Cyber Security Policy Analyst

Inmar - Winston-Salem, NC

posted about 1 month ago

Full-time - Mid Level
Winston-Salem, NC
Wholesale Trade Agents and Brokers

About the position

Inmar Intelligence is seeking a skilled and detail-oriented Security Policy Analyst to join our team. The successful candidate will be responsible for the development, implementation, and management of security policies across our organization. This role requires a deep understanding of policy development, lifecycle management, and policy exception management, as well as the ability to coordinate with stakeholders and ensure regulatory and risk alignment.

Responsibilities

  • Maintain a catalog of organizational security policies with mapping to requisite security controls.
  • Ensure standardized policy structures and compositional elements, including verbiage and voice.
  • Conduct stakeholder identification and coordination for covered security control topics and functions.
  • Ensure business and culture alignment with derived policies.
  • Work with stakeholders to develop, review, and update security policies, standards, and procedures.
  • Manage the policy lifecycle, including drafting, approval, publication, and retirement of policies.
  • Ensure all policies are up-to-date with current industry standards and regulatory requirements.
  • Conduct regular assessments and audits to verify policy compliance.
  • Collaborate with various departments to ensure successful implementation of security policies.
  • Provide training and awareness programs to educate staff on policy requirements and compliance.
  • Assist in the integration of security policies into business processes and systems.
  • Work with compliance functions to monitor and enforce adherence to security policies across the organization.
  • Develop and implement tools and processes for effective policy enforcement.
  • Manage the process for granting and documenting exceptions to security policies.
  • Assess and approve exception requests, ensuring they are justified and aligned with risk management strategies.
  • Monitor and review approved exceptions periodically to ensure they remain valid.
  • Establish and monitor the progress of Plans of Action and Milestone (POAMs) documents associated with security policy exceptions.
  • Report on the status of POAMs to senior management and stakeholders.
  • Ensure security policies align with relevant regulatory requirements and industry standards (e.g., NIST CSF, HIPAA, PCI).
  • Coordinate with Risk Management to develop and implement strategies to mitigate identified risks.

Requirements

  • Bachelor of Science Degree in Computer Science, or a Bachelor of Arts Degree in a related technical field.
  • 3 - 5 years of experience in security policy management or a related role.
  • Strong understanding of information security principles, frameworks, and regulations.
  • Excellent writing, analytical, problem-solving, and communication skills.
  • Ability to work independently and collaboratively in a team environment.
  • Professional certifications such as GSTRT, CISSP, CISM, or CISA are preferred.

Nice-to-haves

  • Experience with NIST standards
  • Knowledge of PCI compliance
  • Familiarity with HIPAA regulations

Benefits

  • Competitive salary
  • Health insurance
  • 401k plan
  • Paid time off
  • Professional development opportunities

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service