Position Title: Senior Security Governance & Policy Analyst
Clearance: Top Secret/SCI
Location: On-site in a SCIF in the National Capital Region (NCR) - Nebraska Avenue Complex, Washington, DC (work locations transitioning to ICCB Bethesda / St. Elizabeths). Telework is not authorized; a designated Key Person must be available on-site during core hours.
Job Summary:Serves as the principal advisor on cybersecurity governance, policy, and compliance, translating Federal, DHS, and IC guidance into implementable frameworks. The SG&P SME will coordinate daily with CSD leadership and functional team leads across the organization relative to security governance and policy; Artificial Intelligence (AI), Zero Trust and cloud migration security policy initiatives supporting cloud service providers. The SG&P SME is responsible for information security governance of traditional datacenters, cloud platform-based systems and AI Large Language Model (LLM) governance.
Education and Experience:- Bachelor's degree in a computer related field or a minimum of 14 years equivalent job experience working in an enterprise infrastructure security and governance role. Master's degree preferred.
- Minimum of 10 years of technical policy experience.
- Experience working in classified or DHS/IC environments.
- Preferred Certifications: CISSP, CISM
Essential Duties: - Develop, review, and update cybersecurity policies, procedures, governance artifacts, and implementation guidance.
- Analyze and interpret Federal, DHS, IC, NIST, CNSSI, and DHS 4300A cybersecurity policies, directives, and standards.
- Review, analyze and manage Intelligence Community (IC) Directives (ICDs) and Intelligence Community Standards (ICSs); provide internal liaison support across functional areas, provide external liaison support to intelligence community risk management committee.
- Experience developing policies related to cloud service providers, experience with Amazon Web Services (AWS) is preferred.
- Develop overarching CSD AI policy in accordance with the NIST AI policy framework.
- Provide policy related guidance to leadership and functional team leads to support Risk Management Framework (RMF) tasks and activities.
- Support metrics and reporting to assess governance, policy, training, and compliance effectiveness.
- Coordinate with stakeholders and facilitate governance forums, including the CISO Forum, to align policies across DHS IE components.