Senior Security Governance & Policy Analyst

OneZero Solutions

$100K — $130K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in computer-related field or 14 years equivalent experience in enterprise security governance.
  • 10 years of technical policy experience in cybersecurity.
  • Experience in classified or DHS/IC environments.
  • Preferred certifications include CISSP and CISM.
  • Master's degree preferred.

Responsibilities

  • Develop, review, and update cybersecurity policies and procedures.
  • Analyze and interpret cybersecurity policies from Federal, DHS, and IC sources.
  • Manage and review Intelligence Community directives and standards.
  • Develop policies for cloud service providers, preferably with AWS.
  • Create CSD AI policy aligned with NIST AI framework.
  • Provide guidance to leadership on Risk Management Framework tasks.
  • Support metrics and reporting for governance and compliance effectiveness.
  • Facilitate governance forums to align policies across DHS components.

Benefits

  • Work on-site in a secure and collaborative environment.
  • Direct involvement in high-stakes governance and policy initiatives.
  • Opportunity to influence cybersecurity for cloud and AI technologies.
  • Engagement with senior leadership and intelligence community peers.
  • Potential for professional development through advanced certification opportunities.
Full Job Description
Position Title: Senior Security Governance & Policy Analyst

Clearance: Top Secret/SCI

Location: On-site in a SCIF in the National Capital Region (NCR) - Nebraska Avenue Complex, Washington, DC (work locations transitioning to ICCB Bethesda / St. Elizabeths). Telework is not authorized; a designated Key Person must be available on-site during core hours.

Job Summary:

Serves as the principal advisor on cybersecurity governance, policy, and compliance, translating Federal, DHS, and IC guidance into implementable frameworks. The SG&P SME will coordinate daily with CSD leadership and functional team leads across the organization relative to security governance and policy; Artificial Intelligence (AI), Zero Trust and cloud migration security policy initiatives supporting cloud service providers. The SG&P SME is responsible for information security governance of traditional datacenters, cloud platform-based systems and AI Large Language Model (LLM) governance.

Education and Experience:
  • Bachelor's degree in a computer related field or a minimum of 14 years equivalent job experience working in an enterprise infrastructure security and governance role. Master's degree preferred.
  • Minimum of 10 years of technical policy experience.
  • Experience working in classified or DHS/IC environments.
  • Preferred Certifications: CISSP, CISM

Essential Duties:
  • Develop, review, and update cybersecurity policies, procedures, governance artifacts, and implementation guidance.
  • Analyze and interpret Federal, DHS, IC, NIST, CNSSI, and DHS 4300A cybersecurity policies, directives, and standards.
  • Review, analyze and manage Intelligence Community (IC) Directives (ICDs) and Intelligence Community Standards (ICSs); provide internal liaison support across functional areas, provide external liaison support to intelligence community risk management committee.
  • Experience developing policies related to cloud service providers, experience with Amazon Web Services (AWS) is preferred.
  • Develop overarching CSD AI policy in accordance with the NIST AI policy framework.
  • Provide policy related guidance to leadership and functional team leads to support Risk Management Framework (RMF) tasks and activities.
  • Support metrics and reporting to assess governance, policy, training, and compliance effectiveness.
  • Coordinate with stakeholders and facilitate governance forums, including the CISO Forum, to align policies across DHS IE components.

Similar Jobs

More Jobs at OneZero Solutions

More Information Technology Jobs

Find similar Senior Security Governance & Policy Analyst jobs: