Operational Technology Cyber Security Jobs in Reston, VA

Job Summary:
ECS is seeking an Operational Technology Cybersecurity Analyst - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. The role involves monitoring and analyzing security telemetry across Operational Technology, Industrial Control Systems, and Defense Critical Infrastructure environments to identify anomalies and coordinate response actions to ensure continuous cyber defense operations.
Responsibilities:
• Monitor and analyze security telemetry from OT, ICS, and DCI environments to detect anomalous activity, policy violations, misconfigurations, and indicators of compromise affecting control system networks.
• Review OT network traffic, system logs, and sensor outputs to identify threats while accounting for operational safety, system availability, and mission continuity requirements.
• Document cybersecurity findings, operational impacts, and risk implications, and support mitigation tracking, remediation validation, and follow-up reporting.
• Coordinate with SOC Tier 2, Cyber Incident Response Team (CIRT), OT engineers, and facility stakeholders to investigate, contain, and communicate cybersecurity events in operational environments.
• Support Task 3 cybersecurity operations objectives by contributing to continuous monitoring, threat detection, vulnerability management, and Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) activities across the DoDIN-Army-NG area of responsibility.
• Align OT monitoring and reporting activities with DoD and ARNG cybersecurity policy, RMF requirements, eMASS-related evidence needs, and continuous compliance objectives.
• Assist in correlating OT/DCI events with broader enterprise cybersecurity data to improve visibility and support coordinated analysis across classified and unclassified network environments.
• Coordinate, as required, with NETCOM, RCCs, and other ENOCS cybersecurity stakeholders to support incident reporting, defensive actions, and operational awareness for OT and DCI environments.
• Contribute to the evolving ARNG cyber defense architecture by helping apply USIEM-supported detection and monitoring concepts to OT environments consistent with ENOCS Task 3 DCI/OT objectives.
Qualifications:
Required:
• U.S. Citizenship is required
• Security Clearance: Secret Eligible
• Required Certifications: DCWF Work Role 462-Control Systems Security Specialist — Intermediate proficiency; must hold ONE OR MORE of the following: DAF 462 (Intermediate) (ICS), or, DAF 462 (Intermediate) (CS3-300)
• 3+ years of experience in cybersecurity
• Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering
• Experience monitoring and analyzing security events in Operational Technology, Industrial Control System, or Defense Critical Infrastructure environments.
• Experience reviewing network traffic, logs, and security telemetry to identify anomalous behavior, threats, or policy violations.
• Ability to document findings, assess risk impacts, and support remediation validation in mission-critical operational environments.
• Experience coordinating cybersecurity investigations with incident response personnel, engineers, and operational stakeholders.
• Working knowledge of Risk Management Framework (RMF) and continuous monitoring practices in DoD or federal cybersecurity environments.
• Ability to support cybersecurity operations affecting both classified and unclassified network environments while maintaining operational continuity.
Preferred:
• Security Clearance: Active Secret (preferred)
• Experience supporting OT/DCI cybersecurity activities in environments integrated with enterprise cyber operations or Security Operations Center workflows.
• Familiarity with USIEM-enabled monitoring, IDS/IPS event analysis, or SIEM-based detection practices used to improve visibility across IT and OT environments.
• Experience coordinating with Army or DoD cyber organizations such as NETCOM, RCCs, Global Cyber Center, or related mission partners.
• Familiarity with eMASS artifact maintenance, cybersecurity compliance documentation, or RMF evidence support for ongoing authorization activities.
• Experience supporting ARNG, Army, or other large-scale distributed enterprise environments spanning multiple sites, stakeholders, and mission enclaves.
Company:
Everforth ECS is the federal segment of Everforth, a $4B global organization with over 10,000 employees. Founded in 2001, the company is headquartered in Fairfax, USA, with a team of 1001-5000 employees. The company is currently Late Stage.