Overview

We are seeking a highly skilled and detail-oriented Cybersecurity Policy Analyst to join our cybersecurity team. In this role, you will be responsible for developing, analyzing, and maintaining security policies that align with industry standards and organizational objectives. Your expertise will ensure that our cybersecurity framework complies with relevant regulations and best practices, supporting the protection of critical information assets. The ideal candidate will possess a comprehensive understanding of computer networking, security protocols, and policy frameworks to drive continuous improvement in our security posture.

Duties

Develop, review, and update cybersecurity policies in accordance with NIST standards, ISO 27000 series, and other relevant frameworks to ensure compliance and effectiveness.
Conduct vulnerability assessments and risk analyses to identify potential threats within IT infrastructure, including LAN, WAN, SAN, and cloud environments.
Collaborate with network engineering teams to implement security controls such as firewalls (Cisco ASA), IDS/IPS systems, VPNs, and SIEM solutions for threat detection and response.
Support incident response activities by analyzing security incidents, coordinating recovery efforts, and documenting lessons learned to enhance incident management processes.
Perform regular security audits and system security plan reviews to verify adherence to established policies and standards.
Provide guidance on system hardening practices for operating systems like Debian, CentOS, Ubuntu, macOS, Windows, and openSUSE.
Assist in the development of system security plans incorporating encryption protocols (PKI), access management (LDAP, RBAC), and identity verification methods.
Monitor network traffic using tools such as SolarWinds or Splunk for threat detection & response; analyze logs for suspicious activity.
Support vulnerability research initiatives by evaluating emerging threats related to IoT devices, cloud infrastructure (AWS, Azure), and virtualization platforms (VMware vSphere).
Contribute to the creation of comprehensive cybersecurity documentation including incident management procedures, disaster recovery plans, and compliance reports.

Experience

Proven experience in cybersecurity policy development or analysis within a complex IT environment.
Strong knowledge of computer networking concepts including TCP/IP, routing protocols (OSPF, BGP), network architecture, LAN/WAN design.
Hands-on experience with network security devices such as Cisco routers/switches, firewalls (Cisco ASA), IDS/IPS systems.
Familiarity with industry standards like FISMA, FedRAMP, PCI DSS; understanding of regulatory compliance requirements across different jurisdictions.
Proficiency in using security tools such as SIEM platforms (Splunk), log analysis software (Fiddler), vulnerability assessment tools (Nessus).
Background in system administration across various operating systems including Linux distributions (Debian, CentOS), Windows Server environments.
Knowledge of cloud computing platforms (AWS, Google Cloud Platform) and associated security best practices.
Experience with scripting languages such as Python or Bash for automation tasks related to security monitoring or policy enforcement.
Understanding of risk management frameworks like RMF or COBIT; ability to translate technical findings into actionable policy recommendations.
Excellent communication skills to effectively collaborate with cross-functional teams including network support, system administrators, and executive leadership. This position offers an opportunity to influence organizational cybersecurity strategies through policy development while working within a dynamic environment committed to safeguarding information assets worldwide. We welcome applicants who are passionate about advancing their careers in cybersecurity policy analysis and making a tangible impact on organizational resilience.

#AC1

Pay: $70,703.16 - $90,029.62 per year

Experience

Cybersecurity: 2 years (Required)
NIST standards: 2 years (Required)

License/Certification:

CompTIA Security+ (Required)

Security clearance:

Secret (Required)

Work Location: In person

Overview

Duties

Develop, review, and update cybersecurity policies in accordance with NIST standards, ISO 27000 series, and other relevant frameworks to ensure compliance and effectiveness.
Conduct vulnerability assessments and risk analyses to identify potential threats within IT infrastructure, including LAN, WAN, SAN, and cloud environments.
Collaborate with network engineering teams to implement security controls such as firewalls (Cisco ASA), IDS/IPS systems, VPNs, and SIEM solutions for threat detection and response.
Support incident response activities by analyzing security incidents, coordinating recovery efforts, and documenting lessons learned to enhance incident management processes.
Perform regular security audits and system security plan reviews to verify adherence to established policies and standards.
Provide guidance on system hardening practices for operating systems like Debian, CentOS, Ubuntu, macOS, Windows, and openSUSE.
Assist in the development of system security plans incorporating encryption protocols (PKI), access management (LDAP, RBAC), and identity verification methods.
Monitor network traffic using tools such as SolarWinds or Splunk for threat detection & response; analyze logs for suspicious activity.
Support vulnerability research initiatives by evaluating emerging threats related to IoT devices, cloud infrastructure (AWS, Azure), and virtualization platforms (VMware vSphere).
Contribute to the creation of comprehensive cybersecurity documentation including incident management procedures, disaster recovery plans, and compliance reports.

Experience

Proven experience in cybersecurity policy development or analysis within a complex IT environment.
Strong knowledge of computer networking concepts including TCP/IP, routing protocols (OSPF, BGP), network architecture, LAN/WAN design.
Hands-on experience with network security devices such as Cisco routers/switches, firewalls (Cisco ASA), IDS/IPS systems.
Familiarity with industry standards like FISMA, FedRAMP, PCI DSS; understanding of regulatory compliance requirements across different jurisdictions.
Proficiency in using security tools such as SIEM platforms (Splunk), log analysis software (Fiddler), vulnerability assessment tools (Nessus).
Background in system administration across various operating systems including Linux distributions (Debian, CentOS), Windows Server environments.
Knowledge of cloud computing platforms (AWS, Google Cloud Platform) and associated security best practices.
Experience with scripting languages such as Python or Bash for automation tasks related to security monitoring or policy enforcement.
Understanding of risk management frameworks like RMF or COBIT; ability to translate technical findings into actionable policy recommendations.
Excellent communication skills to effectively collaborate with cross-functional teams including network support, system administrators, and executive leadership. This position offers an opportunity to influence organizational cybersecurity strategies through policy development while working within a dynamic environment committed to safeguarding information assets worldwide. We welcome applicants who are passionate about advancing their careers in cybersecurity policy analysis and making a tangible impact on organizational resilience.

#AC1

Pay: $70,703.16 - $90,029.62 per year

Experience

Cybersecurity: 2 years (Required)
NIST standards: 2 years (Required)

License/Certification:

CompTIA Security+ (Required)

Security clearance:

Secret (Required)

Work Location: In person

Cybersecurity Policy Analyst

Resume Keywords to Include

Job Description

Overview

Duties

Experience

Experience

Want AI-powered job matching?

Loading jobs…

Cybersecurity Policy Analyst

Resume Keywords to Include

Job Description

Overview

Duties

Experience

Experience

Similar Jobs

Want AI-powered job matching?

Similar Jobs

Salary Context