Duties
This position is in the Office of Chief Information Officer (OCIO), Infrastructure Engineering Unit (IEU). The OCIO directs and implements EXIM's Cybersecurity Program to ensure security controls are appropriately applied to EXIM systems for the protection of privacy, and to ensure confidentiality, integrity, and availability of information. Also, the OCIO enforces cybersecurity standards and security control parameters that comply with Office of Management and Budget (OMB) and other federal government security requirements. The IEU oversees the daily Information Technology (IT) Infrastructure operational support and management activities consisting of IT Security support, and customer support and services.
Duties include, but are not limited to:
- Serves as the operational authority for the Bank's Security Operations Center (SOC) and Computer Incident Response Team (CIRT). Directs enterprise detection and response activities across on premises, cloud, and externally hosted environments. Establishes incident classification standards, response thresholds, escalation protocols, and operational response procedures. Exercises authority to declare cybersecurity incidents, direct containment and coordination actions, and initiate executive escalation in accordance with Bank policy. Ensures SOC activities produce measurable security outcomes, including timely detection, coordinated response, defensible documentation, and alignment with federal reporting requirements.
- Owns the design, tuning, and operational performance of enterprise monitoring capabilities. Directs development and refinement of detection logic, correlation rules, alert thresholds, analytic use cases, and investigative workflows to improve threat visibility and reduce false positives. Ensures comprehensive logging and telemetry coverage across identity systems, endpoints, network infrastructure, cloud platforms, and SaaS services. Validates that monitoring capabilities provide sufficient visibility to detect misuse, compromise, insider activity, and control failures in near real time.
- Establishes and monitors SOC performance indicators measuring detection latency, response timeliness, incident recurrence, systemic control weaknesses, and contractor service effectiveness. Develops executive dashboards and operational reports communicating enterprise cyber risk posture, emerging threat patterns, and areas requiring remediation or architectural improvement. Evaluates performance of managed security services and external providers to ensure monitoring, escalation, and reporting activities support enterprise risk management objectives.
- Oversees the Bank's vulnerability management program which includes, but is not limited to, the Vulnerability Disclosure Program. Conducts vulnerability and configuration baseline scan. Works with stakeholders to address technical concerns, tracks mitigation activities, and coordinates requests for risk acceptances. Monitors and reports on end-of-life software, prepare DHS Binding Operational Directives, OMB, GSA and White House data calls, and other critical vulnerability and patch management activities.
- Leads the modernization and evolution of the Bank's Security Operations Center through the development and operational adoption of agentic security capabilities, autonomous workflows, and AI enabled cyber defense technologies. Establishes governance, validation, and oversight mechanisms to ensure agentic capabilities operate in a controlled and auditable manner. Identifies opportunities to augment analyst activities through intelligent automation, orchestration, and decision support to improve detection, investigation, response, and vulnerability management processes. Directs the development of use cases, operational procedures, and performance measures supporting human supervised autonomous operations. Evaluates emerging technologies and ensures implementation of agentic capabilities aligns with enterprise architecture, cybersecurity policy, privacy requirements, and federal guidance. Drives continuous improvement of SOC operations to increase speed, scale, and effectiveness while maintaining accountability, transparency, and analyst oversight.
Requirements
Conditions of employment
- U.S. Citizenship
- Background and Security/Suitability Investigation
- You may be required to serve a one year probationary period
- Specialized experience MUST be documented on your resume
- Current or Former Political Appointees: If you are, or have been employed in the last 5 years, you must disclose this information. Failure to do so may result in disciplinary action including removal from Federal Service.
- CRITICAL SENSITIVE National Security position (requires Top Secret and SCI access)
- May require financial disclosure of personal and immediate family financial holdings, outside positions, and interests.
Qualifications
CONDITION OF EMPLOYMENT: CRITICAL SENSITIVE (requiring Top Secret & SCI access)
This position is designated as a CRITICAL SENSITIVE National Security position. Prior to appointment (Entrance on Duty), it requires a fully completed and favorably adjudicated National Security Background Investigation (SSBI or SSBI-PR) that is current (within the last 5 years). Once employed, further processing for special access approval (SCI) will occur.
Specialized Experience (Credit for Specialized Experience on resume must reflect 40 hours/Full-time per week for each period of work):
GS-14: You must have one (1) year of specialized experience that has equipped you with the particular knowledge, skills, and abilities to successfully perform the duties of the position, and that is typically in or related to the work of the position to be filled. To be creditable, specialized experience must have been equivalent to at least the GS-13 level in the Federal Government or other equivalent pay systems. Specialized experience includes:
- Experience providing practical and technical leadership in the cybersecurity areas of continuous monitoring and diagnostics, situation awareness and threat assessment, vulnerability assessment and management, incident response operations and management;
- Experience in selection and acquisition of cybersecurity tools, setup/deployment, configuration and use; and
- Experience serving in the capacity of a Technical Point of Contact (TPOC) or Contracting Officer Representative (COR) for IT Operational Security Services, tools and projects.
