• Help



    Announcement may be used to fill similar positions within 90 days of the closing date.

    This announcement will be used to fill vacancies through OPM-authorized Direct Hire Authority (DHA) for IT Specialist (Information Security and Cybersecurity), GS-2210-09 through GS-2210-15; 5 U.S.C. 3304(a)(3), 5 CFR part 337.

    This position is processed under Direct Hire authority. Veterans' Preference and Category Rating procedures DOES NOT APPLY.

    For more information, click here:

    About this agency

    Learn more about this agency


    Due to the current events surrounding COVID-19, telework will be mandatory. When it is determined that EXIM will be moving to the reopening phase, the expectation will be to physically return to the office. Telework days and any waiting periods for eligibility will be determined at that time.

    This position is in the Infrastructure Engineering Unit, Office of Information Management and Technology (OMT), Export-Import Bank of the United States (EXIM) and reports to the Director of IT Infrastructure Engineering and Operations.

    The incumbent serves as the Bank's Cybersecurity Specialist (IT Security Manager) operating the Bank's Security Operations Center (SOC) responsible for ensuring confidentiality, integrity, and availability of the Bank's IT systems, networks, and data (whether on premises or in the cloud) through the use of a combination of on premises and hosted Cybersecurity tools and services.

    At the full performance level, duties include, but are not limited to:

    • Serves as the Cybersecurity Operations & Computer Incident Response Team (SOC/CIRT) Specialist to implement and operate the Bank's SOC/CIRT Operations
    • Provides technical advice, guidance, and assistance on cyber security events/incidents; and analyzes and identifies effective responses to reported incidents.
    • Identifies and analyzes threats, provides mitigation strategies, and documents and presents the impact of resulting attacks via Executive Summaries, After Action Reports, and Metrics Reports to improve and enhance the VA security posture to management and senior leadership.
    • Responds to potential cyber security events/incidents by analyzing the impact, scope, and trends, and provides containment recommendations; validates appropriate response actions were adhered to and the cyber incident has been properly handled/closed out.
    • Serves as a SME on issues relating to the vulnerabilities and threats to enterprise and coordinates appropriate mitigation strategies information systems and network devices.
    • Oversees the monitoring of the Security Information and Event Management solution, other security tools, situational awareness reports, and open-source intelligence to identify anomalous activity, malicious artifacts, indicators of compromise and take corrective actions.
    • Works with the Bank's Managed Trusted Internet Protocol Service (MTIPS) provider and other cloud-hosted cybersecurity services, including the Department of Homeland Security suite of cybersecurity tools, and on premises security tools in order to conduct continuous monitoring, diagnostics, mitigation, and remediation of identified cybersecurity threats and vulnerabilities.
    • Serves as a SME for the Bank's Continuous Diagnostics and Mitigation (CDM) program, responsible for the development and maintenance of the strategy, implementation, tactics, techniques, and procedures for the agency's tools, processes, and agency dashboard reporting requirements.
    • Responds to crisis or urgent situations within the Bank's enterprise to mitigate immediate and potential threats and use mitigation, preparedness, and response and recovery approaches, as needed, to protect information security of the Bank's IT systems, network, and data whether on premises or in the cloud.
    • Conducts assessments of threats and vulnerabilities, determines deviations from acceptable configurations, enterprise or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations.
    • Provides Security Engineering support. Collaborates with external Bank cybersecurity providers regarding installation, configuration, test, operations, maintenance, and management of on premises and cloud hosted.
    • Supports Security Engineering and collaborates with external Bank Cybersecurity providers regarding installation, maintenance, and management of on premises and cloud hosted cybersecurity devices and sensors. Including firewall/IPS configuration to support EXIM's mission while protecting the security posture. Ensures the confidentiality, integrity, and availability of EXIM's Information Systems.
    • Tracks and reports to IT management on the responsiveness, performance, and effectiveness of externally hosted cybersecurity services provided to the Bank by our external cybersecurity providers. Makes recommendations for improvement or alternatives as needed.
    • Ensures the adequacy of access control, passwords, and account creation and administration.
    • Oversees the Bank's vulnerability management program which includes the Vulnerability Disclosure Program. Works with stakeholders to address technical concerns, tracks mitigation activities, and coordinates requests for risk acceptances. Monitors and reports on end-of-life software, DHS Binding Operational Directives and other critical vulnerability management activities.

    Travel Required

    Occasional travel - You may be expected to travel for this position.

    Supervisory status


    Promotion Potential


This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/GetJob/ViewDetails/595956700. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.