IT SECURITY POLICY SPECIALIST

IT SECURITY POLICY SPECIALIST

MILITARY FRIENDLY & PREFERRED - HOH SPONSOR

Zermount Inc. is seeking a Cybersecurity Policy Specialist to assist in interpreting and implementing IT policy initiatives. Typical support includes assistance with long-term strategy development, tracking legislation, and making policy recommendations. Meet with customer, often on a daily basis to relay progress and establish priorities.

DUTIES & RESPONSIBILITIES

• Assist with reviewing and interpreting Executive Orders (EOs), OMB memos, Public Law (PL), DHS directives such as Binding Operational Directives (BODs), DHS Undersecretary Memos, NIST SPs, recommended best practices or other external source documents.
• Develop cybersecurity policy documents to address identified gaps or changes emanating from government mandates, as needed.
• Revise and enhance current IAD Cybersecurity Policy Team standard operating procedures (SOPs), technical standards (TSs), management directives (MDs), government forms, and Open-Source Software (OSS) guides, SSI Program and Privacy Office related document reviews, and related Notification Memos, as well as capturing summary of changes.
• Deliver individual weekly status reports and corresponding briefings. Weekly status report should reflect the following:
  • Weekly work accomplished
  • 2 weeks of ongoing and planned tasks
  • Risks, and issues impacting assigned tasks.
• Present, provide a concise overview, and clarify all data in the weekly status report to management and government client.

QUALIFICATIONS

• Minimum of 7 years of IT cybersecurity experience including direct support for the US Government AND 4 years acting as an ISSO, Assessor, or Compliance Analyst; OR
• A relevant Bachelor's Degree in IT, Computer Science or Engineering AND 5 years of IT cybersecurity experience including direct support for the US Government OR 4 years acting as an ISSO, Assessor, or Compliance Analyst
• Knowledge of NIST Guidelines and FISMA Cybersecurity compliance requirements.
• Knowledge of and experience using relevant cybersecurity and analysis tools such as Archer, Nessus Security Center, Splunk, etc.
• Experience in writing and revising security policies and procedures.
• Experience communicating effectively, both oral and written, with technical, non-technical, and executive-level clients.
• Must have the ability to effectively develop weekly status reports that are consistent, well structured, answer to all assigned management templates guidelines, align with the task area of support, and are relevant to the reporting period.
• Proficient in MS Suite, including PowerPoint and MS Project (and other MS tools as required by the management team).

EDUCATION

Bachelor preferable but professional experience is permitted.

• A relevant Bachelor's degree in IT, Computer Science or Engineering with 5 years of IT cybersecurity experience including direct support for the US Government OR A relevant degree and 4 years acting as an ISSO, Assessor, Policy or Compliance Analyst; OR
• 7 years minimum of IT Cybersecurity experience including direct support of the US government AND 4 years acting as an ISSO, Assessor, or Compliance Analyst.

CERTIFICATIONS (Required)

A minimum of at least one of the following security certifications:

• Certified Authorization Professional (CAP)
• Certified Information Systems Security Officer (CISSO)
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)

CLEARANCE

• Minimum of an active Secret Clearance.

WORK LOCATION

Remote; occasional onsite meetings at contractor site and TSA HQ in Springfield, Virginia.

HOURS OF OPERATION

• Business Hours: 8:00 am EST - 4:30 pm EST.