Cybersecurity Infrastructure Engineer
What you'd do
The Office of Information Technology is seeking applications for their IT Specialist (INFOSEC) (Cybersecurity Infrastructure Engineer) position. You will engineer, operate, and sustain the enterprise defensive network infrastructure-next-generation firewalls, SASE/ZTNA, and SD-WAN that protects SEC systems and data. As a senior technical authority and escalation point, you will lead capability projects, guide supporting contractors, and strengthen the SEC's defenses against cyber threats.
Major duties
In this role as a Cybersecurity Infrastructure Engineer, you will be responsible for: Engineering, deploying, and sustaining the SEC's enterprise network security infrastructure-next-generation firewalls, SASE/ZTNA, and SD-WAN-to ensure availability, performance, and a defensible security posture. Operating and maintaining defensive platforms day-to-day, including configuration management, policy tuning, software/firmware lifecycle and patching, capacity planning, and health monitoring. Serving as the senior technical authority and escalation point for complex infrastructure issues, providing advanced troubleshooting and resolution, and directing technical work of supporting contractor staff. Leading engineering projects end-to-end-requirements, design, testing, and implementation-for new and upgraded capabilities such as SASE/ZTNA and SD-WAN across enterprise and hybrid (on-premises and cloud) environments. Developing and maintaining secure configuration baselines, standard operating procedures, and engineering documentation, and automating repeatable configuration and operational tasks to improve consistency and reduce manual effort. Translating threat intelligence and detection findings into infrastructure-level defensive improvements-firewall policy, segmentation, access control, and traffic inspection-to harden the environment against current adversary tactics. Collaborating with the SOC, logging and observability, and network operations teams, and with product vendors, to integrate capabilities, resolve issues, and align infrastructure with operational and mission requirements. Operating and supporting intrusion detection sensor infrastructure to ensure reliable security telemetry delivery to the SOC and logging/observability teams. Identifying gaps in defensive coverage, resilience, and operational processes; recommending and implementing improvements; and providing technical input to architecture and roadmap decisions.
What you need to qualify
Applicants are responsible for confirming all required materials are submitted by the closing date of the announcement. Please check the How You Will Be Evaluated and Required Documents sections carefully, as missing documents will render the application incomplete and ineligible for review. Qualifying experience may be obtained in the private or public sector. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional, philanthropic, religious, spiritual, community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. All qualification requirements must be met by the closing date of this announcement. BASIC REQUIREMENT: For all positions individuals must have IT-related experience demonstrating each of the four competencies listed below: Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. MINIMUM QUALIFICATION REQUIREMENT: In addition to meeting the basic requirement, applicants must also meet the minimum qualification requirement below. SK-14: Applicant must have at least one year of specialized experience equivalent to the GS/SK-13 level: Engineering enterprise network security controls, including hardening and configuration management; Designing enterprise security capabilities and operations, including automation and escalation resolution; Defining secure cloud guardrails and Zero Trust access patterns aligned to federal baselines; and Evaluating emerging technologies with baseline updates and security impact analysis. ACCOMPLISHMENT RECORD COMPETENCIES: Your Accomplishment Record narratives should address the following competencies. See the How You Will Be Evaluated section below for more information: Information Systems/Network Security - Implements and uses methods, tools, and procedures, including the development of information security plans and standards, to prevent information systems vulnerabilities and provide or restore privacy and security of applications, systems, and/or network services. Cybersecurity Engineering - Creates and manages hardware, software, and privacy and security policies for the protection of systems, networks, and data. Cloud Architecture - Designs and develops Cloud-based infrastructure aligned with best practices and requirements to include organizing and analyzing data and dataset structures; and maintains knowledge of industry developments. Technology Awareness - Uses technological developments, new requirements, and new applications of information technology (hardware, software, and telecommunications), emerging technologies and their integration into business processes, and implementation of information systems to meet organizational requirements.
Before you apply
Federal applications are different: your resume should be 3–5 pages and mirror the language of this announcement. Read our federal resume guide first — it's the #1 reason qualified people get screened out.
Don't miss the next one.
Get an email the moment a similar federal job opens — postings can close in as little as 5 days.