Cybersecurity Policy Analyst - Active Top Secret Clearance

Riptide Technology is hiring a Cyber Policy Analyst – Top Secret clearance to support our government customer based in Springfield, VA. The position is required to be onsite and have an active TS/SCI clearance and the ability to obtain and maintain a Counterintelligence (CI) Polygraph. The Cybersecurity Policy Analyst is responsible for developing the Office of the Chief Information Officer (OCIO) Directorate's cybersecurity/technical plans, policies, and formal documents that ensure organizational compliance with statuses, Executive Orders, and other National and Departmental directives and instructions.

Responsibilities

• Developing, analyzing, maintaining, and improving the Directorate's cybersecurity policy, standards, and technical documentation.
• Assisting with compliance oversight through the management of cybersecurity metrics and development of required briefings and reports, such as FISMA compliance.
• Developing periodic and ad-hoc training materials to ensure workforce is informed of new and existing policies and practices.
• Maintaining the Directorate's SharePoint repository composed of formal OCIO policies and technical documentation.
• Conducting technical writing, editing, and formatting on technical documents across the OCIO.

Required Qualifications:

• 4 or more years of progressive, hands-on experience as a cybersecurity professional (e.g., cyber analyst, policy consultant, information system security officer, security controls assessors, incident responder, security operations center manager, penetration tester, security administrator, patch manager, cyber engineer, etc.).
• Demonstrated, hands-on proficiency and expertise in the following areas:
• Developing, evaluating, or proposing modifications to formal cybersecurity plans r policies based on National, IC, or DoD policies, directives, instructions, and/or standards.
• Developing formal technical documentation, such as workflow diagrams, procedures, user stories, SLAs, test plans, roadmaps, briefings, etc.
• Working with diverse stakeholders, prioritizing and assigning tasks, tracking and reporting statuses, and briefing senior leadership on progress.
• Ability to professionally format, finalize, and staff documentation for senior-level signature.
• Excellent written, verbal, communication, presentation, and training skills with the ability to articulate new ideas and concepts to technical and nontechnical audiences, as well we senior-level executives.
• Shall meet the Cybersecurity Workforce (CSWF) Requirement Cyber Policy and Strategy Planner (752) Intermediate Level for SECNAV M-5239.2 Compliance. (See Navy Cool Website).

Required Education and/or Certification:

• Education OR
• Bachelor’s degree in information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science from an accredited University.
• Certifications:
• Certified Information Security Manager (CISM); or
• Certified Chief Information Systems Officer (CCISO); or  
• Certified Advanced Security Professional (CASP+); or
• Certified Information Systems Security Professional (CISSP); or 
• Cisco Certified Network Associate (CCNA) Routing & Switching; or
• CompTIA Security+ CE; or
• GIAC Security Leadership (GSLC)

Security Clearance Requirements:

• This position will require U.S. citizenship and an active DoD TS/SCI clearance with the ability to obtain and maintain a Counterintelligence (CI) Polygraph.

Desired Qualifications:

• Experience administering or engineering secure Enterprise information systems in one or more of the following areas: endpoints, networks, servers, virtualization, storage, cybersecurity, cloud, or ITSM.
• Understanding and applying industry-standard DoD/IC cybersecurity policies, standards, and frameworks, such as MITRE ATT@CK, NIST, RMF, CMMC, etc.
• Familiarity with the ITIL Framework, Project Management Framework, IT Governance, Software Development Lifecycle, IT Operations Management and/or IT Service Management.
• Exposure to the ServiceNow platform and associated cybersecurity modules, such as CAM.
• Skills & Technology Used:
• Hands-on experience as a cybersecurity professional (e.g., cyber analyst, policy consultant, information system security officer, security controls assessors, incident responder, security operations center manager, penetration tester, security administrator, patch manager, cyber engineer, etc.).
• Strong communication, presentation, written, and interpersonal skills.

Riptide Technology, Inc. is an equal opportunity employer ensuring no employee or prospective employee will be discriminated against based on race, color, national origin, age, religion, disability status, gender, sexual orientation, gender identity, genetic information or marital status with regards to recruitment, hiring, upgrading, promotion or rehiring.