IT SECURITY POLICY SPECIALISTMILITARY FRIENDLY PREFERRED - HOH SPONSORZermount Inc. is seeking a Cybersecurity Policy Specialist, to assist in interpreting and implementing IT policy initiatives. Typical support includes assistance with long-term strategy development, tracking legislation, and making policy recommendations. Meet with customer, often on a daily basis to relay progress and establish priorities.DUTIES RESPONSIBILITIESAssist with reviewing and interpreting Executive Orders (EOs), OMB memos, Public Law (PL), DHS directives such as Binding Operational Directives (BODs), DHS Undersecretary Memos, NIST SPs, recommended best practices or other external source documents. Develop cybersecurity policy documents to address identified gaps or changes emanating from government mandates, as needed. Revise and enhance current IAD Cybersecurity Policy Team standard operating procedures (SOPs), technical standards (TSs), management directives (MDs), government forms, and Open-Source Software (OSS) guides, SSI Program and Privacy Office related document reviews, and related Notification Memos, as well as capturing summary of changes.Deliver individual weekly status reports and corresponding briefings . Weekly status report should reflect the following:Weekly work accomplished2 weeks of ongoing and planned tasksRisks, and issues impacting assigned tasks.Present, provide a concise overview, and clarify all data in the weekly status report to management and government client. QUALIFICATIONSMinimum of 7 years of IT cybersecurity experience including direct support for the US Government AND 4 years acting as an ISSO, Assessor, or Compliance Analyst; ORA relevant Bachelor's Degree in IT, Computer Science or Engineering AND 5 years' of IT cybersecurity experience including direct support for the US Government OR 4 years acting as an ISSO, assessor, or compliance analystKnowledge of NIST Guidelines and FISMA Cybersecurity compliance requirements. Knowledge of and experience using relevant cybersecurity and analysis tools such as Archer, Nessus Security Center, Splunk, etc. Experience in writing and revising security policies and procedures.Experience communicating effectively, both oral and written, with technical, non-technical, and executive-level client. Must have the ability to effectively develop weekly status reports that are consistent, well structured, answer to all assigned management templates guidelines, align with the task area of support, and are relevant to the reporting period. Proficient in MS Suite, including PowerPoint and MS Project (and other MS tools as required by the management team). EDUCATIONBachelor preferable but professional experience is PermittedA relevant Bachelor's degree in IT, Computer Science or Engineering with 5 years of IT cybersecurity experience including direct support for the US Government OR A relevant degree and 4 years acting as an ISSO, Assessor, Policy or Compliance Analyst; OR7 years minimum of IT Cybersecurity experience including direct support of the US government AND 4 years acting as an ISSO, Assessor, or Compliance Analyst.CERTIFICATIONS (Required)A minimum of at least one of the following security certifications:Certified Authorization Professional (CAP)Certified Information Systems Security Officer (CISSO)Certified Information Security Manager (CISM)Certified Information Systems Security Professional (CISSP)CLEARANCEMinimum of an active Secret Clearance.WORK LOCATIONRemote; occasional onsite meetings at contractor site and TSA HQ in Springfield, Virginia.HOURS OF OPERATIONBusiness Hours: 8:00 am EST - 4:30 pm EST.
