Cybersecurity Infrastructure Engineer

Securities and Exchange Commission

$100K — $130K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • US Citizenship required
  • Experience with enterprise network security controls and configuration management
  • Proficient in designing security capabilities and automation
  • Knowledge of secure cloud architectures and Zero Trust access patterns
  • Familiarity with evaluating emerging technologies and security impacts

Responsibilities

  • Engineer and maintain enterprise cybersecurity infrastructure, including next-gen firewalls and SD-WAN
  • Operate and manage daily security platform functions, including configuration and health monitoring
  • Act as a senior technical authority for complex infrastructure issues, providing advanced troubleshooting
  • Lead engineering projects from requirements gathering to implementation for new capabilities
  • Develop secure configuration baselines and automate operational tasks to enhance efficiency
  • Translate threat intelligence into actionable infrastructure improvements
  • Collaborate with SOC and network teams to integrate capabilities and resolve operational issues

Benefits

  • Comprehensive federal employee benefits package
  • Access to a range of employee family benefits
  • Eligibility varies based on position type
  • Potential additional vacancies may be filled from within the agency
Full Job Description
Summary

The Office of Information Technology is seeking applications for their IT Specialist (INFOSEC) (Cybersecurity Infrastructure Engineer) position. You will engineer, operate, and sustain the enterprise defensive network infrastructure-next-generation firewalls, SASE/ZTNA, and SD-WAN that protects SEC systems and data. As a senior technical authority and escalation point, you will lead capability projects, guide supporting contractors, and strengthen the SEC's defenses against cyber threats.

Duties

Help

In this role as a Cybersecurity Infrastructure Engineer, you will be responsible for:

  • Engineering, deploying, and sustaining the SEC's enterprise network security infrastructure-next-generation firewalls, SASE/ZTNA, and SD-WAN-to ensure availability, performance, and a defensible security posture.
  • Operating and maintaining defensive platforms day-to-day, including configuration management, policy tuning, software/firmware lifecycle and patching, capacity planning, and health monitoring.
  • Serving as the senior technical authority and escalation point for complex infrastructure issues, providing advanced troubleshooting and resolution, and directing technical work of supporting contractor staff.
  • Leading engineering projects end-to-end-requirements, design, testing, and implementation-for new and upgraded capabilities such as SASE/ZTNA and SD-WAN across enterprise and hybrid (on-premises and cloud) environments.
  • Developing and maintaining secure configuration baselines, standard operating procedures, and engineering documentation, and automating repeatable configuration and operational tasks to improve consistency and reduce manual effort.
  • Translating threat intelligence and detection findings into infrastructure-level defensive improvements-firewall policy, segmentation, access control, and traffic inspection-to harden the environment against current adversary tactics.
  • Collaborating with the SOC, logging and observability, and network operations teams, and with product vendors, to integrate capabilities, resolve issues, and align infrastructure with operational and mission requirements.
  • Operating and supporting intrusion detection sensor infrastructure to ensure reliable security telemetry delivery to the SOC and logging/observability teams.
  • Identifying gaps in defensive coverage, resilience, and operational processes; recommending and implementing improvements; and providing technical input to architecture and roadmap decisions.


Requirements

Help

Conditions of employment

  • CITZENSHIP: You must be a US Citizen.
  • SELECTIVE SERVICE: Males born after 12/31/59 must be registered or exempt from Selective Service (see https://www.sss.gov/).
  • SECURITY CLEARANCE: Entrance on duty is contingent upon completion of a pre-employment security investigation. Favorable results on a Background Investigation may be a condition of employment or selection to another position.
  • PERMANENT CHANGE OF STATION (PCS): Moving/Relocation expenses are not authorized.
  • DIRECT DEPOSIT: All Federal employees are required to have Federal salary payments made by direct deposit to a financial institution of their choosing.
  • PROBATIONARY PERIOD: This appointment may require completion of a one-year probationary period.
  • The selectee is required to report to the duty station(s) listed.
  • The duties of this position may require the incumbent to carry a cell phone and be on call 24 hours a day, seven days a week on a rotational basis, based on the needs of the organization.


Qualifications

Applicants are responsible for confirming all required materials are submitted by the closing date of the announcement. Please check the HowYou Will Be Evaluated and Required Documents sections carefully, as missing documents will render the application incomplete and ineligible for review.

Qualifying experience may be obtained in the private or public sector. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional, philanthropic, religious, spiritual, community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. All qualification requirements must be met by the closing date of this announcement.

BASIC REQUIREMENT: For all positions individuals must have IT-related experience demonstrating each of the four competencies listed below:

  1. Attention to Detail - Is thorough when performing work and conscientious about attending to detail.
  2. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.
  3. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.
  4. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.


MINIMUM QUALIFICATION REQUIREMENT: In addition to meeting the basic requirement, applicants must also meet the minimum qualification requirement below.

SK-14: Applicant must have at least one year of specialized experience equivalent to the GS/SK-13 level:

  1. Engineering enterprise network security controls, including hardening and configuration management;
  2. Designing enterprise security capabilities and operations, including automation and escalation resolution;
  3. Defining secure cloud guardrails and Zero Trust access patterns aligned to federal baselines; and
  4. Evaluating emerging technologies with baseline updates and security impact analysis.


ACCOMPLISHMENT RECORD COMPETENCIES: Your Accomplishment Record narratives should address the following competencies. See the How You Will Be Evaluated section below for more information:

  • Information Systems/Network Security - Implements and uses methods, tools, and procedures, including the development of information security plans and standards, to prevent information systems vulnerabilities and provide or restore privacy and security of applications, systems, and/or network services.
  • Cybersecurity Engineering - Creates and manages hardware, software, and privacy and security policies for the protection of systems, networks, and data.
  • Cloud Architecture - Designs and develops Cloud-based infrastructure aligned with best practices and requirements to include organizing and analyzing data and dataset structures; and maintains knowledge of industry developments.
  • Technology Awareness - Uses technological developments, new requirements, and new applications of information technology (hardware, software, and telecommunications), emerging technologies and their integration into business processes, and implementation of information systems to meet organizational requirements.


Additional information

Supplementary vacancies may be filled in addition to the number stated in this announcement and may be filled from any division or office within the agency.

SEC COMPENSATION PROGRAM: Total salary (base pay + locality) is dependent upon duty location. The overall salary range listed above is provided for informational purposes; a selectee's initial pay will be established below the maximum rate of the range. The pay for current SEC employees will be determined according to the procedures specified in the agency's policy. Please click here for a compensation overview.

Benefits

Help

A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.

Review our benefits

Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.

Similar Jobs

More Jobs at Securities and Exchange Commission

More Information Technology Jobs

Find similar Cybersecurity Infrastructure Engineer jobs: