Steampunk - McLean, VA

posted about 2 months ago

Full-time - Mid Level
McLean, VA
Food Services and Drinking Places

About the position

As a Cybersecurity Policy Analyst at Steampunk, you will play a crucial role in shaping and implementing policies and procedures in the dynamic field of IT security and technology. This position is essential for ensuring that our agency effectively leverages technologies and tools while maintaining compliance with federal regulations and safeguarding sensitive information. You will collaborate with senior leaders and clients to develop enterprise policies, standards, and standard operating procedures that govern applications and technologies. Your expertise will help our partners navigate the complexities of technology and security, ensuring they have the necessary tools and knowledge to protect critical government assets and data. In this role, you will be responsible for creating comprehensive cybersecurity policies and guidelines that align with federal regulations, security standards, and best practices. You will monitor and ensure compliance with these policies, regulations, and standards, conducting thorough research and synthesizing information from various sources to prepare detailed reports, briefings, and presentations. Your contributions will ensure that policies are comprehensive, clear, and aligned with industry standards and regulatory requirements. You will also manage multiple projects and deadlines efficiently, demonstrating strong attention to detail and exceptional organizational skills. This includes setting goals, timelines, and tracking progress while understanding the legal and ethical implications of policies, particularly regarding user privacy, data protection, and artificial intelligence. Collaboration is key in this role, as you will work closely with IT teams, security teams, legal teams, and other relevant stakeholders to ensure that cybersecurity policies align with the organization's goals and security requirements. Your ability to hold a position of public trust with the US government is essential, and you will be expected to demonstrate a mission-driven, team-player mindset throughout your work.

Responsibilities

  • Help shape policies and procedures in IT security and technology.
  • Assist in the development of enterprise policies, standards, and standard operating procedures.
  • Collaborate with leadership and stakeholders to create comprehensive cybersecurity policies and guidelines.
  • Monitor and ensure compliance with policies, regulations, and standards.
  • Conduct research and synthesize information from various sources to prepare reports, briefings, and presentations.
  • Ensure policies are comprehensive, clear, and aligned with industry standards and regulatory requirements.
  • Contribute to discussions and planning sessions.
  • Manage multiple projects and deadlines efficiently with strong attention to detail.
  • Understand and share the legal and ethical implications of policies, especially regarding user privacy and data protection.
  • Work closely with IT, security, and legal teams to align cybersecurity policies with organizational goals.

Requirements

  • Ability to hold a position of public trust with the US government.
  • Master's Degree and 3 years of relevant experience in policy analysis, government relations, or related fields; OR Bachelor's Degree and 5 years of relevant experience; OR No degree and 9 years of relevant experience.
  • Possesses at least one professional certification relevant to the technical service provided.
  • Experience writing cybersecurity policies, technical standards, and standard operating procedures.
  • Experience applying cybersecurity and data protection frameworks and regulations such as NIST 800-53, HIPAA, GDPR, etc.
  • Demonstrated ability to independently strategize and implement cross-functional policy initiatives.
  • Strong project management skills including developing work plans, conducting resource planning, and managing stakeholder feedback.
  • Excellent written and verbal communication skills for conveying complex information clearly to diverse audiences.
  • Understanding of change management best practices and bridging gaps between policy and behavior change.
  • Knowledge of current and emerging cybersecurity and data protection risks.

Nice-to-haves

  • Demonstrated knowledge of a variety of IT concepts, practices, and procedures.
  • Experience implementing NIST controls.
  • Experience developing, updating, and managing policies for a federal organization, preferably DHS.

Benefits

  • Employee ownership structure
  • Opportunities for professional development
  • Flexible work environment
  • Health insurance coverage
  • 401k retirement plan
  • Paid time off and holidays
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service