U.S. citizenship is required for this position due to Department of Defense restrictions.Our
Senior Security Policy Analyst is responsible for developing, implementing, and maintaining security policies, standards, and procedures while leveraging ServiceNow to streamline policy management, compliance tracking, and reporting. This Senior Analyst combines deep knowledge of cybersecurity frameworks with hands-on experience in governance, risk, and compliance (GRC) operations, and excels at clear communication and high-quality documentation, and actively supports security awareness and responsible AI initiatives.
Salary Range$90,000 ~ $115,000
The base pay offered for this position may vary within the posted range based on your job-related knowledge, skills, experience and
may fall outside of this range.Work LocationOur first consideration will be to have this employee be able to take advantage of Hybrid work and collaboration, living within the state of Wisconsin. Employees within 45 miles of WPS Headquarters (1717 W. Broadway in Madison, WI, 53713) will be expected to be able to work in office 3 days a week on a regular basis.How do I know this opportunity is right for me? If you: - Enjoy Developing, reviewing, and maintaining corporate security policies, standards, procedures, and guidelines in alignment with NIST CSF, regulatory requirements, and industry best practices.
- Would like to be accountable for integration and management of security policies, controls, and risk assessments within ServiceNow IRM and Managed Documents.
- Can conduct risk assessments, control evaluations, and gap analyses mapped to NIST CSF to support audit readiness and compliance initiatives.
- Like to collaborate with IT, Risk, Compliance, and Business teams to ensure policy adoption and awareness across the organization.
- Have created clear, concise, and actionable security documentation, including policies, procedures, guidance, and reports.
- Wan to monitor compliance with internal policies and external regulatory requirements, identifying gaps and driving remediation efforts.
- Like providing reports and analytics on policy adherence, exceptions, and trends using ServiceNow dashboards and workflows.
- Can serve as a subject matter expert on security governance, NIST CSF implementation, and risk management best practices.
- Would enjoy Mentor junior analysts and provide guidance on policy development, implementation, and ServiceNow utilization.
- Have developed security awareness training programs to educate employees on corporate security policies, procedures, and best practices.
- Can support AI governance awareness programs to inform employees about responsible AI use, ethical considerations, and regulatory requirements.
- Like to maintain and update training materials to reflect changes in policies, regulations, or emerging AI and cybersecurity threats.
- Have assessed and monitored third-party vendors to ensure compliance with company security policies and industry regulations.
Minimum Qualifications - U.S. citizenship is required for this position due to Department of Defense restrictions.
- Bachelor's degree in Computer Science, Information Systems, Cybersecurity, Network Security or related field or equivalent combination of education and experience.
- 5 or more years of experience in security policy, governance, risk, and compliance roles.
- Strong working knowledge of NIST CSF and AI governance principles, as well as other cybersecurity frameworks such as ISO 27001, CIS, or SOC 2.
- Strong knowledge and understanding of cloud security policies, configuration standards, and best practices for AWS, Azure, GCP, or SaaS applications in order to apply governance.
- Demonstrated experience with ServiceNow IRM modules, including policy, risk, audit, and compliance workflows.
- Ability to create clear, professional, and actionable security and risk governance documentation.
- Experience developing and delivering security awareness training programs.
- Excellent communication skills, capable of engaging both technical and non-technical stakeholders.
- Demonstrated experience in developing and implementing security policies and standards in a highly regulated environment.
- Strong analytical, organizational, and project management skills, with the ability to drive initiatives independently.
Preferred Qualifications - Familiarity with knowbe4 or other security awareness platform tools.
- Familiarity using AI to facilitate automated workflows.
Remote Work Requirements- High speed cable or fiber
- Minimum of 10 Mbps downstream and at least 1 Mbps upstream internet connection (can be checked at https://speedtest.net).
- Please review Remote Worker FAQs for additional information.
Benefits- Remote and hybrid work options available
- Performance bonus and/or merit increase opportunities
- 401(k) with a 100% match for the first 3% of your salary and a 50% match for the next 2% of your salary (100% vested immediately)
- Competitive paid time off
- Health insurance, dental insurance, and telehealth services start DAY 1
- Professional and Leadership Development Programs
- Review additional benefits: (https://www.wpshealthsolutions.com/careers/)
This position may from time to time provide support to federal health care programs and other governmental or regulated industries. In accordance with law and/or contractual requirements, individuals in this role are or may be subject to all applicable federal regulations, agency contract requirements, and WPS internal policies, including but not limited to standards for data security, privacy, confidentiality, and program integrity. WPS and its personnel are subject to mandatory enhanced screening and background investigation prior to being granted access to information systems and/or sensitive data in order to safeguard regulated information and government resources that provide critical services.
