Mid Level Security Policy Specialist

SECURITY POLICY SPECIALIST - MID - LEVEL

MILITARY FRIENDLY & PREFERRED - HOH SPONSOR

Zermount Inc. is seeking a Security Policy Specialist, mid-level, to assist in interpreting and implementing IT policy initiatives. Typical support includes assistance with long-term strategy development, tracking legislation, and making policy recommendations. Meet with customer, often on a daily basis to relay progress and establish priorities.

Duties & Responsibilities

• Assist with reviewing and interpreting Executive Orders (EOs), OMB memos, Public Law (PL), DHS directives such as Binding Operational Directives (BODs), DHS Undersecretary Memos, NIST SPs, recommended best practices or other external source documents.
• Develop cybersecurity policy documents to address identified gaps or changes emanating from government mandates, as needed.
• Revise and enhance current IAD Cybersecurity Policy Team standard operating procedures (SOPs), technical standards (TSs), management directives (MDs), government forms, and Open-Source Software (OSS) guides, SSI Program and Privacy Office related document reviews, and related Notification Memos, as well as capturing summary of changes.
• Deliver individual weekly status reports and corresponding briefings . Weekly status report should reflect the following:
  • Weekly work accomplished
  • 2 weeks of ongoing and planned tasks
  • Risks, and issues impacting assigned tasks.
• Present, provide a concise overview, and clarify all data in the weekly status report to management and government client.

Qualifications

• 3 years of IT cybersecurity experience including direct support for the US Government and 2 years acting as an ISSO, assessor, policy or compliance analyst. 5 years is required if the candidate does not have a Bachelor's Degree.
• Knowledge of NIST Guidelines and FISMA Cybersecurity compliance requirements.
• Knowledge of and experience using relevant cybersecurity and analysis tools such as Archer, Nessus Security Center, Splunk, etc.
• Experience in writing and revising security policies and procedures.
• Experience communicating effectively, both oral and written, with technical, non-technical, and executive-level client.
• Must have the ability to effectively develop weekly status reports that are consistent, well structured, answer to all assigned management templates guidelines, align with the task area of support, and are relevant to the reporting period.
• Proficient in MS Suite, including PowerPoint and MS Project (and other MS tools as required by the management team).

Education

Bachelor preferable but professional experience is Permitted

• A relevant Bachelor's degree in IT, Computer Science or engineering with 3 years of IT cybersecurity experience including direct support for the US Government and 2 years acting as an ISSO, assessor, policy or compliance analyst OR
• 5 years minimum of IT Cybersecurity experience including direct support of the US government and 3 years acting as an ISSO, assessor, or compliance analyst.

Certifications and Training (Required)

A minimum of at least one of the following security certifications:

• Certified Authorization Professional (CAP)
• Certified Information Systems Security Officer (CISSO)
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)

Clearance Level

• Minimum of an active Secret Clearance.

Work Location

Remote; occasional onsite meetings at contractor site and TSA HQ in Springfield, Virginia.

Hours of Operation

• Business Hours: 8:00 am EST - 4:30 pm EST.