Tria Federal (Tria) is Hiring a Senior Cybersecurity Policy Analyst Near Vienna, VA
Remote Full Time Ability to obtain and maintain a Public Trust*
US Citizenship and the ability to obtain and maintain the clearance level stated above are required for this specific opportunity. Tria Federal (Tria) is unable to sponsor at this time
Who We Are:Tria Federal (Tria) is the premier middle-market IT and Advisory services provider delivering digital transformation solutions to Civilian, Defense, and Intelligence agencies across the federal sector. With a future-forward vision and a mission rooted in service, we bridge capability gaps to help government agencies work faster, grow smarter, and stay nimble in the face of change. Wherever our customers are in their modernization journey, we are the trusted navigator in the path to possible. Follow us on LinkedIn#PoweringPossibleWho You Are:You are a talented Senior Cybersecurity Policy Analyst with at least 3 years of experience and a passion for thinking big, taking action, and delivering exceptional results. You are outcome-driven, quality-obsessed, and relentlessly focused on innovation as a value-driver for world-class delivery, client satisfaction, and performance. You’re looking to grow as a professional in a team-oriented environment where you can put your fingerprint on mission-critical projects impacting the citizens we serve. Military Veterans and individuals with disabilities are encouraged to apply! About This Role:Favor TechConsulting, LLC (FTC) a wholly-owned subsidiary of Tria Federal (Tria) is seeking a talented Senior Cybersecurity Policy Analyst. Lead the analysis, design, implementation, and support of cyber security policy—specifically as it pertains to Risk Management Framework (RMF) Step 6: Monitor—by collaborating with business customers, end-users, and project managers to capture and document business and technical requirements. Support the full lifecycle of requirements management and implementation by participating in requirements elaboration and design, and then ensuring developed written policies and other associated deliverables match requirements. Specifically, support the development of the Department of Veterans Affairs (VA) Information Security Continuous Monitoring (ISCM) Program through stakeholder engagement, policy development, metric development, and tool/data source cataloging. Apply a deep understanding of RMF, and NIST Special Publications such as 800-137, 800-37, 800-53, and 800-55 to the development of contract deliverables and all recommendations to the customer. Responsibilities:
Develop and update cybersecurity policies, standards, and procedures based on best practices and regulatory requirements. Ensure policies are aligned with organizational goals and objectives
Collaborate with stakeholders to elicit, gather, analyze, and implement business requirements for cyber security policies. Participate in requirements gathering, elaboration, and refinement sessions with VA stakeholders
Achieve complete technical understanding of the existing VA ISCM and Continuous Diagnostics and Mitigation (CDM) programs, including but not limited to:
Systems architecture, physical and logical network architectures, metrics, data sources and flows, dashboards, other tools, applications, and hardware in use
Associated objectives, strategies, plans, and other existing documentation
Governing and applicable policies, directives, guidance, etc
Develop, update, and oversee the implementation of organizational-level and system-level metrics for the ISCM Program, leveraging a deep understanding of NIST SP 800-53 and the existing tools/capabilities at the agency
Continuously review the existing ISCM tools and data sources at the agency for changes, additions, and disposals. Document findings in a Tools Catalog with relevant information on tool interconnections, reporting frequencies, and capabilities. Provide recommendations for catalog improvements and updates
Propose and/or coordinate reviews, development, and/or updates of security policies, processes, workflows, controls, metrics, and procedures
Design and support the development and implementation of security policies aligned with FISMA and applicable VA documents
Intake, upload, track, and manage business requirements, task management with project management planner and tracking tools designated by customer
Perform problem analysis and analyze, validate, specify, and verify requirements defined by project leads, customers, and end users
Analyze existing business processes, business requirements, and workflows to document “as is” processes and proposed “to be” solutions to guide requirements development efforts
Facilitate executive-level virtual meetings; prepare meeting agenda, capture meeting minutes, and track outcomes and action items
Work proactively and independently to carry out assignments to completion within parameters of instructions given, prescribed routines, and standard accepted practices
Plan, monitor, and control relevant tasks outlined in the contract and statement of work
Function as part of an integrated team sharing products, best practices, and information across the portfolio
Ensure compliance with relevant laws, regulations, and standards such as HIPAA, NIST, and ISO 27001
