-scale distributed environments spanning multiple sites and users.

Responsibilities

  • Monitor security events, alerts, and telemetry across ARNG classified and unclassified environments in support of continuous SOC operations.
  • Perform initial triage and analysis of suspicious activity to identify indicators of compromise and determine appropriate incident priority and escalation path.
  • Correlate event data from multiple sources to support threat detection, incident identification, and timely reporting in accordance with established SOC procedures.
  • Document incidents, actions taken, and relevant findings in ticketing and case management systems to maintain accurate operational records.
  • Escalate cybersecurity events to Tier 2 incident, problem, and change processes using approved playbooks and communication procedures.
  • Coordinate with SOC leadership, CIRT, and other security operations teams to support containment actions, incident handling, and follow-on response activities.
  • Support monitoring and analysis activities using USIEM and integrated SIEM/C2C/DLP analytics to improve centralized visibility across the ARNG enterprise.
  • Review and communicate relevant IDS/IPS, EDR, and related security monitoring data to assist in detecting anomalous activity affecting approximately 141,000 endpoints across 2,800 sites.
  • Coordinate, as directed, with mission and operational partners aligned to ENOCS cybersecurity operations, including NETCOM Global Cyber Center and DISA DCDC, to support incident reporting and operational awareness.
  • Support compliance with continuous monitoring requirements and applicable DoD and ARNG cybersecurity policies through accurate documentation and disciplined incident handling.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Entry Level

Education Level

No Education Listed

Job Search Resources

Similar SOC Technician (Shift 2) - Junior job opportunities

SOC Technician (Shift 3) - Junior
ECS Tech Inc
ECS Tech Inc • Fairfax, VA3d • Onsite
SOC Technician
ECS Tech Inc
ECS Tech Inc • Fairfax, VA3d • Onsite
SOC CTIC Technician - Junior
ECS Tech Inc
ECS Tech Inc • Fairfax, VA3d • Onsite
SOC Security Engineering Technician - Junior
ECS Tech Inc
ECS Tech Inc • Fairfax, VA3d • Onsite
SOC-Vulnerability Management AESS Technician - Junior
ECS Tech Inc
ECS Tech Inc • Fairfax, VA3d • Onsite
SOC Vulnerability Management ACAS Technician - Junior
ECS Tech Inc
ECS Tech Inc • Fairfax, VA3d • Onsite

Tools

Templates & Examples

Resources

Comparisons

Company

Over 4 Million Users
Free AI tools and resources to help you land your next job, faster
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service