IT Specialist (INFOSEC) - Direct Hire
What you'd do
Announcement may be used to fill similar positions within 90 days of the closing date. This announcement will be used to fill vacancies through OPM-authorized Direct Hire Authority (DHA) for IT Specialist (Information Security, GS-2210-09 through GS-2210-15 and Cybersecurity, GS-2210-12 through GS-2210-15). This position is processed under Direct Hire authority. Veterans' Preference and Category Rating procedures DOES NOT APPLY. For more information, click here: About this agency
Major duties
This position is in the Office of Chief Information Officer (OCIO), Infrastructure Engineering Unit (IEU). The OCIO directs and implements EXIM's Cybersecurity Program to ensure security controls are appropriately applied to EXIM systems for the protection of privacy, and to ensure confidentiality, integrity, and availability of information. Also, the OCIO enforces cybersecurity standards and security control parameters that comply with Office of Management and Budget (OMB) and other federal government security requirements. The IEU oversees the daily Information Technology (IT) Infrastructure operational support and management activities consisting of IT Security support, and customer support and services. Duties include, but are not limited to: Serves as the operational authority for the Bank's Security Operations Center (SOC) and Computer Incident Response Team (CIRT). Directs enterprise detection and response activities across on premises, cloud, and externally hosted environments. Establishes incident classification standards, response thresholds, escalation protocols, and operational response procedures. Exercises authority to declare cybersecurity incidents, direct containment and coordination actions, and initiate executive escalation in accordance with Bank policy. Ensures SOC activities produce measurable security outcomes, including timely detection, coordinated response, defensible documentation, and alignment with federal reporting requirements. Owns the design, tuning, and operational performance of enterprise monitoring capabilities. Directs development and refinement of detection logic, correlation rules, alert thresholds, analytic use cases, and investigative workflows to improve threat visibility and reduce false positives. Ensures comprehensive logging and telemetry coverage across identity systems, endpoints, network infrastructure, cloud platforms, and SaaS services. Validates that monitoring capabilities provide sufficient visibility to detect misuse, compromise, insider activity, and control failures in near real time. Establishes and monitors SOC performance indicators measuring detection latency, response timeliness, incident recurrence, systemic control weaknesses, and contractor service effectiveness. Develops executive dashboards and operational reports communicating enterprise cyber risk posture, emerging threat patterns, and areas requiring remediation or architectural improvement. Evaluates performance of managed security services and external providers to ensure monitoring, escalation, and reporting activities support enterprise risk management objectives. Oversees the Bank's vulnerability management program which includes, but is not limited to, the Vulnerability Disclosure Program. Conducts vulnerability and configuration baseline scan. Works with stakeholders to address technical concerns, tracks mitigation activities, and coordinates requests for risk acceptances. Monitors and reports on end-of-life software, prepare DHS Binding Operational Directives, OMB, GSA and White House data calls, and other critical vulnerability and patch management activities. Leads the modernization and evolution of the Bank's Security Operations Center through the development and operational adoption of agentic security capabilities, autonomous workflows, and AI enabled cyber defense technologies. Establishes governance, validation, and oversight mechanisms to ensure agentic capabilities operate in a controlled and auditable manner. Identifies opportunities to augment analyst activities through intelligent automation, orchestration, and decision support to improve detection, investigation, response, and vulnerability management processes. Directs the development of use cases, operational procedures, and performance measures supporting human supervised autonomous operations. Evaluates emerging technologies and ensures implementation of agentic capabilities aligns with enterprise architecture, cybersecurity policy, privacy requirements, and federal guidance. Drives continuous improvement of SOC operations to increase speed, scale, and effectiveness while maintaining accountability, transparency, and analyst oversight.
What you need to qualify
CONDITION OF EMPLOYMENT: CRITICAL SENSITIVE (requiring Top Secret & SCI access) This position is designated as a CRITICAL SENSITIVE National Security position. Prior to appointment (Entrance on Duty), it requires a fully completed and favorably adjudicated National Security Background Investigation (SSBI or SSBI-PR) that is current (within the last 5 years). Once employed, further processing for special access approval (SCI) will occur. Specialized Experience (Credit for Specialized Experience on resume must reflect 40 hours/Full-time per week for each period of work): GS-14: You must have one (1) year of specialized experience that has equipped you with the particular knowledge, skills, and abilities to successfully perform the duties of the position, and that is typically in or related to the work of the position to be filled. To be creditable, specialized experience must have been equivalent to at least the GS-13 level in the Federal Government or other equivalent pay systems. Specialized experience includes: Experience providing practical and technical leadership in the cybersecurity areas of continuous monitoring and diagnostics, situation awareness and threat assessment, vulnerability assessment and management, incident response operations and management; Experience in selection and acquisition of cybersecurity tools, setup/deployment, configuration and use; and Experience serving in the capacity of a Technical Point of Contact (TPOC) or Contracting Officer Representative (COR) for IT Operational Security Services, tools and projects. In addition to the Specialized Experience noted above, applicants must also meet and demonstrate the IT-related experience demonstrating each of the four competencies listed below: Attention to Detail: Is thorough when performing work and conscientious about attending to detail. Customer Service: Anticipates and meets the needs of both internal and external business partners and customers (any individuals who use or receive the services or products that your work unity produces including the general public, individuals who work in the agency, other agencies, or organizations outside the Government). Provides information or assistance. Delivers high quality products and services; is committed to continuous improvement. Effectively manages customer relationships. Oral Communication: Makes clear and convincing oral presentations to individuals and groups. Listens effectively; clarifies information, as needed. Speaks and writes in a clear, concise, organized, and convincing manner that is appropriate to the audience. Facilitates an open exchange of ideas to ensure all group input is considered. Handles technical, sensitive, or controversial topics with agility involving executives/managers as appropriate. Problem Solving: Identifies and analyzes problems, weighs relevance and accuracy of information, generates and evaluates alternative solutions, and makes sound recommendations. Education cannot be substituted for experience at the GS-14 grade level. For qualification determinations, your resume must contain the following for each work experience listed: Organization/Agency's Name Title Salary (series and grade, if applicable) Start and end dates (including the month and year) Number of hours you worked per week Relevant experience that supports your response to the specialized experience that is stated in the job announcement If your resume does not contain this information, your application may be marked as incomplete and you will not receive consideration for this position. NOTE: Do not copy and paste the duties, specialized experience, or occupational assessment questionnaire from this announcement into your resume as that will not be considered a demonstration of your qualifications and your application may be marked as incomplete/ineligible and you will not receive consideration for this position. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community; student; social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. Part-time and/or unpaid experience related to this position will be considered to determine the total number of years and months of experience. Be sure to note the number of paid or unpaid hours worked each week. Foreign Education: If you are qualifying by education and/or you have education completed in a foreign college/university described above, it is your responsibility to provide transcripts and proof of U.S. accreditation for foreign study. Please visit the following links for more information: http://www.naces.org http://www.fceatlanta.com Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education. Additional information on the qualification requirements is outlined here. All requirements must be met by 07/15/2026, the closing date of the announcement.
Before you apply
Federal applications are different: your resume should be 3–5 pages and mirror the language of this announcement. Read our federal resume guide first — it's the #1 reason qualified people get screened out.
Don't miss the next one.
Get an email the moment a similar federal job opens — postings can close in as little as 5 days.