IT SEC POLICY SPECIALIST - SENIOR (SR)

Job Description

Job Description

IT SEC POLICY SPECIALIST - SENIOR (SR)

MILITARY FRIENDLY & PREFERRED - HOH SPONSOR

Zermount, Inc. is seeking an IT Security Policy Specialist - Sr to provide subject matter expertise in the review and analysis of Executive Orders (EO's) (e.g., EO 14028), OMB Memoranda (e.g., OMB M-22-09, M-21-31, etc.), federal requirements and laws, Department directives, policies, and processes. Candidates must use these analyses to develop agency-level policies, processes, procedures, standards, and guidelines by collaborating with stakeholders to understand, document, and implement effective business processes in support of the agency's mission and initiatives.

Duties & Responsibilities

The IT SEC Policy Specialist SR will provide the following support and services :

• Review and interpret Executive Orders (EOs), OMB memos, Public Law (PL), DHS directives such as Binding Operational Directives (BODs), DHS Undersecretary Memos, NIST SPs, best practices, etc. to provide recommendations and potential solutions to meet policy requirements.
• Conduct gap analyses in existing agency policy documentation (policies, processes, SOPs, standards, guidelines, white papers, and training), compliance with cybersecurity mandates, requirements, and best practices. Develop reports and roadmaps to meet compliance requirements and obtain client approval to implement appropriate policy documentation.
• Provide the guidance and insight necessary to meet requirements established through OMB Memoranda or EOs.
• Assist leadership with initiatives to include planning, scheduling, guidance, solutions, reporting, performance metrics, and recommendations.
• Review and interpret Executive Orders (EOs), OMB memos, Public Law (PL), DHS directives such as Binding Operational Directives (BODs), DHS Undersecretary Memos, NIST SPs, and recommended best practices. Provide recommendations and potential solutions to meet requirements.
• Conduct gap analyses in existing Agency policy documentation (policies, processes, SOPs, standards, guidelines, white papers, and training) for compliance with Cybersecurity mandates, requirements, and best practices. Develop a report and roadmap to meet compliance requirements and obtain client approval to implement appropriate policy documentation.
• Provide guidance and insights necessary for meeting requirements established through OMB Memos or Executive Orders.
• Assist leadership with initiatives, including planning, scheduling, guidance, solutions, reporting, performance metrics, and recommendations.
• Assist and support all internal and external data calls, requests, audits, compliance, and updates-ensuring accurate information and statuses are obtained and provided.
• Manage the policy inquiry / intake mailbox or policy help desk, tracking and resolving cybersecurity policy-related questions.
• Conduct internal and external policy research to support help desk policy inquiries using various sources and approved documentation.
• Review, interpret, create, edit and update cybersecurity policy documents utilizing the Agile methodology.
• Modify / update existing cybersecurity-related policies including Standard Operating Procedures (SOPs), Technical Standards (TSs), Management Directives (MDs), Cloud Computing Security Handbook (CCSH), TSA Forms, Open-Source Software (OSS) Guide, Sensitive Security Information (SSI) Program, Privacy Office document reviews, and related notification memos capturing summary of changes.
• Support the client in interpreting and implementing IT public policy initiatives.
• Assist with long-term strategy development, tracking legislation, and making policy recommendations.
• Review, interpret, edit, create, and update cybersecurity policy-related documents utilizing an Agile approach.
• Create new cybersecurity policy documents as needed to address identified gaps or changes stemming from EO's, OMB M's, NIST, DHS, or TSA mandates.
• Modify / update existing cybersecurity-related policy standard operating procedures (SOPs), technical standards (TSs), management directives (MDs), CCSH, TSA Forms, Open-Source Software (OSS) guide, SSI Program, and Privacy Office-related document reviews. Capture a summary of changes in related Notification Memos.
• Meet with customers often daily to relay progress and establish priorities.

Quality Assurance and Reporting

The IT SEC Policy Specialist SR is responsible for delivering high-quality outputs, ensuring that all deliverables meet or exceed the client's expectations and are completed on time.

Individual weekly status reports and corresponding briefings are required. These briefings should provide a concise overview and clarify all data in the weekly status report for both management and the government client. The weekly status report must reflect the following details :

Qualifications

Education and Certifications

Without a B.S. degree, a minimum of 10 years of IT cybersecurity experience including direct support for the US Government will be accepted

Clearance Level

Work Location

Hours of Operation