Cybersecurity Policy Specialist

As a Cybersecurity Policy Specialist, this critical position focuses on developing and maintaining comprehensive security policies aligned with NIST and CIS standards. The role involves collaborating with various teams to ensure policies meet organizational needs, conducting regular reviews for compliance, and providing guidance on policy implementation. The ideal candidate will have a strong background in information security, excellent writing skills, and a deep understanding of cybersecurity principles. This position offers opportunities for professional growth within a collaborative work environment, allowing you to make a significant impact on the company's security posture.

Key Responsibilities Include:

1. Develop and maintain security policies, procedures, and guidelines.
2. Ensure alignment with NIST and CIS standards.
3. Collaborate with teams to gather requirements and ensure policies meet organizational needs.
4. Review and update policies regularly to ensure compliance with industry standards and regulatory requirements.
5. Provide guidance on policy implementation and adherence.
6. Conduct training sessions and workshops to educate employees on security policies and best practices.
7. Monitor policy effectiveness and recommend improvements.
8. Stay updated on cybersecurity standards and best practices.
9. Develop policies for Cloud Technical Security Standards, ensuring secure cloud environments.
10. Create guidelines for cryptographic algorithms to protect data.
11. Implement Zero Trust security principles, including least privilege access and continuous verification.
12. Establish network security policies, including firewalls, VPNs, and intrusion detection systems.
13. Develop Identity and Access Management (IAM) policies, including SSO, MFA, and role-based access control.
14. Formulate data security measures, including encryption, data masking, and data loss prevention.
15. Maintain a risk register to document, prioritize, and manage risks effectively.

Skills and Qualifications:

1. Proven experience as a Security Policy Writer on Cloud Technical Security Standards.
2. Excellent writing and communication skills.
3. Ability to translate technical concepts into clear policies.
4. Strong understanding of cybersecurity principles.
5. Expertise in Zero Trust security principles.
6. Proficiency in network security.
7. Experience with Identity and Access Management (IAM).
8. Good understanding of NIST and CIS standards.
9. Familiarity with regulatory requirements (e.g., GDPR, PCI-DSS, ISO 27001).
10. Understanding of cryptographic algorithms.
11. Knowledge of data security measures.
12. Experience in maintaining a risk register.
13. Ability to work independently and collaboratively.
14. Analytical and problem-solving skills.
15. Experience with risk assessment and management.
16. Proficiency in policy management tools.
17. Strong attention to detail and organizational skills.
18. Ability to handle multiple projects and meet deadlines.
19. Bachelor's degree in information security, Computer Science, or related field.

Other Desirable Skills:

1. The Open Group Architecture Framework certification.