Cybersecurity Policy Analyst
Posted 6 days ago by 1757045121
Negotiable
Outside
Remote
USA
Summary: The Cybersecurity Policy Analyst role focuses on policy analysis and mapping to ensure alignment with regulatory frameworks and organizational standards. The position involves collaborating with stakeholders to validate policy requirements and support change management processes. The analyst will also be responsible for drafting clear policies and translating complex cybersecurity concepts for diverse audiences. This is a long-term remote contract position with potential extensions.
Key Responsibilities:
- Review and map existing policies to ensure alignment with the Common Control Framework (CCF), traceability matrix, and organization standards.
- Identify gaps for current policies and build a repeatable process for new policies that will meet regulatory and business requirements.
- Collaborate with stakeholders to gather, document, and validate policy requirements while challenging accuracy and validity of policy statement.
- Support change management processes for policy and standard updates.
Key Skills:
- Draft clear, digestible policies and standards that are accessible to both technical and non-technical audiences.
- Translate complex cybersecurity concepts into easily understandable language for various audiences.
- Create and maintain cybersecurity knowledge articles and documentation.
- Partner with security teams to ensure accuracy and consistency in cyber technical content.
- Strong understanding of cybersecurity regulations and frameworks such as NIST 800-53 and NIST CSF.
- Strong understanding of cybersecurity frameworks and policy lifecycle management.
- Excellent written and verbal communication skills, with the ability to simplify technical language.
- Ability to assess policy gaps and align documentation with strategic goals.
- High accuracy in documentation, policy mapping, gap analysis.
- Ability to identify problems and develop effective solutions.
Salary (Rate): undetermined
City: undetermined
Country: USA
Working Arrangements: remote
IR35 Status: outside IR35
Seniority Level: undetermined
Industry: Other
Detailed Description From Employer:
Job Title: Cybersecurity Policy Analyst
Location: 100% Remote
Duration: 1+ year Longterm contract with possible extensions
Duties: Policy Analysis & Mapping
- Review and map existing policies to ensure alignment with the Common Control Framework (CCF), traceability matrix, and organization standards.
- Identify gaps for current policies and build a repeatable process for new policies that will meet regulatory and business requirements.
- Collaborate with stakeholders to gather, document, and validate policy requirements while challenging accuracy and validity of policy statement.
- Support change management processes for policy and standard updates.
Skills: Technical Writing & Communication
- Draft clear, digestible policies and standards that are accessible to both technical and non-technical audiences.
- Translate complex cybersecurity concepts into easily understandable language for various audiences.
- Create and maintain cybersecurity knowledge articles and documentation.
- Partner with security teams to ensure accuracy and consistency in cyber technical content.
- Strong understanding of cybersecurity regulations and frameworks such as NIST 800-53 and NIST CSF,
Skills
- Policy & Standards Expertise: Strong understanding of cybersecurity frameworks and policy lifecycle management.
- Communication: Excellent written and verbal communication skills, with the ability to simplify technical language.
- Analytical Thinking: Ability to assess policy gaps and align documentation with strategic goals.
- Detail-Oriented: High accuracy in documentation, policy mapping, gap analysis.
- Problem-Solving: Ability to identify problems and develop effective solutions.