IT Specialist (INFOSEC)

Full Job Description

Announcement may be used to fill similar positions within 90 days of the closing date.

This announcement will be used to fill vacancies through OPM-authorized Direct Hire Authority (DHA) for IT Specialist (Information Security, GS-2210-09 through GS-2210-15 and Cybersecurity, GS-2210-12 through GS-2210-15).

This position is processed under Direct Hire authority. Veterans' Preference and Category Rating procedures DOES NOT APPLY. For more information, click here.

About this agency Specialized Experience (Credit for Specialized Experience on resume must reflect 40 hours/Full-time per week for each period of work): GS-14: You must have one (1) year of specialized experience that has equipped you with the particular knowledge, skills, and abilities to successfully perform the duties of the position, and that is typically in or related to the work of the position to be filled.

To be creditable, specialized experience must have been equivalent to at least the GS-13 level in the Federal Government or other equivalent pay systems.

Specialized experience includes: Experience in IT operations and management (i.e., cybersecurity, helpdesk, and network and systems) Experience in Cyber Security protocols and Intrusion Detection Systems to monitor and enforce system logs and auditing management principles; and Experience in multi-facet network architecture platform and topology, including file and email services, portal web-service, micro systems, and integration with mainframes (Windows, Linux, and IBM Middleware components).

In addition to the Specialized Experience noted above, applicants must also meet and demonstrate the IT-related experience demonstrating each of the four competencies listed below: Attention to Detail: Is thorough when performing work and conscientious about attending to detail.

Customer Service: Anticipates and meets the needs of both internal and external business partners and customers (any individuals who use or receive the services or products that your work unity produces including the general public, individuals who work in the agency, other agencies, or organizations outside the Government).

Provides information or assistance. Delivers high quality products and services; is committed to continuous improvement. Effectively manages customer relationships.

Oral Communication: Makes clear and convincing oral presentations to individuals and groups. Listens effectively; clarifies information, as needed.

Speaks and writes in a clear, concise, organized, and convincing manner that is appropriate to the audience. Facilitates an open exchange of ideas to ensure all group input is considered.

Handles technical, sensitive, or controversial topics with agility involving executives/managers as appropriate.

Problem Solving: Identifies and analyzes problems, weighs relevance and accuracy of information, generates and evaluates alternative solutions, and makes sound recommendations.

Education cannot be substituted for experience at the GS-14 grade level.

For qualification determinations, your resume must contain the following for each work experience listed: Organization/Agency's Name Title Salary (series and grade, if applicable) Start and end dates (including the month and year) Number of hours you worked per week Relevant experience that supports your response to the specialized experience that is stated in the job announcement If your resume does not contain this information, your application may be marked as incomplete and you will not receive consideration for this position.

NOTE: Do not copy and paste the duties, specialized experience, or occupational assessment questionnaire from this announcement into your resume as that will not be considered a demonstration of your qualifications and your application may be marked as incomplete/ineligible and you will not receive consideration for this position.

Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community; student; social).

Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment.

You will receive credit for all qualifying experience, including volunteer experience.

Part-time and/or unpaid experience related to this position will be considered to determine the total number of years and months of experience.

Be sure to note the number of paid or unpaid hours worked each week.

Foreign Education: If you are qualifying by education and/or you have education completed in a foreign college/university described above, it is your responsibility to provide transcripts and proof of U.S.

accreditation for foreign study.

Please visit the following links for more information: http://www.naces.org http://www.fceatlanta.com Education must be accredited by an accrediting institution recognized by the U.S.

Department of Education in order for it to be credited towards qualifications.

Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education.

Additional information on the qualification requirements is outlined here. Time-in-grade requirements must be met by 04/06/2026, the closing date of the announcement. Major Duties:

This position is to serve as the IT Specialist (INFOSEC) for the Information Technology (IT) Infrastructure Operations, responsible for the daily operational support primarily focused on compliance and security of on premise and cloud infrastructure like desktops, laptops, servers, LAN/WAN, mobile devices, storage systems, and cloud services like Office 365, Amazon and Oracle with the responsibilities for work that involves ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and operational support of information systems cyber security programs, policies, procedures, and tools related to Infrastructure Engineering and Operations which also includes working as a liaison between Infrastructure Operations Branch and IT Security branch.

Duties include, but are not limited to: Serves as the senior expert in primary source for operational, technical and administrative security management of the Bank's IT infrastructure Engineering and Operation branch.

Oversees the development, deployment and enforcement of IT Network and Cyber Security policies and ensuring effective management of IT infrastructure resources to achieve performance, compliance, privacy, and security of the Bank.

Such as maintains awareness of internal and external cyber organization structures, strengths, and employments of staffing and technology.

Responsible for baseline configurations, patch management, security auditing, configuration management, backup/disaster recovery procedures and asset management.

Recommends, schedule, test, and validate deployment of patches, security updates, and other upgrades to servers, workstations, and network components.

Monitors provider's websites to ensure patches are tested and applied in a timely fashion.

Responsible for providing oversight of Infrastructure systems security evaluations, audits, and reviews on desktops, servers, appliances, network devices and firewalls.

Work with IT Security to analyze Vulnerability Alerts to determine the applicability of the alert on Information Technology (IT) assets and assures the required security features, procedures, patches, and updates are implemented in a timely manner to meet all deadlines and to mitigate the vulnerability.

Responsible for IT security documentation related to Infrastructure Engineering and Operations (including baseline security configuration, patch management and compliance reports, vulnerability scan reports, security incident reports, FISMA reports, Audit reports etc.).

Such as ensures that acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines.

Plans for disaster recovery operations and testing, including network performance, security, anti-virus, intrusion, web usage/monitoring, design, and acquisition of servers.

Produce useful system documentation, and perform system startup and shutdown procedures, and maintain control records. Monitor backup infrastructure and perform data backups/restores.

Monitor usage of network to verify the security posture of the system is maintained through proper implementation of network security controls.

Oversee all matters related to the planning, analysis, design, acquisition, configuration, installation, testing, support, maintenance and implementation of EXIM-wide IT systems, applications, mobile services and telecommunications systems.

Utilize extensive knowledge and expertise in cloud platforms, their architecture, implementation, and management such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).