Policy Security Analyst
Maveris is an IT and cybersecurity services company committed to helping organizations create secure digital solutions to accelerate their mission. We are Veteran-owned and proud to serve customers across the Federal Government and private sector. We have an opening for a full-time, permanent Policy Security Analyst to join our talented, dynamic team in support of a large Federal Government customer.
Veterans are encouraged to apply.
This program will support our Federal Government customer in establishing and maintaining a world-class information security policy program; ensuring Information Security (IS) policy documentation complies with federal laws, regulations, standards, and guidance. In addition to supporting policy definition, stakeholder roles and responsibilities, and establishing an overarching policy governance program, assignments may include assistance in the creation and revision of organizational policies, standards, guidance, procedures, and memoranda.
Duties
As a Policy Security Analyst (Policy) supporting Maveris programs, you will be trusted to support the client in the research, development, and maintenance of information security policies. In this role, a typical day will include:
- Review, analyze, and recommend changes to existing information security policy documents based on research into current and evolving Federal information security policy requirements.
- Review and analyze consistency between client policy under development and information security policy under development by NIST and OMB and recommend updates and changes as needed.
- Create and maintain a weekly Project Schedule for all policies under development.
- Assist in developing New Policy Announcements to be distributed to the ISO community through the Knowledge Service.
- Assist in the development of new Cybersecurity Policy as necessary based upon NIST, OMB, and other Federal guidelines. When applicable, ensure such policy is developed in concert with Department of Defense policy to continue support of seamless operations.
- Assist in maintaining client’s electronic policy repository.
- Provide expertise for information security training classes as they pertain to cybersecurity policy.
- Develop other policy and guidance documentation, such as standard operating procedures, memoranda, and guideline documents for use by the field in understanding and implementing client’s cybersecurity policy.
- Periodically review client’s directives management site to ensure new policies issued by other organizations do not conflict with existing and developing cybersecurity policy.
- As necessary, develop policy clarification documents to provide more information to field staff for policy implementation.
- Develop a Client’s Policy Report which reviews and crosswalks client security policy to Federal laws, regulations and guidelines to demonstrate client covers all Federal requirements in policy.
- Collect all new Federal Information Security Policy, Standards, and Guidance documents as they are released and upload a version of the document to a document library on the OIS Knowledge Service.
- Conduct reviews (annually) of all published client’s information security policy for accuracy and compliance with new requirements and update the Policy Tracker mechanism.
Requirements
- Bachelor's degree in computer science, electronics engineering or other engineering or technical discipline is required
- 5 years experience required
- 8 years of additional experience may be substituted for education
- Professional certification (e.g. CompTIA Security+, CISSP) is a plus
- Solid knowledge of NIST RMF, SP 800 series, and national data protection laws such as FISMA
- Exceptional written and verbal communication skills
- Strong planning and time management skills
- Self-starter who meets and exceeds deadlines and takes initiative
- Detail orientated with strong organizational skills
- Excellent computer skills
- Ability to work collaboratively with a team of peers
- Active Public Trust Security Clearance or ability to obtain one
Benefits
Maveris attracts and retains talent of the highest caliber by offering opportunities to work in exciting and challenging environments surrounded by bright minds. Our employees are our most prized asset and are rewarded with highly competitive compensation and a top-tier benefits package, including:
- 401(k) with company match
- Dental Insurance
- Health Insurance
- Vision Insurance
- Life Insurance
- Paid Time Off
About Maveris
Maveris offers exceptional, mission-focused, solutions to organizations facing highly complex IT, digital, and cybersecurity challenges. Our success is achieved by maintaining an environment of trust where people are encouraged to reach their fullest potential. Every candidate that applies to Maveris brings something unique to the table, and because our team is diverse, we consistently meet our goals and exceed client expectations. If you are a highly-motivated person with a willingness to learn, we invite you to apply today to join our team!
To learn more about employee benefits visit www.maveris.com.For company updates and the latest job postings check us out on LinkedIn.If you'd like to read about some of our research and projects head over to Maveris Labs.Want a more behind the scenes view? Check out our blog Maveris Insights to learn more about the team behind the solutions.