Position Title: Cyber Security Governance Analyst
As the Cyber Security Governance Analyst, you’ll provide recommendations, create documentation, and revise documentation and guidance for standards and policies. Perform Cybersecurity strategy and policy analysis, provide recommendations for documentation and implementation enhancements, and analyze the development of Cybersecurity and continuous monitoring strategy and policy documents and processes to support the client. The orchestration of vulnerability management practices in all stages of system and application security will be the primary focus. While ensuring vulnerability remediation activities align with enterprise risk management strategy, the candidate must demonstrate strong communication skills. Written and verbal collaboration with stakeholders on vulnerability standards and technical working groups will be a critical skill for presenting innovative solutions to the client. This position is open to remote delivery anywhere within the U.S., including the District of Columbia.
You have:
- 5+ years of experience creating, revising, and updating Information Technology Standards and Policies
- Experience performing business analysis on cybersecurity programs
- Experience with maintaining cyber policies, regulations, and compliance documents
- Experience with strategic planning that improves Vulnerability Management (VM) programs within large/complex environments
- Knowledge of the RMF process
- Ability to identify how security controls are implemented and knowledge to shape standards
- Ability to exhibit strong written and oral communications skills, proactive in nature with customer satisfaction as the primary goal
- Ability to lead and engage a team of teams (internal/client) and ability to forge relationships across multiple stakeholder groups to mature VM
- HS diploma or GED and 18+ years of relevant experience or BS degree in CS, IT, or Engineering and 10+ years of relevant experience
Nice if you have:
- Knowledge of NIST Standards and System Development Life Cycle (SDLC) and Capability Maturity Model Integration (CMMI) methodologies
- Experience with maintaining a secure Cyber environment through configuration management, administration, and response actions
- Experience with engineering, implementing, and monitoring security measures for the protection of systems, networks, and information
- Experience with Microsoft Teams, Microsoft Visio, and Microsoft Office
- Experience as a Systems Certifier
- Experience with NIST security controls, governance, risk management, and compliance
- Ability to be innovative in providing solutions and quickly learn new technologies and tools
- Possess a technical background in guiding policymakers and interpreting existing policy in accordance with Federal objectives
- Public Trust clearance
- CISSP certification
Job Type: Full-time
Pay: $100,000.00 - $115,000.00 per year
Benefits:
- 401(k)
- 401(k) matching
- Dental insurance
- Health insurance
- Paid time off
Schedule:
- 8 hour shift
- Day shift
- Monday to Friday
Education:
Experience:
Work Location: Remote