Cybersecurity Architect - Senior

ECS is seeking a Cybersecurity Architect - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. This position supports Task 3 — Cybersecurity Operations Support — by assisting with the design and evaluation of cybersecurity architectures for mission systems and enterprise environments across the DoDIN-Army-NG area of responsibility. The role provides technical input to engineering teams, maps security controls to architectural components, conducts security impact analyses, and reviews design documentation for RMF alignment under senior architectural guidance. In coordination with broader cybersecurity operations personnel, this position helps sustain a comprehensive Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) capability supporting ARNG classified and unclassified environments.

The Cybersecurity Architect - Senior contributes to an enterprise mission that delivers DoDIN services and cyber defense for more than 120,000 users and approximately 141,000 endpoints across roughly 2,800 sites in 54 states and territories. This work directly supports ARNG Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. The role operates within a technical environment that includes USIEM, EDR, IDS/IPS, eMASS, RMF processes, STIG and IAVA-driven compliance activities, and coordination points with the NETCOM Global Cyber Center and DISA DCDC to help ensure ARNG forces retain cyber freedom of action while denying the same to adversaries.

Please Note: This position is contingent upon contract award.

• Support the design and assessment of cybersecurity architectures for ARNG mission systems and enterprise environments under senior architectural guidance.
• Map security controls to architectural components and review system designs to verify alignment with RMF requirements and authorized security boundaries.
• Conduct security impact analyses for proposed changes, enhancements, and engineering activities affecting classified and unclassified ARNG network environments.
• Provide technical cybersecurity input to engineering teams to help ensure designs support operational security, compliance validation, and mission continuity.
• Review and help maintain architectural and compliance documentation used to support eMASS records, security plans, self-assessments, and related RMF artifacts.
• Assist with evaluating architecture decisions against applicable STIGs, IAVMs, and continuous monitoring requirements to support secure baseline configuration and vulnerability management activities.
• Support cybersecurity architecture considerations for environments integrated with USIEM, EDR, IDS/IPS, and related monitoring and detection capabilities used in ARNG cyber operations.
• Coordinate architectural security considerations with Task 3 cybersecurity operations personnel and other stakeholders operating with the NETCOM Global Cyber Center and DISA DCDC.
• Contribute to documentation and compliance validation activities that support DCO-IDM operations across ARNG enterprise systems supporting 54 states and territories.

U.S. Citizenship is required

Security Clearance: Secret Eligible

Required Certifications: DCWF Work Role 652-Security Architect — Basic proficiency; must hold ONE OR MORE of the following: GCLD, GISF

Experience: 3+ years of experience in cybersecurity

• Experience supporting cybersecurity architecture analysis for enterprise systems or mission environments.
• Experience mapping security controls to technical designs and architectural components.
• Experience conducting security impact reviews for system or infrastructure changes.
• Experience reviewing technical documentation for RMF alignment and compliance validation.
• Ability to support development and maintenance of cybersecurity documentation in coordination with engineering and compliance teams.
• Familiarity with classified and unclassified network environments supporting operational missions.
• Familiarity with vulnerability management and secure configuration concepts aligned to STIG and IAVA-driven compliance activities.