4229 Senior Cybersecurity Specialist

OVERVIEW:

The IA&E Engineer provides advanced cybersecurity engineering and infrastructure expertise in support of Treasury's enterprise-wide SOC operations under TESIEMS. This position is responsible for designing, integrating, and maintaining secure compute, storage, and virtualization environments across both on-premise data centers and cloud environments (AWS). The engineer applies deep technical knowledge of Linux systems, virtual machines, and enterprise infrastructure to optimize SOC monitoring, strengthen Treasury's cybersecurity posture, and ensure resilient, scalable operations across the Department.

GENERAL DUTIES:

• Engineer and administer on-premise compute and storage solutions to support SOC operations. Design, deploy, and maintain AWS compute and storage resources, integrating with Treasury's hybrid cloud environment.
• Support virtual machine provisioning, configuration, and lifecycle management across enterprise workloads.
• Administer and harden Linux servers and systems in alignment with Treasury cybersecurity baselines.
• Implement and maintain enterprise security controls across compute, storage, and virtual environments. Support system integration activities to ensure seamless data flow and visibility for SOC monitoring tools.
• Conduct vulnerability assessments, system hardening, and security patch management for infrastructure components.
• Ensure alignment with DISA STIGs, NIST RMF, FISMA, and other federal security standards.
• Provide Tier III engineering support for SOC analysts by troubleshooting infrastructure, logging, and monitoring issues.
• Collaborate with SIEM, SOAR, and content teams to ensure infrastructure feeds data efficiently and securely into monitoring platforms.
• Support incident response activities by analyzing system and infrastructure logs to identify root causes of incidents.

REQUIRED QUALIFICATIONS:

• Bachelor's degree from an accredited institute in an area applicable to the position in Cybersecurity, Computer Science, Information Systems, or a related discipline.
• Seven (7) years experience. Three additional years of experience in lieu of degree.
• Deep technical knowledge and proficiency in cybersecurity principles and practices. Problem-solving complex and unclear technical issues.
• Collaboration with internal cybersecurity experts.
• Strong analytical and critical thinking skills.
• Understanding of impact assessment on end-products or solutions.
• Broad technical understanding of related cybersecurity specialty areas.
• Ability to develop and implement technical solutions independently.
• Familiarity with incident detection, response, and security event management.
• Proficiency in tools such as SIEMs (e.g., Splunk), IDS/IPS, endpoint detection, and scripting languages.
• Familiarity with NIST SP 800-53, FISMA, and risk management frameworks.
• Experience with scripting (e.g., Python, Bash) and log data analysis.

CLEARANCE:

• Secret minimum