Cybersecurity Policy Analyst

AGE Solutions is looking for a Cybersecurity Policy Analyst to leads the review, consolidation, and development of cybersecurity policies in alignment with government standards. Ensures that these policies strike a balance between security imperatives and operational efficiency. Regularly briefs senior management on the evolution, updates, and progress of cybersecurity initiatives, fostering an informed and proactive leadership approach.

Responsibilities Include:

• Develop, refine, and integrate cybersecurity policies and governance frameworks in accordance with government requirements while supporting organizational security objectives and operational effectiveness.
• Maintain, update, and improve Cyber Security Service Provider (CSSP) processes, policies, and procedures with an emphasis on enterprise-level incident response operations supporting the government work environment.
• Conduct ongoing assessments and revisions of the government's Cyber Security Standard Operating Procedures (SOPs) and Tactics, Techniques, and Procedures (TTPs) to ensure alignment with evolving operational requirements, cybersecurity standards, and organizational objectives.
• Monitor, assess, and validate compliance within the government's cybersecurity directives, standards, and regulatory requirements to support secure and compliant enterprise operations.
• Support government adherence to Cyber Defense directives through the coordination, tracking, and validation of recurring and long-term cybersecurity compliance requirements and implementation efforts.
• Coordinate the distribution and communication of critical cybersecurity and compliance-related information to support organizational reporting, validation efforts, and regulatory requirements.
• Support preparation activities for Cyber Security Service Provider (CSSP) evaluations, audits, and performance assessments while assisting with compliance validation against established cybersecurity metrics and standards.
• Compile, analyze, and report on Cyber Security Service Provider (CSSP) artifacts, inspection data, and performance metrics to support cybersecurity assessments, compliance initiatives, and organizational reporting requirements.
• Support the coordination, planning, and execution of cybersecurity exercises, including tabletop and operational readiness activities, for government programs, systems, and enterprise applications to strengthen incident response and security preparedness capabilities.
• Develop post-exercise reports and documentation, including after-action reviews and lessons learned, to support continuous improvement of cybersecurity readiness, response procedures, and operational effectiveness.
• Provide support to government programs and enterprise applications in the development, coordination, and maintenance of Risk Management Framework (RMF) packages to support cybersecurity authorization and compliance requirements.
• Assist government personnel with preparation activities for Cyber Security Service Provider (CSSP) evaluations, cybersecurity inspections, and compliance audits to support operational readiness and regulatory adherence.
• Coordinate the collection, organization, and compilation of cybersecurity data and supporting documentation for Cyber Security Service Provider (CSSP) metrics, assessments, and reporting requirements.
• Prepare, maintain, and update cybersecurity training materials to support the implementation and transition of incident response and analysis procedures for government system administrators, information assurance personnel, and incident response teams.
• Conduct and facilitate cybersecurity training sessions in both classroom and virtual environments, including delivery through video teleconference platforms to support distributed personnel and operational requirements.
• Provide executive-level briefings to senior leadership on cybersecurity policy updates, implementation progress, compliance status, and emerging security requirements impacting organizational operations.
• Provide technical guidance and subject matter expertise in the development, maintenance, evaluation, and review of cybersecurity policies in accordance with government standards and requirements.
• Maintain comprehensive knowledge of government cybersecurity principles, policies, procedures, and implementation frameworks to support secure operations while balancing organizational and mission-critical operational requirements.

Required Skills, Qualifications, and Experience:

• Experience:
  
  
  
  • Minimum of seven (7) years of relevant cybersecurity policy experience.
  
  
  
  
• Security Clearance:
  
  
  
  • DoD Top Secret Clearance with SCI eligibility and IT-I access.
  
  
  
  
• Certifications:
  
  
  
  • DoD 8570 IAT Level II Certification or higher (one of the following):
    
    
    
    • CompTIA Security+ CE
    • CompTIA Cybersecurity Analyst (CySA+)
    • Systems Security Certified Practitioner (SSCP)
    • GIAC Security Essentials Certification (GSEC)
    • Cisco Certified Network Associate (CCNA)
    • Global Industrial Cyber Security Professional (GICSP).
    
    
    
    
  • Computing Environment Certification - DoD 8570 CSSP (one of the following):
    
    
    
    • Certified Ethical Hacker (CEH)
    • CompTIA Cybersecurity Analyst (CySA+)
    • GIAC Certified Incident Handler (GCIH)
    • Certified Information Systems Auditor (CISA)
    • GIAC Systems and Network Auditor (GSNA)
    • Certified SCADA Security Architect (SCYBER)
    • GIAC Certified Forensic Analyst (GCFA)
    • CyberSec First Responder (CFR).
    
    
    
    
  
  
  
  

The projected salary range for this position is $90,000+ annually. Final compensation will be determined based on factors including years of relevant experience, active security clearance level, certifications, technical skillset, contract requirements, and overall qualifications.