We are committed to helping our clients navigate the complex world of technology and security, ensuring that they have the tools and expertise needed to protect critical government assets and data. We develop and execute a strategy for our clients to realize mission goals with the strongest effectiveness possible. We are looking for a knowledgeable and skilled Cybersecurity Policy Analyst to join our team and support our work with the United States federal government. This role is essential in ensuring that our agency leverages technologies and tools while maintaining compliance with federal regulations and safeguarding sensitive information. This is your chance to work with a distinguished federal law enforcement agency committed to maintaining the highest standards of security and integrity.
ContributionsAs a Cybersecurity Policy Analyst, you will help shape our policies and procedures in the ever-evolving landscape of IT security and technology. You will work with senior leaders and clients to assist in the development of enterprise polices, standards, and standard operating procedures governing applications and technologies. You will help our partners navigate the complex world of technology and security, ensuring that they have the tools and expertise needed to protect critical government assets and data. Collaborating with leadership and stakeholders to create comprehensive cybersecurity policies and guidelines that align with federal regulations, security standards, and best practices.
Monitoring and ensuring compliance with policies, regulations, and standards.Conducting research and synthesizing information from various sources and preparing detailed reports, briefings, and presentations.Ensuring policies are comprehensive, clear, and aligned with industry standards and regulatory requirements.Contribute to discussions and planning sessionsManage multiple projects and deadlines efficiently with a strong attention to detail and exceptional organizational skills. This includes setting goals, timelines, and tracking progress.Understand and share the legal and ethical implications of policies, especially in terms of user privacy, data protection, and artificial intelligence.Working closely with IT teams, security teams, legal teams, and other relevant stakeholders to ensure that cybersecurity policies align with the organization's goals and security requirements. QualificationsAbility to hold a position of public trust with the US government.Master's Degree and 3 years of relevant experience in policy analysis, government relations, or related fields, with a focus on data policy, technology policy, cybersecurity, AI ethics, compliance, etc.; ORBachelor's Degree and 5 years of relevant experience; ORNo degree and 9 years of relevant experiencePossesses at least one professional certification relevant to the technical service provided. Maintain a certification relevant to the product being deployed and/or maintained.Mission-driven, team-player mindset. Experience writing cybersecurity policies, technical standards, and standard operating procedures. Desire to get “in the weeds” of technical policy development. Experience applying cybersecurity and data protection frameworks and regulations such as NIST 800-53, HIPAA, GDPR, state privacy regulations, etc.Demonstrated ability to independently strategize and implement cross-functional policy initiatives that address complex technology risks. Strong project management skills including developing work plans/project plans, conducting resource planning, delegating tasks, mitigating risks, managing stakeholder feedback, and communicating project progress to executives. Excellent written and verbal communication skills for communicating policies and procedures to employees, management, and stakeholders can convey complex information clearly to diverse audiences. Understanding of change management best practices and bridging gaps between policy and behavior change.Knowledge of current and emerging cybersecurity and data protection risks, threats, and vulnerabilities.Knowledge of technology risk management best practices.Flexibility to adapt to changing priorities and evolving policy landscapes and quickly learn and apply new information. Ability to assess and weigh current and evolving security threats in an operational environment
Preferred:
Demonstrated knowledge of a variety of IT concepts, practices, and procedures to ensure the secure integration and operation of technology systems.Experience implementing NIST controls. Experience developing, updating and managing policies for a federal organization. DHS preferred.About steampunk
Steampunk is a Change Agent in the Federal contracting industry, bringing new thinking to clients in the Homeland, Federal Civilian, Health and DoD sectors. Through our Human-Centered delivery methodology, we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges. As an employee owned company, we focus on investing in our employees to enable them to do the greatest work of their careers – and rewarding them for outstanding contributions to our growth. If you want to learn more about our story, visit http://www.steampunk.com.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Steampunk participates in the E-Verify program.
Options Apply for this job onlineApplyShareRefer a FriendRefer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed Need help finding the right job? We can recommend jobs specifically for you! Click here to get started. Application FAQsSoftware Powered by iCIMS
www.icims.com