Information Systems Security Analyst RMF - Journeyman

Position Summary

ECS is seeking an Information Systems Security Analyst (RMF) - Journeyman to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. Supporting Task 3 - Cybersecurity Operations Support, this role designs, implements, and sustains secure Industrial Control System (ICS) architectures for Defense Critical Infrastructure (DCI) and Operational Technology (OT) environments. The position applies secure configuration baselines, supports RMF and continuous monitoring objectives, and works across cybersecurity operations, engineering, and facility stakeholders to help defend ARNG classified and unclassified network environments in support of Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM).

Please Note: This position is contingent upon contract award.

This role contributes to a mission supporting more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories, including Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. The Information Systems Security Analyst (RMF) - Journeyman operates within ENOCS' coordinated cyber defense environment, aligning OT/ICS security activities with Task 3 deliverables such as RMF support, vulnerability management, continuous monitoring, and DCI/OT security operations. The position interfaces with the broader ARNG cyber ecosystem, including coordination with the NETCOM Global Cyber Center, DISA DCDC, SOC operations, USIEM-enabled monitoring, and OT detection capabilities aligned to the program's future-state DCI/OT approach.

Responsibilities

• Design and sustain secure ICS architectures supporting PLCs, HMIs, SCADA components, and associated control networks within ARNG DCI and OT environments.
• Implement secure segmentation, boundary protection, and remote access approaches for control system environments while preserving operational safety, reliability, and availability.
• Apply and validate secure configuration baselines for ICS assets, including assessment of patch compatibility and potential operational impact before implementation.
• Perform ICS-focused risk assessments and support remediation of vulnerabilities affecting control system assets in alignment with ARNG cybersecurity policy, RMF requirements, and continuous monitoring objectives.
• Coordinate with OT cybersecurity analysts, network engineers, and facility personnel to monitor, detect, and mitigate threats targeting industrial control and operational technology assets.
• Support Task 3 cybersecurity operations by contributing to vulnerability management, security compliance, and secure baseline configuration activities for DCI/OT systems.
• Integrate OT security activities with enterprise cyber defense processes, including coordination with SOC functions and USIEM-enabled monitoring to improve visibility of OT events and detections.
• Collaborate with ARNG and external cyber stakeholders, including the NETCOM Global Cyber Center and DISA DCDC, to support DCO-IDM objectives across classified and unclassified environments.
• Maintain technical documentation, security artifacts, and engineering inputs required for RMF, compliance reviews, and ongoing authorization support for ICS/OT environments.