In addition to the Specialized Experience noted above, applicants must also meet and demonstrate the IT-related experience demonstrating each of the four competencies listed below:
- Attention to Detail: Is thorough when performing work and conscientious about attending to detail.
- Customer Service: Anticipates and meets the needs of both internal and external business partners and customers (any individuals who use or receive the services or products that your work unity produces including the general public, individuals who work in the agency, other agencies, or organizations outside the Government). Provides information or assistance. Delivers high quality products and services; is committed to continuous improvement. Effectively manages customer relationships.
- Oral Communication: Makes clear and convincing oral presentations to individuals and groups. Listens effectively; clarifies information, as needed. Speaks and writes in a clear, concise, organized, and convincing manner that is appropriate to the audience. Facilitates an open exchange of ideas to ensure all group input is considered. Handles technical, sensitive, or controversial topics with agility involving executives/managers as appropriate.
- Problem Solving: Identifies and analyzes problems, weighs relevance and accuracy of information, generates and evaluates alternative solutions, and makes sound recommendations.
Education cannot be substituted for experience at the GS-14 grade level.
For qualification determinations, your resume must contain the following for each work experience listed:
- Organization/Agency's Name
- Title
- Salary (series and grade, if applicable)
- Start and end dates (including the month and year)
- Number of hours you worked per week
- Relevant experience that supports your response to the specialized experience that is stated in the job announcement
If your resume does not contain this information, your application may be marked as incomplete and you will not receive consideration for this position.
NOTE: Do not copy and paste the duties, specialized experience, or occupational assessment questionnaire from this announcement into your resume as that will not be considered a demonstration of your qualifications and your application may be marked as incomplete/ineligible and you will not receive consideration for this position.
Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community; student; social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.
Part-time and/or unpaid experience related to this position will be considered to determine the total number of years and months of experience. Be sure to note the number of paid or unpaid hours worked each week.
Foreign Education: If you are qualifying by education and/or you have education completed in a foreign college/university described above, it is your responsibility to provide transcripts and proof of U.S. accreditation for foreign study. Please visit the following links for more information:
Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from
schools accredited by accrediting institutions recognized by the U.S. Department of Education.
Additional information on the qualification requirements is outlined
here.
All requirements must be met by 07/15/2026, the closing date of the announcement.
Additional information
Current or Former Political Appointees: Pursuant to the Office of Personnel Management (OPM) oversight authority under section 1104(b)(2) of title 5, United States Code (U.S.C.) and section 5.2 of title 5, Code of Federal Regulations, OPM requires agencies to seek their approval prior to appointing any current or former political appointee to a permanent position (without time limits) in the civil service. A former or recent political appointee is someone who held a political appointment covered by OPM's policy within the previous 5-year period. OPM's oversight in this area safeguards merit system principles as well as fair and open competition free from political influence. If you are currently employed, or have been employed within the last 5 years, you must disclose this information. Failure to disclose this information could result in disciplinary action including removal from Federal Service.
Please visit the following link for the types of political appointments.
Agency Career Transition Assistance Program (CTAP) or the Interagency Career Transition Assistance Program (ICTAP) Eligibles: If you have never worked for the Federal government, you are not CTAP/ICTAP eligible. Information about ICTAP or CTAP eligibility can be found by clicking here to access OPM's Career Transition Resources website.
Veterans: All veterans must meet the qualification requirements of the position for further consideration. For more information on veterans' preference, please click here.
Selective Service: If you are a male applicant born after December 31, 1959, you must certify that you have registered with the Selective Service System, or are exempt from having to do so under the Selective Service Law.
This agency provides reasonable accommodation to applicants with disabilities. If you need a reasonable accommodation for any part of the application and hiring process, please notify the agency. The decision on granting reasonable accommodation will be made on a case-by-case basis.
Ethical Standards/Financial Disclosure:
EXIM is committed to the highest ethical standards. As an employee, you will be covered by the criminal conflict of interest statutes and the Standards of Ethical Conduct for Employees of the Executive Branch. You will be required to complete new employee ethics training within 3 months of your appointment.
If this position is subject to financial disclosure requirements (either public or confidential depending upon your position), you will be required to complete a new entrant financial disclosure report within 30 days of your appointment.
Candidates should be committed to improving the efficiency of the Federal government, passionate about the ideals of our American republic, and committed to upholding the rule of law and the United States Constitution.
A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.
Review our benefits
Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.
How you will be evaluated
You will be evaluated for this job based on how well you meet the qualifications above.
You will be evaluated for this position based on how well you meet the qualifications above.
This position is processed under a Direct Hire authority; therefore, veteran's preference and Category Rating procedures do not apply.
Your resume and supporting documentation will be used to determine whether you meet the job qualifications listed on this announcement. If you are minimally qualified for this position, your resume and supporting documentation will be referred to the selecting official for employment consideration.
You will be notified by email if your application is forwarded to the hiring official for further consideration.
If it is determined that your technical competencies do not meet the proficiency requirements for this position to move forward to the next evaluation stage, you will be notified by email.