Duties
The Infrastructure Security Engineer is responsible for protecting the organization's core technology environment by designing, implementing, and maintaining security controls across networks, systems, and cloud platforms. This role ensures the confidentiality, integrity, and availability of enterprise infrastructure through proactive risk identification, secure architecture design, continuous monitoring, and rapid response to security events. The engineer works closely with IT, network, and system teams to embed security into infrastructure operations, strengthen defenses, and support mission critical systems. This position plays a key role in safeguarding organizational assets, improving resilience, and ensuring compliance with Marine Corps, DoD, and industry security standards.
Firewall Administration - Architect, deploy, and maintain next generation firewalls; create and optimize security policies; manage segmentation, VPN configurations, and threat prevention services; monitor logs for anomalies and policy violations.
Zero Trust Architecture - Implement and maintain Zero Trust principles across identity, network, and application layers; enforce least privilege access; support continuous authentication and authorization controls.
Endpoint Protection & EDR - Manage enterprise anti-virus and endpoint detection and response platforms; tune detection rules; investigate alerts; coordinate containment and remediation of endpoint threats.
Tokenization & Data Protection - Support tokenization platforms to secure sensitive data; ensure proper integration with applications; maintain key management processes; enforce data handling and privacy requirements.
Web Proxies & WAF - Administer secure web gateways, proxy services, and web application firewalls; configure filtering policies; monitor for malicious traffic; protect web applications from internal & external threats.
NTP Infrastructure - Maintain secure and reliable Network Time Protocol servers; ensure accurate time synchronization across systems; implement hardening and monitoring to prevent tampering or drift.
RADIUS Authentication Services - Manage RADIUS servers for network authentication; integrate with identity providers; maintain policies for secure access to network devices and wireless infrastructure.
Security Monitoring & Incident Response - Analyze logs and alerts across all security platforms; collaborate with SOC teams; support investigations, root cause analysis, and corrective actions.
Documentation & Compliance - Maintain detailed documentation of configurations, standards, and procedures; support audits; ensure alignment with regulatory and industry security frameworks.
Network Essentials - Apply core networking fundamentals to ensure secure, reliable, and efficient communication across the enterprise. This includes implementing foundational concepts such as IP addressing, routing, switching, DNS, DHCP, VLANs, and transport protocols to design, operate, and troubleshoot network environments. These principles are used to validate traffic flows and enforce proper segmentation across WAN, LAN, and WLAN infrastructures.
Continuous Improvement - Evaluate emerging threats and technologies; recommend enhancements to strengthen the organization's security posture.
Provides World Class Customer Service with an emphasis on courtesy. Assists customers and communicates positively in a friendly manner. Takes action to solve problems quickly. Alerts the higher-level supervisor, or proper point of contact for help when problems arise. Adheres to safety regulations and standards. Uses any required safety equipment and observes safe work procedures. Promptly reports any observed workplace hazards, and any injury, occupational illness, and/or property damage resulting from workplace mishaps to the immediate supervisor. Adheres to established standards of actively supporting the principles of the EEO program and prevention of sexual harassment.
Performs other related duties as assigned.
This is a mixed position where the incumbent must be able to lift and carry objects up to 45 lbs. independently and objects over 45 lbs. with assistance.
Requirements
Conditions of employment
- See Duties and Qualifications
EVALUATIONS:
Qualifications
Bachelor's degree in information technology or a related field appropriate to the work of position with a minimum of three years of hands on experience securing enterprise environments, OR an appropriate combination of education and experience that demonstrates possession of knowledge and skill equivalent to that gained in the above, OR appropriate experience that demonstrates that the applicant has acquired the knowledge, skills, and abilities equivalent to that gained in the above.
Candidates should have a strong foundation in network and systems security. They must have demonstrated proven expertise in the key responsibilities outlined above, including hardening both Windows and Linux operating systems. Experience with security frameworks such as NIST, CIS, or ISO 27001 is required, as is conducting vulnerability assessments, performing log analysis, and contributing to incident response activities. Candidates should be able to interpret security findings and implement effective remediation measures.
Strong communication skills, analytical thinking, and the ability to excel in fast paced, cross functional environments are also critical for success in this role.
Industry certifications such as Security+, CySA+, CCNA, CEH, CISSP, or Security X (CASP) are highly preferred. As an authorized and privileged user of Department of Defense Information Systems must possess or receive Information Assurance awareness by completing the Security + Certification as a condition of access within six months of employment and thereafter must complete annual Information Assurance awareness training.
Additional information
GENERAL INFORMATION: Applicants are assured of equal consideration regardless of race, age, color, religion, national origin, sex, GINA, political affiliation, membership or non-membership in an employee organization, marital status, physical handicap which has no bearing on the ability to perform the duties of the position. This agency provides reasonable accommodations to applicants with disabilities. If you need a reasonable accommodation for any part of the application and hiring process, please notify the agency. The decision on granting reasonable accommodation will be on a case-by-case basis.
It is Department of Navy (DON) policy to provide a workplace free of discrimination and retaliation. The DON No Fear Act policy link is provided for your review: https://www.secnav.navy.mil/donhr/Site/Pages/No-Fear-Act.aspx
As part of the employment process, Human Resources Division may obtain a Criminal Record Check and/or an Investigative Consumer Report. Employment is contingent upon the successful completion of a National Agency Check and Inquiries (NACI). For all positions requiring access to firearms or ammunition, the Federal Government is prohibited from employing individuals in these positions who have ever been convicted of a misdemeanor crime of domestic violence, or a felony crime of domestic violence adjudged on or after 27 November 2002. Selectees for such positions must submit a completed DD Form 2760, Qualification to Possess Firearms or Ammunition, before a final job offer can be made.
Direct Deposit of total NET pay is mandatory as a condition of employment for all appointments to positions within MCCS.
Required Documents:
*Education/certification certificate(s), if applicable.
*If prior military, DD214 Member Copy
This activity is a Drug-free workplace. The use of illegal drugs by NAF employees, whether on or off duty, cannot and will not be tolerated. Federal employees have a right to a safe and secure workplace, and Marines, sailors, and their family members have a right to a reliable and productive Federal workforce.
Involuntarily separated members of the armed forces and eligible family members applying through the Transition Assistance Program must submit a written request/statement (may be obtained from the MCCS Human Resources Office) and present ID card with "TA" stamped in red on front of card.
INDIVIDUALS SELECTED FROM THIS ANNOUNCEMENT MAY BE CHANGED TO PART-TIME OR FULL-TIME AT MANAGEMENT'S DISCRETION WITHOUT FURTHER COMPETITION.
ALL ONLINE APPLICATIONS MUST BE RECEIVED BY 1159PM EASTERN TIME (ET) ON THE CLOSING DATE LISTED IN THE JOB POSTING.
Candidates should be committed to improving the efficiency of the Federal government, passionate about the ideals of our American republic, and committed to upholding the rule of law and the United States Constitution.
A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.
The Federal government offers a number of exceptional benefits to its employees. Benefits you get to enjoy while working at MCCS include but are not limited to:
• Stability of Federal Civilian Service
• People with passion for doing work that matters
• Quality of Work Life Balance
• Competitive Pay
• Comprehensive Benefit Packages
• Marine Corps Exchange and Base Facility Privileges
Review our benefits
Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.