Cyber Security Analyst (Strategy & Policy)
This position will join a current team supporting the federal client's IT security office, including the Branch Chief and CISO. The candidate will work closely with client staff to assist in the development and documentation of the client's cyber security strategy, governance, and policy. Tasks would include research of existing policy and best practices within the client space and across the industry, development and tailoring of security policy, procedures and templates, and presentation of recommendations to client leadership.
Tasks may also include development of content for security-related training. This candidate will need to leverage institutional knowledge and provide thought leadership to help drive and shape the client's future cyber security posture. The candidate should have a comprehension of FISMA, NIST 800-37 RMF, NIST 800-53 and 53A, FedRAMP, security control assessments and frameworks, POA&M management, risk management, and continuous monitoring.
Possess a knowledge and understanding of cyber security strategy, governance, and policies within the federal space
Understanding of cyber frameworks such as the Risk Management Framework (RMF) and NIST CyberSecurity Framework (CSF)
Experience witch cybersecurity risk analysis matters
Possess excellent written and verbal communication skills, including experience in developing engaging presentations
Possess excellent interpersonal skills, including interfacing effectively with senior leadership and a broad range of people and roles
Must be detail-oriented with the ability to multi-task, and have strong organizational skills
Bachelor’s Degree with minimum 7 years cyber security experience
Ability to obtain Public Trust clearance
Security+, CAP, CISSP, CISA, or CISM – preferred but not required
Experience interfacing with external auditors and responding to GAO or IG audit
Location: DC Client Location (Near Union Station) – some remote work permitted
Job Type: Full-time