Conduct regular audits and policy gap analyses to verify adherence to policies and regulations
Liaise with regulatory bodies and ensure timely reporting and documentation as required
Communicate policy changes, security incidents, and updates to stakeholders effectively
Act as a liaison between technical and non-technical teams to ensure clear understanding and implementation of security measures
Ensure that third-party services and products comply with organizational security policies
Evaluate third-party risk through regular evaluations and audits and transpose to organizational policy
The “Need-to-Have” Skills & Qualifications:
Ability to think criticality, develop requirements for a program/project, and then execute on the project from start to finish
Experience in requirements planning, analysis, refinement, and documentation
Technically proficient with the ability to create functional specifications and documentation
Experience in identifying solutions to business issues or problems and thoroughly review and document solutions
Excellent verbal and written communication skills, including ability to effectively communicate with internal and external customers
Strong understanding and familiarity with concepts outlined in NIST SP 800-37, 800-137, 800-53, and 800-55
High attention to detail
Strong problem-solving and analytical skills
Professional Certifications:N/A Education:Bachelor’s Degree in a Business discipline, computer science, or related field Clearance:Ability obtain and maintain a Public Trust Clearance Years of Professional Experience:3 years with the master’s degree 7 years without the master’s degree Required Technical/Business Tools Experience:
Microsoft Office Suite
Microsoft Visio
Microsoft Project
SharePoint
The “Nice-to-Have” Skills & Qualifications:
Experience working as a Federal employee or contractor
Experience in PMO and policy development
Experience working in a consulting environment and understanding of client/customer relations
Familiarity with NISTIR 8011
Familiarity with CISA’s CDM Program
Experience with managing cybersecurity projects and initiatives
Experience in monitoring and improving cybersecurity practices and policies
Ability to perform the essential job functions consistent safely and successfully with the ADA, FMLA and other federal, state, and local standards, including meeting qualitative and/or quantitative productivity standards
Ability to maintain regular, punctual attendance consistent with the ADA, FMLA and other federal, state, and local standards
Must be able to talk, listen and speak clearly on telephone
Ability to work productively, conduct professional business, and be available during normal business hours in a fully remote work environment
Why Tria?What defines the Tria brand is more than just our dedication to excellence in our craft; it’s our incredible team of dedicated, talented, and passionate people that make Tria so exceptional. As people powering possible, we are all partners in our team’s shared success. As a company that cares about people, we seek to cultivate a culture in which all can thrive personally and professionally. We offer a top-tier benefits package to invest in your physical, mental, and financial health and wellness so that you can be your best self - at work and in life. At Tria, we are growth-minded, entrepreneurial in spirit, and committed to fostering a culture of inclusion and opportunity for all. Whatever your background, your role, your department, or stage in your professional journey, here you will have opportunities to learn new skills, seize new challenges, and advance your career as we grow. Job Listing ID: job_20240530151817_KKAJ96EW1TOO12RF Equal Employment Opportunity (EEO):Tria Federal (Tria) is a Federal Contractor and EEO, OFCCP, VEVRAA, and Affirmative Action Employer. As an Equal Employment Opportunity provider, Tria follows the protection of federal, state, and local law: Qualified applicants will receive consideration for employment without regard to race, color, creed, religion, age, national origin, marital status, disability, veteran status, sexual orientation, gender identity or expression, marital status, or genetic information. U.S. Citizenship is required for this specific opportunity as Tria is unable to sponsor at this time. All selected applicants will be subject to a Minimal Background Investigation (MBI) and a government security investigation (when applicable) depending on the specific program and position listed. This includes but is not limited to: meeting the eligibility requirements for access to classified information and the ability to obtain a government-granted security clearance. Individuals may also be subject to a background investigation including, but not limited to: criminal history, employment verification, education verification, drug testing, and creditworthiness. Qualified individuals with a disability have the right to request a reasonable accommodation. If you are unable or limited in your ability to use or access the Tria careers website as a result of your disability, please request a reasonable accommodation by sending an e-mail to hrhelp@triafed.com or call (703) 229-5888. Include the nature of your request, along with your name and contact information. Powered by JazzHR ZpbDBvlWtM