Cyber Security Policy Specialist - Arlington, VA
Cyber Security Policy Specialist to support the Governance, Risk and Compliance capabilities in the cyber security area for our federal client. In this role you will utilize your experience as a cyber security professional to provide policy, program and risk management support to our federal client in maturing their Information Security Program.
What you’ll be doing:
- Interface with cyber security and technical subject matter experts to gather information to inform policy statements, and develop/update organizational policies accordingly.
- Use your experience with the NIST standards and special publications to produce, maintain and update security policies, technical guidance, and Standard Operating Procedures (SOPs).
- Develop, review, analyze, document, and maintain current and new security process documents including but not limited to SOPs, templates, plans, manuals, workflows, requirements documents, job aids, web content, and other security guidance documentation.
- Perform periodic reviews of documentation and current publications to identify and inform recommendations for improving policies, processes, and procedures based on new and/or evolving Federal standards, requirements and/or guidelines.
- Provide planning, documentation, logistics, and execution support for cyber security and risk management meetings, including meeting facilitation and documenting associated meeting minutes.
- Develop and maintain content related to the client’s Information Security Program on the client Intranet and SharePoint Site(s).
- Lend cybersecurity and risk management expertise to a diverse set of enterprise programs and initiatives.
- Research, review, monitor, and report on industry best practices, latest cyber security developments and trends, standards, and guidelines, and apply these to the Federal environment.
- Identify and implement process improvement initiatives that contribute to and enhance the efficacy of the client’s Information Security Program.
- Bachelor’s degree with 5+ years’ experience in implementing Cybersecurity and risk management best practices in Federal agencies
- Direct experience with FISMA/NIST standards and special publications is required.
- Direct experience with NIST 800-53
- Direct experience with NIST 800-37
- Experience working with Federal clients
- Familiarity with and experience assisting Federal agencies implement and align organizational security policies and practices to NIST Standards as well as Office of Management and Budget (OMB) and Department of Homeland Security (DHS) policies and directives.
- Strong written and verbal communication skills
- Familiarity with the ATO process
- CISSP certification
- Cyber security policy development/writing highly desired.
- Experience in designing and implementing security standards and best practices.
- Hands-on experience using content management systems, specifically Adobe CQ5, and experience as a SharePoint Administrator
- Hands-on experience in establishing and maturing an organization’s Security Program.
- Program/project management experience.
- Strong analytical, problem-solving and decision making capabilities.
- Strong written and verbal communication skills.
- Proven track record of providing high quality professional services to Federal clients.
- Demonstrated history of positive customer-oriented interactions.
- Aptitude for working autonomously in a dynamic and fast-paced environment.
- Ability to multi-task and prioritize according to changing circumstances.