GatherJob
Back to jobs
E
Export-Import Bank of the United States

IT Specialist (INFOSEC) - Direct Hire

Export-Import Bank of the United States
Washington, District of ColumbiaOn-siteengineering $144k – $187k/yr Today

Announcement may be used to fill similar positions within 90 days of the closing date. This announcement will be used to fill vacancies through OPM-authorized Direct Hire Authority (DHA) for IT Specialist (Information Security, GS-2210-09 through GS-2210-15 and Cybersecurity, GS-2210-12 through GS-2210-15). This position is processed under Direct Hire authority. For more information, click here: About this agencyThis position is in the Office of Chief Information Officer (OCIO), Infrastructure Engineering Unit (IEU). The OCIO directs and implements EXIM's Cybersecurity Program to ensure security controls are appropriately applied to EXIM systems for the protection of privacy, and to ensure confidentiality, integrity, and availability of information. Also, the OCIO enforces cybersecurity standards and security control parameters that comply with Office of Management and Budget (OMB) and other federal government securityrequirements. The IEU oversees the daily Information Technology (IT) Infrastructure operational support and management activities consisting of IT Security support, and customer support and services.Duties include, but are not limited to: Serves as the operational authority for the Bank's Security Operations Center (SOC) and Computer Incident Response Team (CIRT). Directs enterprise detection and response activities across on premises, cloud, and externally hosted environments. Establishes incident classification standards, response thresholds, escalation protocols, and operational response procedures. Exercises authority to declare cybersecurity incidents, direct containment and coordination actions, and initiate executive escalation in accordance with Bank policy. Ensures SOC activities produce measurable security outcomes, including timely detection, coordinated response, defensible documentation, and alignment with federal reportingrequirements. Owns the design, tuning, and operational performance of enterprise monitoring capabilities. Directs development and refinement of detection logic, correlation rules, alert thresholds, analytic use cases, and investigative workflows to improve threat visibility and reduce false positives. Ensures comprehensive logging and telemetry coverage across identity systems, endpoints, network infrastructure, cloud platforms, and SaaS services. Validates that monitoring capabilities provide sufficient visibility to detect misuse, compromise, insider activity, and control failures in near real time. Establishes and monitors SOC performance indicators measuring detection latency, response timeliness, incident recurrence, systemic control weaknesses, and contractor service effectiveness. Develops executive dashboards and operational reports communicating enterprise cyber risk posture, emerging threat patterns, and areas requiring remediation or architectural improvement. Evaluates performance of managed security services and external providers to ensure monitoring, escalation, and reporting activities

Opens the company's application page

About the company

Export-Import Bank of the United States

Export-Import Bank of the United States

Listed via

U

USAJobs

usajobs.gov